2002-10-19 Werner Koch <wk@gnupg.org>
- * configure.ac: Bumped version number to 1.9.0-cvs.
+ * configure.ac: Bumped version number to GnuPG 1.9.0-cvs.
NewPG (Aegypten project) to GnuPG merge.
2002-09-20 Werner Koch <wk@gnupg.org>
- Released 0.9.2.
+ Released NewPG 0.9.2.
2002-09-05 Neal H. Walfield <neal@g10code.de>
2002-08-23 Werner Koch <wk@gnupg.org>
- Released 0.9.1.
+ Released NewPG 0.9.1.
* acinclude.m4 (AM_PATH_LIBGCRYPT): Updated from Libgcrypt.
(AM_PATH_OPENSC): Strip non-digits from the micro version.
2002-08-21 Werner Koch <wk@gnupg.org>
- Released 0.9.0.
+ Released NewPG 0.9.0.
* configure.ac: Changed the default homedir to .gnupg.
* README-alpha: Removed.
2002-08-10 Werner Koch <wk@gnupg.org>
- Released 0.3.10.
+ Released NewPG 0.3.10.
* configure.ac (NEED_LIBKSBA_VERSION): Require 0.4.4. Add support
for gettext.
2002-07-01 Werner Koch <wk@gnupg.org>
- Released 0.3.9.
+ Released NewPG 0.3.9.
* README: Short note on how to export in pkcs-12 format.
2002-06-25 Werner Koch <wk@gnupg.org>
- Released 0.3.8.
+ Released NewPG 0.3.8.
* configure.ac (NEED_LIBGCRYPT_VERSION): Set to 1.1.8.
2002-06-04 Werner Koch <wk@gnupg.org>
- Released 0.3.7.
+ Released NewPG 0.3.7.
2002-05-21 Werner Koch <wk@gnupg.org>
2002-05-03 Werner Koch <wk@gnupg.org>
- Released 0.3.6.
+ Released NewPG 0.3.6.
2002-04-25 Werner Koch <wk@gnupg.org>
2002-04-15 Werner Koch <wk@gnupg.org>
- Released 0.3.5.
+ Released NewPG 0.3.5.
* NEWS: Started to describe release notes.
2002-04-01 Werner Koch <wk@gnupg.org>
- Released 0.3.4.
+ Released NewPG 0.3.4.
2002-03-18 Werner Koch <wk@gnupg.org>
- Released 0.3.3.
+ Released NewPG 0.3.3.
2002-03-08 Werner Koch <wk@gnupg.org>
2002-03-06 Werner Koch <wk@gnupg.org>
- Released 0.3.2.
+ Released NewPG 0.3.2.
2002-03-04 Werner Koch <wk@gnupg.org>
- Released 0.3.1.
+ Released NewPG 0.3.1.
* README: Explained some options and files.
2002-02-07 Werner Koch <wk@gnupg.org>
- Released 0.3.0.
+ Released NewPG 0.3.0.
* configure.ac: Require libgcrypt 1.1.6.
2001-12-18 Werner Koch <wk@gnupg.org>
- Released 0.0.0.
+ Released NewPG 0.0.0.
2001-12-17 Werner Koch <wk@gnupg.org>
+Noteworthy changes in version 2.1.6 (2015-07-01)
+------------------------------------------------
+
+ * agent: New option --verify for the PASSWD command.
+
+ * gpgsm: Add command option "offline" as an alternative to
+ --disable-dirmngr.
+
+ * gpg: Do not prompt multiple times for a password in pinentry
+ loopback mode.
+
+ * Allow the use of debug category names with --debug.
+
+ * Using gpg-agent and gpg/gpgsm with different locales will now show
+ the correct translations in Pinentry.
+
+ * gpg: Improve speed of --list-sigs and --check-sigs.
+
+ * gpg: Make --list-options show-sig-subpackets work again.
+
+ * gpg: Fix an export problem for old keyrings with PGP-2 keys.
+
+ * scd: Support PIN-pads on more readers.
+
+ * dirmngr: Properly cleanup zombie LDAP helper processes and avoid
+ hangs on dirmngr shutdown.
+
+ * Various other bug fixes.
+
+
Noteworthy changes in version 2.1.5 (2015-06-11)
------------------------------------------------
debug-level keywords.
+Version 2.0.28 (2015-06-02)
+Version 2.0.27 (2015-02-18)
+Version 2.0.26 (2014-08-12)
+Version 2.0.25 (2014-06-30)
+Version 2.0.24 (2014-06-24)
+Version 2.0.23 (2014-06-03)
+Version 2.0.22 (2013-10-04)
+Version 2.0.21 (2013-08-19)
+Version 2.0.20 (2013-05-10)
+Version 2.0.19 (2012-03-27)
+Version 2.0.18 (2011-08-04)
+Version 2.0.17 (2011-01-13)
+Version 2.0.16 (2010-07-19)
+Version 2.0.15 (2010-03-09)
+Version 2.0.14 (2009-12-21)
+
+
Noteworthy changes in version 2.0.13 (2009-09-04)
-------------------------------------------------
development branch.
- Copyright 2002, 2003, 2004, 2005, 2006, 2007,
- 2008, 2009, 2010, 2011 Free Software Foundation, Inc.
+Version 1.4.19 (2015-02-27)
+Version 1.4.18 (2014-06-30)
+Version 1.4.17 (2014-06-23)
+Version 1.4.16 (2013-12-18)
+Version 1.4.15 (2013-10-04)
+Version 1.4.14 (2013-07-25)
+Version 1.4.13 (2012-12-20)
+Version 1.4.12 (2012-01-30)
+Version 1.4.11 (2010-10-18)
+Version 1.4.10 (2009-09-02)
+Version 1.4.9 (2008-03-26)
+Version 1.4.8 (2007-12-20)
+Version 1.4.7 (2007-03-05)
+Version 1.4.6 (2006-12-06)
+Version 1.4.5 (2006-08-01)
+Version 1.4.4 (2006-06-25)
+Version 1.4.3 (2006-04-03)
+Version 1.4.2 (2005-07-26)
+Version 1.4.1 (2005-03-15)
+Version 1.4.0 (2004-12-16)
+
+
+Noteworthy changes in version 1.3.2 (2003-05-27)
+------------------------------------------------
+
+ * New "--gnupg" option (set by default) that disables --openpgp,
+ and the various --pgpX emulation options. This replaces
+ --no-openpgp, and --no-pgpX, and also means that GnuPG has
+ finally grown a --gnupg option to make GnuPG act like GnuPG.
+
+ * A bug in key validation has been fixed. This bug only affects
+ keys with more than one user ID (photo IDs do not count here),
+ and results in all user IDs on a given key being treated with
+ the validity of the most-valid user ID on that key.
+
+ * Notation names that do not contain a '@' are no longer allowed
+ unless --expert is set. This is to help prevent pollution of
+ the (as yet unused) IETF notation namespace.
+
+ * Multiple trust models are now supported via the --trust-model
+ option. The options are "pgp" (web-of-trust plus trust
+ signatures), "classic" (web-of-trust only), and "always"
+ (identical to the --always-trust option).
+
+ * The --personal-{cipher|digest|compression}-preferences are now
+ consulted to get default algorithms before resorting to the
+ last-ditch defaults of --s2k-cipher-algo, SHA1, and ZIP
+ respectively. This allows a user to set algorithms to use in a
+ safe manner so they are used when legal to do so, without
+ forcing them on for all messages.
+
+ * New --primary-keyring option to designate the keyring that the
+ user wants new keys imported into.
+
+ * --s2k-digest-algo is now used for all password mangling.
+ Earlier versions used both --s2k-digest-algo and --digest-algo
+ for passphrase mangling.
+
+ * Handling of --hidden-recipient or --throw-keyid messages is now
+ easier - the user only needs to give their passphrase once, and
+ GnuPG will try it against all of the available secret keys.
+
+ * Care is taken to prevent compiler optimization from removing
+ memory wiping code.
+
+ * New option --no-mangle-dos-filenames so that filenames are not
+ truncated in the W32 version.
+
+ * A "convert-from-106" script has been added. This is a simple
+ script that automates the conversion from a 1.0.6 or earlier
+ version of GnuPG to a 1.0.7 or later version.
+
+ * Disabled keys are now skipped when selecting keys for
+ encryption. If you are using the --with-colons key listings to
+ detect disabled keys, please see doc/DETAILS for a minor format
+ change in this release.
+
+ * Minor trustdb changes to make the trust calculations match
+ common usage.
+
+ * New command "revuid" in the --edit-key menu to revoke a user ID.
+ This is a simpler interface to the old method (which still
+ works) of revoking the user ID self-signature.
+
+ * Status VALIDSIG does now also print the primary key's
+ fingerprint, as well as the signature version, pubkey algorithm,
+ hash algorithm, and signature class.
+
+ * Add read-only support for the SHA-256 hash, and optional
+ read-only support for the SHA-384 and SHA-512 hashes.
+
+ * New option --enable-progress-filter for use with frontends.
+
+ * DNS SRV records are used in HKP keyserver lookups to allow
+ administrators to load balance and select keyserver ports
+ automatically. This is as specified in
+ draft-shaw-openpgp-hkp-00.txt.
+
+ * When using the "keyid!" syntax during a key export, only that
+ specified key is exported. If the key in question is a subkey,
+ the primary key plus only that subkey is exported.
+
+ * configure --disable-xxx options to disable individual algorithms
+ at build time. This can be used to build a smaller gpg binary
+ for embedded uses where space is tight. See the README file for
+ the algorithms that can be used with this option, or use
+ --enable-minimal to build the smallest gpg possible (disables
+ all optional algorithms, disables keyserver access, and disables
+ photo IDs).
+
+ * The keyserver no-modify flag on a key can now be displayed and
+ modified.
+
+ * Note that the TIGER/192 digest algorithm is in the process of
+ being dropped from the OpenPGP standard. While this release of
+ GnuPG still contains it, it is disabled by default. To ensure
+ you will still be able to use your messages with future versions
+ of GnuPG and other OpenPGP programs, please do not use this
+ algorithm.
+
+
+Noteworthy changes in version 1.3.1 (2002-11-12)
+------------------------------------------------
+
+ * Trust signature support. This is based on the Maurer trust
+ model where a user can specify the trust level along with the
+ signature with multiple levels so users can delegate
+ certification ability to other users, possibly restricted by a
+ regular expression on the user ID. Note that full trust
+ signature support requires a regular expression parsing library.
+ The regexp code from glibc 2.3.1 is included for those platforms
+ that don't have working regexp functions available. The
+ configure option --disable-regex may be used to disable any
+ regular expression code, which will make GnuPG ignore any trust
+ signature with a regular expression included.
+
+ * Two new commands --hidden-recipient (-R) and --hidden-encrypt-to
+ encrypt to a user, but hide the identity of that user. This is
+ the same functionality as --throw-keyid, but can be used on a
+ per-user basis.
+
+ * Full algorithm names (e.g. "3DES", "SHA1", "ZIP") can now be
+ used interchangeably with the short algorithm names (e.g. "S2",
+ "H2", "Z1") anywhere algorithm names are used in GnuPG.
+
+
+Noteworthy changes in version 1.3.0 (2002-10-18)
+------------------------------------------------
+
+ * The last piece of internal keyserver support has been removed,
+ and now all keyserver access is done via the keyserver plugins.
+ There is also a newer keyserver protocol used between GnuPG and
+ the plugins, so plugins from earlier versions of GnuPG may not
+ work properly.
+
+ * The HKP keyserver plugin supports the new machine-readable key
+ listing format for those keyservers that provide it.
+
+ * When using a HKP keyserver with multiple DNS records (such as
+ wwwkeys.pgp.net which has the addresses of multiple servers
+ around the world), try all records until one succeeds. Note
+ that it depends on the LDAP library used whether the LDAP
+ keyserver plugin does this as well.
+
+ * The library dependencies for OpenLDAP seem to change fairly
+ frequently, and GnuPG's configure script cannot guess all the
+ combinations. Use ./configure LDAPLIBS="-L libdir -l libs" to
+ override the script and use the libraries selected.
+
+ * Secret keys generated with --export-secret-subkeys are now
+ indicated in key listings with a '#' after the "sec", and in
+ --with-colons listings by showing no capabilities (no lowercase
+ characters).
+
+ * --trusted-key has been un-obsoleted, as it is useful for adding
+ ultimately trusted keys from the config file. It is identical
+ to using --edit and "trust" to change a key to ultimately
+ trusted.
+
+ * Translations other than de are no longer distributed with the
+ development branch. This is due to the frequent text changes
+ during development, which cause the translations to rapidly go
+ out of date.
+
+
+Version 1.2.8 (2006-12-07)
+Version 1.2.7 (2004-12-27)
+Version 1.2.6 (2004-08-25)
+Version 1.2.5 (2004-07-26)
+Version 1.2.4 (2003-12-23)
+Version 1.2.3 (2003-08-21)
+Version 1.2.2 (2003-05-01)
+Version 1.2.1 (2002-10-25)
+Version 1.2.0 (2002-09-21)
+
+
+Noteworthy changes in version 1.1.92 (2002-09-11)
+-------------------------------------------------
+
+ * [IMPORTANT] The default configuration file is now
+ ~/.gnupg/gpg.conf. If an old ~/.gnupg/options is found it will
+ still be used. This change is required to have a more
+ consistent naming scheme with forthcoming tools.
+
+ * The use of MDCs have increased. A MDC will be used if the
+ recipients directly request it, if the recipients have AES,
+ AES192, AES256, or TWOFISH in their cipher preferences, or if
+ the chosen cipher has a blocksize not equal to 64 bits
+ (currently this is also AES, AES192, AES256, and TWOFISH).
+
+ * GnuPG will no longer automatically disable compression when
+ processing an already-compressed file unless a MDC is being
+ used. This is to give the message a certain amount of
+ resistance to the chosen-ciphertext attack while communicating
+ with other programs (most commonly PGP earlier than version 7.x)
+ that do not support MDCs.
+
+ * The option --interactive now has the desired effect when
+ importing keys.
+
+ * The file permission and ownership checks on files have been
+ clarified. Specifically, the homedir (usually ~/.gnupg) is
+ checked to protect everything within it. If the user specifies
+ keyrings outside this homedir, they are presumed to be shared
+ keyrings and therefore *not* checked. Configuration files
+ specified with the --options option and the IDEA cipher
+ extension specified with --load-extension are checked, along
+ with their enclosing directories.
+
+ * The configure option --with-static-rnd=auto allows to build gpg
+ with all available entropy gathering modules included. At
+ runtime the best usable one will be selected from the list
+ linux, egd, unix. This is also the default for systems lacking
+ a /dev/random device.
+
+ * The default character set is now taken from the current locale;
+ it can still be overridden by the --charset option. Using the
+ option -vvv shows the used character set.
+
+ * [REMOVED] --emulate-checksum-bug and --emulate-3des-s2k-bug have
+ been removed.
+
+
+Noteworthy changes in version 1.1.91 (2002-08-04)
+-------------------------------------------------
+
+ * All modules are now linked statically; the --load-extension
+ option is in general not useful anymore. The only exception is
+ to specify the deprecated idea cipher.
+
+ * The IDEA plugin has changed. Previous versions of the IDEA
+ plugin will no longer work with GnuPG. However, the current
+ version of the plugin will work with earlier GnuPG versions.
+
+ * When using --batch with one of the --delete-key commands, the
+ key must be specified by fingerprint. See the man page for
+ details.
+
+ * There are now various ways to restrict the ability GnuPG has to
+ exec external programs (for the keyserver helpers or photo ID
+ viewers). Read the README file for the complete list.
+
+ * New export option to leave off attribute packets (photo IDs)
+ during export. This is useful when exporting to HKP keyservers
+ which do not understand attribute packets.
+
+ * New import option to repair during import the HKP keyserver
+ mangling multiple subkeys bug. Note that this cannot completely
+ repair the damaged key as some crucial data is removed by the
+ keyserver, but it does at least give you back one subkey. This
+ is on by default for keyserver --recv-keys, and off by default
+ for regular --import.
+
+ * The keyserver helper programs now live in
+ /usr/[local/]libexec/gnupg by default. If you are upgrading
+ from 1.0.7, you might want to delete your old copies in
+ /usr/[local/]bin. If you use an OS that does not use libexec
+ for whatever reason, use configure --libexecdir=/usr/local/lib
+ to place the keyserver helpers there.
+
+ * The LDAP keyserver handler now works properly with very old
+ (version 1) LDAP keyservers.
+
+
+Noteworthy changes in version 1.1.90 (2002-07-01)
+-------------------------------------------------
+
+ * New commands: --personal-cipher-preferences,
+ --personal-digest-preferences, and
+ --personal-compress-preferences allow the user to specify which
+ algorithms are to be preferred. Note that this does not permit
+ using an algorithm that is not present in the recipient's
+ preferences (which would violate the OpenPGP standard). This
+ just allows sorting the preferences differently.
+
+ * New "group" command to refer to several keys with one name.
+
+ * A warning is issued if the user forces the use of an algorithm
+ that is not listed in the recipient's preferences.
+
+ * Full revocation key (aka "designated revoker") support.
+
+ * The preferred hash algorithms on a key are consulted when
+ encrypting a signed message to that key. Note that this is
+ disabled by default by a SHA1 preference in
+ --personal-digest-preferences.
+
+ * --cert-digest-algo allows the user to specify the hash algorithm
+ to use when signing a key rather than the default SHA1 (or MD5
+ for PGP2 keys). Do not use this feature unless you fully
+ understand the implications of this.
+
+ * --pgp7 mode automatically sets all necessary options to ensure
+ that the resulting message will be usable by a user of PGP 7.x.
+
+ * New --attribute-fd command for frontends and scripts to get the
+ contents of attribute packets (i.e. photos)
+
+ * In expert mode, the user can now re-sign a v3 key with a v4
+ self-signature. This does not change the v3 key into a v4 key,
+ but it does allow the user to use preferences, primary ID flags,
+ etc.
+
+ * Significantly improved photo ID support on non-unixlike
+ platforms.
+
+ * The version number has jumped ahead to 1.1.90 to skip over the
+ old version 1.1 and to get ready for the upcoming 1.2.
+
+ * ElGamal sign and encrypt is not anymore allowed in the key
+ generation dialog unless in expert mode. RSA sign and encrypt
+ has been added with the same restrictions.
+
+ * [W32] Keyserver access does work with Windows NT.
+
+
+Noteworthy changes in version 1.0.7 (2002-04-29)
+------------------------------------------------
+
+ * Secret keys are now stored and exported in a new format which
+ uses SHA-1 for integrity checks. This format renders the
+ Rosa/Klima attack useless. Other OpenPGP implementations might
+ not yet support this, so the option --simple-sk-checksum creates
+ the old vulnerable format.
+
+ * The default cipher algorithm for encryption is now CAST5,
+ default hash algorithm is SHA-1. This will give us better
+ interoperability with other OpenPGP implementations.
+
+ * Symmetric encrypted messages now use a fixed file size if
+ possible. This is a tradeoff: it breaks PGP 5, but fixes PGP 2,
+ 6, and 7. Note this was only an issue with RFC-1991 style
+ symmetric messages.
+
+ * Photographic user ID support. This uses an external program to
+ view the images.
+
+ * Enhanced keyserver support via keyserver "plugins". GnuPG comes
+ with plugins for the NAI LDAP keyserver as well as the HKP email
+ keyserver. It retains internal support for the HKP HTTP
+ keyserver.
+
+ * Nonrevocable signatures are now supported. If a user signs a
+ key nonrevocably, this signature cannot be taken back so be
+ careful!
+
+ * Multiple signature classes are usable when signing a key to
+ specify how carefully the key information (fingerprint, photo
+ ID, etc) was checked.
+
+ * --pgp2 mode automatically sets all necessary options to ensure
+ that the resulting message will be usable by a user of PGP 2.x.
+
+ * --pgp6 mode automatically sets all necessary options to ensure
+ that the resulting message will be usable by a user of PGP 6.x.
+
+ * Signatures may now be given an expiration date. When signing a
+ key with an expiration date, the user is prompted whether they
+ want their signature to expire at the same time.
+
+ * Revocation keys (designated revokers) are now supported if
+ present. There is currently no way to designate new keys as
+ designated revokers.
+
+ * Permissions on the .gnupg directory and its files are checked
+ for safety.
+
+ * --expert mode enables certain silly things such as signing a
+ revoked user id, expired key, or revoked key.
+
+ * Some fixes to build cleanly under Cygwin32.
+
+ * New tool gpgsplit to split OpenPGP data formats into packets.
+
+ * New option --preserve-permissions.
+
+ * Subkeys created in the future are not used for encryption or
+ signing unless the new option --ignore-valid-from is used.
+
+ * Revoked user-IDs are not listed unless signatures are listed too
+ or we are in verbose mode.
+
+ * There is no default comment string with ascii armors anymore
+ except for revocation certificates and --enarmor mode.
+
+ * The command "primary" in the edit menu can be used to change the
+ primary UID, "setpref" and "updpref" can be used to change the
+ preferences.
+
+ * Fixed the preference handling; since 1.0.5 they were erroneously
+ matched against against the latest user ID and not the given one.
+
+ * RSA key generation.
+
+ * Merged Stefan's patches for RISC OS in. See comments in
+ scripts/build-riscos.
+
+ * It is now possible to sign and conventional encrypt a message (-cs).
+
+ * The MDC feature flag is supported and can be set by using
+ the "updpref" edit command.
+
+ * The status messages GOODSIG and BADSIG are now returning the primary
+ UID, encoded using %XX escaping (but with spaces left as spaces,
+ so that it should not break too much)
+
+ * Support for GDBM based keyrings has been removed.
+
+ * The entire keyring management has been revamped.
+
+ * The way signature stati are store has changed so that v3
+ signatures can be supported. To increase the speed of many
+ operations for existing keyrings you can use the new
+ --rebuild-keydb-caches command.
+
+ * The entire key validation process (trustdb) has been revamped.
+ See the man page entries for --update-trustdb, --check-trustdb
+ and --no-auto-check-trustdb.
+
+ * --trusted-keys is again obsolete, --edit can be used to set the
+ ownertrust of any key to ultimately trusted.
+
+ * A subkey is never used to sign keys.
+
+ * Read only keyrings are now handled as expected.
+
+
+Noteworthy changes in version 1.0.6 (2001-05-29)
+------------------------------------------------
+
+ * Security fix for a format string bug in the tty code.
+
+ * Fixed format string bugs in all PO files.
+
+ * Removed Russian translation due to too many bugs. The FTP
+ server has an unofficial but better translation in the contrib
+ directory.
+
+ * Fixed expire time calculation and keyserver access.
+
+ * The usual set of minor bug fixes and enhancements.
+
+ * non-writable keyrings are now correctly handled.
+
+
+Noteworthy changes in version 1.0.5 (2001-04-29)
+------------------------------------------------
+
+ * WARNING: The semantics of --verify have changed to address a
+ problem with detached signature detection. --verify now ignores
+ signed material given on stdin unless this is requested by using
+ a "-" as the name for the file with the signed material. Please
+ check all your detached signature handling applications and make
+ sure that they don't pipe the signed material to stdin without
+ using a filename together with "-" on the the command line.
+
+ * WARNING: Corrected hash calculation for input data larger than
+ 512M - it was just wrong, so you might notice bad signature in
+ some very big files. It may be wise to keep an old copy of
+ GnuPG around.
+
+ * Secret keys are no longer imported unless you use the new option
+ --allow-secret-key-import. This is a kludge and future versions will
+ handle it in another way.
+
+ * New command "showpref" in the --edit-key menu to show an easier
+ to understand preference listing.
+
+ * There is now the notation of a primary user ID. For example, it
+ is printed with a signature verification as the first user ID;
+ revoked user IDs are not printed there anymore. In general the
+ primary user ID is the one with the latest self-signature.
+
+ * New --charset=utf-8 to bypass all internal conversions.
+
+ * Large File Support (LFS) is now working.
+
+ * New options: --ignore-crc-error, --no-sig-create-check,
+ --no-sig-cache, --fixed-list-mode, --no-expensive-trust-checks,
+ --enable-special-filenames and --use-agent. See man page.
+
+ * New command --pipemode, which can be used to run gpg as a
+ co-process. Currently only the verification of detached
+ signatures are working. See doc/DETAILS.
+
+ * Keyserver support for the W32 version.
+
+ * Rewritten key selection code so that GnuPG can better cope with
+ multiple subkeys, expire dates and so. The drawback is that it
+ is slower.
+
+ * A whole lot of bug fixes.
+
+ * The verification status of self-signatures are now cached. To
+ increase the speed of key list operations for existing keys you
+ can do the following in your GnuPG homedir (~/.gnupg):
+ cp pubring.gpg pubring.gpg.save && gpg --export-all >x && \
+ rm pubring.gpg && gpg --import x
+ Only v4 keys (i.e not the old RSA keys) benefit from this caching.
+
+ * New translations: Estonian, Turkish.
+
+
+Noteworthy changes in version 1.0.4 (2000-10-17)
+------------------------------------------------
+
+ * Fixed a serious bug which could lead to false signature verification
+ results when more than one signature is fed to gpg. This is the
+ primary reason for releasing this version.
+
+ * New utility gpgv which is a stripped down version of gpg to
+ be used to verify signatures against a list of trusted keys.
+
+ * Rijndael (AES) is now supported and listed with top preference.
+
+ * --with-colons now works with --print-md[s].
+
+Noteworthy changes in version 1.0.3 (2000-09-18)
+------------------------------------------------
+
+ * Fixed problems with piping to/from other MS-Windows software
+
+ * Expiration time of the primary key can be changed again.
+
+ * Revoked user IDs are now marked in the output of --list-key
+
+ * New options --show-session-key and --override-session-key
+ to help the British folks to somewhat minimize the danger
+ of this Orwellian RIP bill.
+
+ * New options --merge-only and --try-all-secrets.
+
+ * New configuration option --with-egd-socket.
+
+ * The --trusted-key option is back after it left us with 0.9.5
+
+ * RSA is supported. Key generation does not yet work but will come
+ soon.
+
+ * CAST5 and SHA-1 are now the default algorithms to protect the key
+ and for symmetric-only encryption. This should solve a couple
+ of compatibility problems because the old algorithms are optional
+ according to RFC2440
+
+ * Twofish and MDC enhanced encryption is now used. PGP 7 supports
+ this. Older versions of GnuPG don't support it, so they should be
+ upgraded to at least 1.0.2
+
+
+Noteworthy changes in version 1.0.2 (2000-07-12)
+----------------------------------------------
+
+ * Fixed expiration handling of encryption keys.
+
+ * Add an experimental feature to do unattended key generation.
+
+ * The user is now asked for the reason of revocation as required
+ by the new OpenPGP draft.
+
+ * There is a ~/.gnupg/random_seed file now which saves the
+ state of the internal RNG and increases system performance
+ somewhat. This way the full entropy source is only used in
+ cases were it is really required.
+ Use the option --no-random-seed-file to disable this feature.
+
+ * New options --ignore-time-conflict and --lock-never.
+
+ * Some fixes for the W32 version.
+
+ * The entropy.dll is not anymore used by the W32 version but replaced
+ by code derived from Cryptlib.
+
+ * Encryption is now much faster: About 2 times for 1k bit keys
+ and 8 times for 4k keys.
+
+ * New encryption keys are generated in a way which allows a much
+ faster decryption.
+
+ * New command --export-secret-subkeys which outputs the
+ the _primary_ key with it's secret parts deleted. This is
+ useful for automated decryption/signature creation as it
+ allows to keep the real secret primary key offline and
+ thereby protecting the key certificates and allowing to
+ create revocations for the subkeys. See the FAQ for a
+ procedure to install such secret keys.
+
+ * Keygeneration now writes to the first writeable keyring or
+ as default to the one in the homedirectory. Prior versions
+ ignored all --keyring options.
+
+ * New option --command-fd to take user input from a file descriptor;
+ to be used with --status-fd by software which uses GnuPG as a backend.
+
+ * There is a new status PROGRESS which is used to show progress during
+ key generation.
+
+ * Support for the new MDC encryption packets. To create them either
+ --force-mdc must be use or cipher algorithm with a blocksize other
+ than 64 bits is to be used. --openpgp currently disables MDC packets
+ entirely. This option should not yet be used.
+
+ * New option --no-auto-key-retrieve to disable retrieving of
+ a missing public key from a keyserver, when a keyserver has been set.
+
+ * Danish translation
+
+Noteworthy changes in version 1.0.1 (1999-12-16)
+-----------------------------------
+
+ * New command --verify-files. New option --fast-list-mode.
+
+ * $http_proxy is now used when --honor-http-proxy is set.
+
+ * Fixed some minor bugs and the problem with conventional encrypted
+ packets which did use the gpg v3 partial length headers.
+
+ * Add Indonesian and Portugese translations.
+
+ * Fixed a bug with symmetric-only encryption using the non-default 3DES.
+ The option --emulate-3des-s2k-bug may be used to decrypt documents
+ which have been encrypted this way; this should be done immediately
+ as this workaround will be remove in 1.1
+
+ * Can now handle (but not display) PGP's photo IDs. I don't know the
+ format of that packet but after stripping a few bytes from the start
+ it looks like a JPEG (at least my test data). Handling of this
+ package is required because otherwise it would mix up the
+ self signatures and you can't import those keys.
+
+ * Passing non-ascii user IDs on the commandline should now work in all
+ cases.
+
+ * New keys are now generated with an additional preference to Blowfish.
+
+ * Removed the GNU Privacy Handbook from the distribution as it will go
+ into a separate one.
+
+
+Noteworthy changes in version 1.0.0 (1999-09-07)
+-----------------------------------
+
+ * Add a very preliminary version of the GNU Privacy Handbook to
+ the distribution (lynx doc/gph/index.html).
+
+ * Changed the version number to GnuPG 2001 ;-)
+
+
+Noteworthy changes in version 0.9.11 (1999-09-03)
+------------------------------------
+
+ * UTF-8 strings are now correctly printed (if --charset is set correctly).
+ Output of --with-colons remains C-style escaped UTF-8.
+
+ * Workaround for a problem with PGP 5 detached signature in textmode.
+
+ * Fixed a problem when importing new subkeys (duplicated signatures).
+
+
+Noteworthy changes in version 0.9.10 (1999-07-23)
+------------------------------------
+
+ * Some strange new options to help pgpgpg
+
+ * Cleaned up the dox a bit.
+
+
+Noteworthy changes in version 0.9.9
+-----------------------------------
+
+ * New options --[no-]utf8-strings.
+
+ * New edit-menu commands "enable" and "disable" for entire keys.
+
+ * You will be asked for a filename if gpg cannot deduce one.
+
+ * Changes to support libtool which is needed for the development
+ of libgcrypt.
+
+ * New script tools/lspgpot to help transferring assigned
+ trustvalues from PGP to GnuPG.
+
+ * New commands --lsign-key and made --sign-key a shortcut for --edit
+ and sign.
+
+ * New options (#122--126 ;-) --[no-]default-recipient[-self],
+ --disable-{cipher,pubkey}-algo. See the man page.
+
+ * Enhanced info output in case of multiple recipients and fixed exit code.
+
+ * New option --allow-non-selfsigned-uid to work around a problem with
+ the German IN way of separating signing and encryption keys.
+
+
+Noteworthy changes in version 0.9.8 (1999-06-26)
+-----------------------------------
+
+ * New subcommand "delsig" in the edit menu.
+
+ * The name of the output file is not anymore the one which is
+ embedded in the processed message, but the used filename with
+ the extension stripped. To revert to the old behaviour you can
+ use the option --use-embedded-filename.
+
+ * Another hack to cope with pgp2 generated detached signatures.
+
+ * latin-2 character set works (--charset=iso-8859-2).
+
+ * New option --with-key-data to list the public key parameters.
+ New option -N to insert notations and a --set-policy-url.
+ A couple of other options to allow reseting of options.
+
+ * Better support for HPUX.
+
+
+Noteworthy changes in version 0.9.7 (1999-05-23)
+-----------------------------------
+
+ * Add some work arounds for a bugs in pgp 2 which led to bad signatures
+ when used with canonical texts in some cases.
+
+ * Enhanced some status outputs.
+
+
+Noteworthy changes in version 0.9.6 (1999-05-06)
+-----------------------------------
+
+ * Twofish is now statically linked by default. The experimental 128 bit
+ version is now disabled. Full support will be available as soon as
+ the OpenPGP WG has decided on an interpretation of rfc2440.
+
+ * Dropped support for the ancient Blowfish160 which is not OpenPGP.
+
+ * Merged gpgm and gpg into one binary.
+
+ * Add "revsig" and "revkey" commands to the edit menu. It is now
+ possible to revoke signature and subkeys.
+
+
+Noteworthy changes in version 0.9.5 (1999-03-20)
+-----------------------------------
+
+ * New command "lsign" in the keyedit menu to create non-exportable
+ signatures. Removed --trusted-keys option.
+
+ * A bunch of changes to the key validation code.
+
+ * --list-trust-path now has an optional --with-colons format.
+
+ * New command --recv-keys to import keys from an keyserver.
+
+
+Noteworthy changes in version 0.9.4 (1999-03-08)
+-----------------------------------
+
+ * New configure option --enable-static-rnd=[egd|linux|unix|none]
+ to select a random gathering module for static linking.
+
+ * The original text is now verbatim copied to a cleartext signed message.
+
+ * Bugfixes but there are still a couple of bugs.
+
+
+Noteworthy changes in version 0.9.3 (1999-02-19)
+-----------------------------------
+
+ * Changed the internal design of getkey which now allows a
+ efficient lookup of multiple keys and add a word match mode.
+
+ * New options --[no-]encrypt-to.
+
+ * Some changes to the configure stuff. Switched to automake 1.4.
+ Removed intl/ from CVS, autogen.sh now uses gettextize.
+
+ * Preferences now include Twofish. Removed preference to Blowfish with
+ a special hack to suppress the "not listed in preferences" warning;
+ this is to allow us to switch completely to Twofish in the near future.
+
+ * Changed the locking stuff.
+
+ * Print all user ids of a good signature.
+
+
+Noteworthy changes in version 0.9.2 (1999-01-01)
+-----------------------------------
+
+ * add some additional time warp checks.
+
+ * Option --keyserver and command --send-keys to utilize HKP servers.
+
+ * Upgraded to zlib 1.1.3 and fixed an inflate bug
+
+ * More cleanup on the cleartext signatures.
+
+
+Noteworthy changes in version 0.9.1 (1999-01-01)
+-----------------------------------
+
+ * Polish language support.
+
+ * When querying the passphrase, the key ID of the primary key is
+ displayed along with the one of the used secondary key.
+
+ * Fixed a bug occurring when decrypting pgp 5 encrypted messages,
+ fixed an infinite loop bug in the 3DES code and in the code
+ which looks for trusted signatures.
+
+ * Fixed a bug in the mpi library which caused signatures not to
+ compare okay.
+
+ * Rewrote the handling of cleartext signatures; the code is now
+ better maintainable (I hope so).
+
+ * New status output VALIDSIG only for valid signatures together
+ with the fingerprint of the signer's key.
+
+
+Noteworthy changes in version 0.9.0 (1998-12-23)
+-----------------------------------
+
+ * --export does now only exports rfc2440 compatible keys; the
+ old behaviour is available with --export-all.
+ Generation of v3 ElGamal (sign and encrypt) keys is not longer
+ supported.
+
+ * Fixed the uncompress bug.
+
+ * Rewrote the rndunix module. There are two environment variables
+ used for debugging now: GNUPG_RNDUNIX_DBG give the file to write
+ debugging information (use "-" for stdout) and if GNUPG_RNDUNIX_DBGALL
+ is set, all programs which are only tried are also printed.
+
+ * New option --escape-from-lines to "dash-escape" "From " lines to
+ prevent mailers to change them to ">From ". This is not enabled by
+ default because it is not in compliance with rfc2440 - however, you
+ should turn it on.
+
+
+Noteworthy changes in version 0.4.5 (1998-12-08)
+-----------------------------------
+
+ * The keyrings and the trustdb is now locked, so that
+ other GnuPG processes won't damage these files. You
+ may want to put the option --lock-once into your options file.
+
+ * The latest self-signatures are now used; this enables --import
+ to see updated preferences etc.
+
+ * Import of subkeys should now work.
+
+ * Random gathering modules may now be loaded as extensions. Add
+ such a module for most Unices but it is very experimental!
+
+ * Brazilian language support.
+
+
+Noteworthy changes in version 0.4.4 (1998-11-20)
+-----------------------------------
+
+ * Fixed the way the key expiration time is stored. If you have
+ an expiration time on your key you should fix it with --edit-key
+ and the command "expire". I apologize for this inconvenience.
+
+ * Add option --charset to support "koi8-r" encoding of user ids.
+ (Not yet tested).
+
+ * Preferences should now work again. You should run
+ "gpgm --check-trustdb \*" to rebuild all preferences.
+
+ * Checking of certificates should now work but this needs a lot
+ of testing. Key validation values are now cached in the
+ trustdb; they should be recalculated as needed, but you may
+ use --check-trustdb or --update-trustdb to do this.
+
+ * Spanish translation by Urko Lusa.
+
+ * Patch files are from now on signed. See the man page
+ for the new option --not-dash-escaped.
+
+ * New syntax: --edit-key <userID> [<commands>]
+ If you run it without --batch the commands are executed and then
+ you are put into normal mode unless you use "quit" or "save" as
+ one of the commands. When in batch mode, the program quits after
+ the last command, so you have to use "save" if you did some changes.
+ It does not yet work completely, but may be used to list so the
+ keys etc.
+
+
+Noteworthy changes in version 0.4.3 (1998-11-08)
+-----------------------------------
+
+ * Fixed the gettext configure bug.
+
+ * Kludge for RSA keys: keyid and length of a RSA key are
+ correctly reported, but you get an error if you try to use
+ this key (If you do not have the non-US version).
+
+ * Experimental support for keyrings stored in a GDBM database.
+ This is *much* faster than a standard keyring. You will notice
+ that the import gets slower with time; the reason is that all
+ new keys are used to verify signatures of previous inserted
+ keys. Use "--keyring gnupg-gdbm:<name-of-gdbm-file>". This is
+ not (yet) supported for secret keys.
+
+ * A Russian language file in the distribution (alternatives are in
+ the contrib directory of the FTP servers)
+
+ * commandline option processing now works as expected for GNU programs
+ with the exception that you can't mix options and normal arguments.
+
+ * Now --list-key lists all matching keys. This is needed in some
+ other places too.
+
+
+Noteworthy changes in version 0.4.2 (1998-10-18)
+-----------------------------------
+
+ * This is only a snapshot: There are still a few bugs.
+
+ * Fixed this huge memory leak.
+
+ * Redesigned the trust database: You should run "gpgm --check-trustdb".
+ New command --update-trustdb, which adds new key from the public
+ keyring into your trustdb
+
+ * Fixed a bug in the armor code, leading to invalid packet errors.
+ (a workaround for this was to use --no-armor). The shorten line
+ length (64 instead of 72) fixes a problem with pgp5 and keyservers.
+
+ * comment packets are not anymore generated. "--export" filters
+ them out. One Exception: The comment packets in a secret keyring
+ are still used because they carry the factorization of the public
+ prime product.
+
+ * --import now only looks for KEYBLOCK headers, so you can now simply
+ remove the "- " in front of such a header if someone accidently signed
+ such a message or the keyblock is part of a cleartext signed message.
+
+ * --with-colons now lists the key expiration time and not anymore
+ the valid period.
+
+ * Some keyblocks created with old releases have a wrong sequence
+ of packets, so that the keyservers don't accept these keys.
+ Simply using "--edit-key" fixes the problem.
+
+ * New option --force-v3-sigs to generate signed messages which are
+ compatible to PGP 5.
+
+ * Add some code to support DLD (for non ELF systems) - but this is
+ not tested because my BSD box is currently broken.
+
+ * New command "expire" in the edit-key menu.
+
+
+
+Noteworthy changes in version 0.4.1 (1998-10-07)
+-----------------------------------
+
+ * A secondary key is used when the primary key is specified but cannot
+ be used for the operation (if it is a sign-only key).
+
+ * GNUPG can now handle concatenated armored messages: There is still a
+ bug if different kinds of messages are mixed.
+
+ * Iterated+Salted passphrases now work. If want to be sure that PGP5
+ is able to handle them you may want to use the options
+ "--s2k-mode 3 --s2k-cipher-algo cast5 --s2k-digest-algo sha1"
+ when changing a passphrase.
+
+ * doc/OpenPGP talks about OpenPGP compliance, doc/HACKING gives
+ a few hints about the internal structure.
+
+ * Checked gnupg against the August 1998 draft (07) and I believe
+ it is in compliance with this document (except for one point).
+
+ * Fixed some bugs in the import merging code and rewrote some
+ code for the trustdb.
+
+
+Noteworthy changes in version 0.4.0 (1998-09-18)
+-----------------------------------
+
+ * Triple DES is now supported. Michael Roth did this piece of
+ needed work. We have now all the coded needed to be OpenPGP
+ compliant.
+
+ * Added a simple rpm spec file (see INSTALL).
+
+ * detached and armored signatures are now using "PGP SIGNATURE",
+ except when --rfc1991 is used.
+
+ * All times which are not in the yyyy-mm-dd format are now printed
+ in local time.
+
+
+Noteworthy changes in version 0.3.5 (1998-09-14)
+-----------------------------------
+
+ * New option --throw-keyid to create anonymous enciphered messages.
+ If gpg detects such a message it tires all available secret keys
+ in turn so decode it. This is a gnupg extension and not in OpenPGP
+ but it has been discussed there and afaik some products use this
+ scheme too (Suggested by Nimrod Zimmerman).
+
+ * Fixed a bug with 5 byte length headers.
+
+ * --delete-[secret-]key is now also available in gpgm.
+
+ * cleartext signatures are not anymore converted to LF only.
+
+ * Fixed a trustdb problem. Run "gpgm --check-trustdb" to fix old
+ trust dbs.
+
+ * Building in another directory should now work.
+
+ * Weak key detection mechanism (Niklas Hernaeus).
+
+
+Noteworthy changes in version 0.3.4 (1998-08-11)
+-----------------------------------
+
+ * New options --comment and --set-filename; see g10/OPTIONS
+
+ * yes/no, y/n localized.
+
+ * Fixed some bugs.
+
+
+Noteworthy changes in version 0.3.3 (1998-08-08)
+-----------------------------------
+
+ * IMPORTANT: I found yet another bug in the way the secret keys
+ are encrypted - I did it the way pgp 2.x did it, but OpenPGP
+ and pgp 5.x specify another (in some aspects simpler) method.
+ To convert your secret keys you have to do this:
+ 1. Build the new release but don't install it and keep
+ a copy of the old program.
+ 2. Disable the network, make sure that you are the only
+ user, be sure that there are no Trojan horses etc ....
+ 3. Use your old gpg (version 0.3.[12]) and set the
+ passphrases of ALL your secret keys to empty!
+ (gpg --change-passphrase your-user-id).
+ 4. Save your ownertrusts (see the next point)
+ 5. rm ~/.gnupg/trustdb.gpg
+ 6. install the new version of gpg (0.3.3)
+ 7. For every secret key call "gpg --edit-key your-user-id",
+ enter "passwd" at the prompt, follow the instructions and
+ change your password back, enter "save" to store it.
+ 8. Restore the ownertrust (see next point).
+
+ * The format of the trust database has changed; you must delete
+ the old one, so gnupg can create a new one.
+ IMPORTANT: Use version 0.3.[12] to save your assigned ownertrusts
+ ("gpgm --list-ownertrust >saved-trust"); then build this new version
+ and restore the ownertrust with this new version
+ ("gpgm --import-ownertrust saved-trust"). Please note that
+ --list-ownertrust has been renamed to --export-ownertrust in this
+ release and it does now only export defined ownertrusts.
+
+ * The command --edit-key now provides a commandline driven menu
+ which can be used for various tasks. --sign-key is only an
+ an alias to --edit-key and maybe removed in future: use the
+ command "sign" of this new menu - you can select which user ids
+ you want to sign.
+
+ * Alternate user ids can now be created an signed.
+
+ * Owner trust values can now be changed with --edit-key (trust)
+
+ * GNUPG can now run as a coprocess; this enables sophisticated
+ frontends. tools/shmtest.c is a simple sample implementation.
+ This needs some more work: all tty_xxx() are to be replaced
+ by cpr_xxx() and some changes in the display logics is needed.
+
+ * Removed options --gen-prime and --gen-random.
+
+ * Removed option --add-key; use --edit-key instead.
+
+ * Removed option --change-passphrase; use --edit-key instead.
+
+ * Signatures are now checked even if the output file could not
+ be created. Command "--verify" tries to find the detached data.
+
+ * gpg now disables core dumps.
+
+ * compress and symmetric cipher preferences are now used.
+ Because there is no 3DES yet, this is replaced by Blowfish.
+
+ * We have added the Twofish as an experimental cipher algorithm.
+ Many thanks to Matthew Skala for doing this work.
+ Twofish is the AES submission from Schneier et al.; see
+ "www.counterpane.com/twofish.html" for more information.
+
+ * Started with a help system: If you enter a question mark at some
+ prompt; you should get a specific help for this prompt.
+
+ * There is no more backup copy of the secret keyring.
+
+ * A lot of new bugs. I think this release is not as stable as
+ the previous one.
+
+
+Noteworthy changes in version 0.3.2 (1998-07-09)
+-----------------------------------
+
+ * Fixed some bugs when using --textmode (-seat)
+
+ * Now displays the trust status of a positive verified message.
+
+ * Keyrings are now scanned in the sequence they are added with
+ --[secret-]keyring. Note that the default keyring is implicitly
+ added as the very first one unless --no-default-keyring is used.
+
+ * Fixed setuid and dlopen bug.
+
+
+Noteworthy changes in version 0.3.1 (1998-07-06)
+-----------------------------------
+
+ * Partial headers are now written in the OpenPGP format if
+ a key in a v4 packet is used.
+
+ * Removed some unused options, removed the gnupg.sig stuff.
+
+ * Key lookup by name now returns a key which can be used for
+ the desired action.
+
+ * New options --list-ownertrust (gpgm) to make a backup copy
+ of the ownertrust values you assigned.
+
+ * clear signature headers are now in compliance with OpenPGP.
+
+
+Noteworthy changes in version 0.3.0 (1998-06-25)
+-----------------------------------
+
+ * New option --emulate-checksum-bug. If your passphrase does not
+ work anymore, use this option and --change-passphrase to rewrite
+ your passphrase.
+
+ * More complete v4 key support: Preferences and expiration time
+ is set into the self signature.
+
+ * Key generation defaults to DSA/ElGamal keys, so that new keys are
+ interoperable with pgp5
+
+ * DSA key generation is faster and key generation does not anymore
+ remove entropy from the random generator (the primes are public
+ parameters, so there is really no need for a cryptographic secure
+ prime number generator which we had used).
+
+ * A complete new structure for representing the key parameters.
+
+ * Removed most public key knowledge into the cipher library.
+
+ * Support for dynamic loading of new algorithms.
+
+ * Moved tiger to an extension module.
+
+
+Noteworthy changes in version 0.2.19 (1998-05-29)
+------------------------------------
+
+ * Replaced /dev/urandom in checks with new tool mk-tdata.
+
+ * Some assembler file cleanups; some more functions for the Alpha.
+
+ * Tiger has now the OpenPGP assigned number 6. Because the OID has
+ changed, old signatures using this algorithm can't be verified.
+
+ * gnupg now encrypts the compressed packed and not any longer in the
+ reverse order; anyway it can decrypt both versions. Thanks to Tom
+ for telling me this (not security related) bug.
+
+ * --add-key works and you are now able to generate subkeys.
+
+ * It is now possible to generate ElGamal keys in v4 packets to create
+ valid OpenPGP keys.
+
+ * Some new features for better integration into MUAs.
+
+
+Noteworthy changes in version 0.2.18 (1998-05-15)
+------------------------------------
+
+ * Splitted cipher/random.c, add new option "--disable-dev-random"
+ to configure to support the development of a random source for
+ other systems. Prepared sourcefiles rand-unix.c, rand-w32.c
+ and rand-dummy.c (which is used to allow compilation on systems
+ without a random source).
+
+ * Fixed a small bug in the key generation (it was possible that 48 bits
+ of a key were not taken from the random pool)
+
+ * Add key generation for DSA and v4 signatures.
+
+ * Add a function trap_unaligned(), so that a SIGBUS is issued on
+ Alphas and not the slow emulation code is used. And success: rmd160
+ raised a SIGBUS.
+
+ * Enhanced the formatting facility of argparse and changed the use of
+ \r,\v to @ because gettext does not like it.
+
+ * New option "--compress-algo 1" to allow the creation of compressed
+ messages which are readable by PGP and "--print-md" (gpgm) to make
+ speed measurement easier.
+
+
+Noteworthy changes in version 0.2.17 (1998-05-04)
+------------------------------------
+
+ * Comment packets are now of private type 61.
+
+ * Passphrase code still used a 160 bit blowfish key, added a
+ silly workaround. Please change your passphrase again - sorry.
+
+ * Conventional encryption now uses a type 3 packet to describe the
+ used algorithms.
+
+ * The new algorithm number for Blowfish is 20, 16 is still used for
+ encryption only; for signing it is only used when it is in a v3 packet,
+ so that GNUPG keys are still valid.
+
+
+Noteworthy changes in version 0.2.16 (1998-04-28)
+------------------------------------
+
+ * Add experimental support for the TIGER/192 message digest algorithm.
+ (But there is only a dummy ASN OID).
+
+ * Standard cipher is now Blowfish with 128 bit key in OpenPGP's CFB
+ mode. I renamed the old cipher to Blowfish160. Because the OpenPGP
+ group refused to assign me a number for Blowfish160, I have to
+ drop support for this in the future. You should use
+ "--change-passphrase" to recode your current passphrase with 128
+ bit Blowfish.
+
+
+Noteworthy changes in version 0.2.15 (1998-04-09)
+------------------------------------
+
+ * Fixed a bug with the old checksum calculation for secret keys.
+ If you run the program without --batch, a warning does inform
+ you if your secret key needs to be converted; simply use
+ --change-passphrase to recalculate the checksum. Please do this
+ soon, as the compatible mode will be removed sometime in the future.
+
+ * CAST5 works (using the PGP's special CFB mode).
+
+ * Again somewhat more PGP 5 compatible.
+
+ * Some new test cases
+
+Noteworthy changes in version 0.2.14 (1998-04-02)
+------------------------------------
+
+ * Changed the internal handling of keyrings.
+
+ * Add support to list PGP 5 keyrings with subkeys
+
+ * Timestamps of signatures are now verified.
+
+ * A expiration time can now be specified during key generation.
+
+ * Some speedups for Blowfish and SHA-1, rewrote SHA-1 transform.
+ Reduced the amount of random bytes needed for key generation in
+ some cases.
+
+
+Noteworthy changes in version 0.2.13 (1998-03-10)
+------------------------------------
+
+ * Verify of DSA signatures works.
+
+ * Re-implemented the slower random number generator.
+
+
+Noteworthy changes in version 0.2.12 (1998-03-07)
+------------------------------------
+
+ * --delete-key checks that there is no secret key. The new
+ option --delete-secret-key maybe used to delete a secret key.
+
+ * "-kv" now works as expected. Options "--list-{keys,sigs]"
+ and "--check-sigs" are now working.
+
+ * New options "--verify" and "--decrypt" to better support integration
+ into MUAs (partly done for Mutt).
+
+ * New option "--with-colons" to make parsing of key lists easier.
+
+Noteworthy changes in version 0.2.11 (1998-03-02)
+------------------------------------
+
+ * GPG now asks for a recipient's name if option "-r" is not used.
+
+ * If there is no good trust path, the program asks whether to use
+ the public keys anyway.
+
+ * "--delete-key" works for public keys. What semantics shall I use
+ when there is a secret key too? Delete the secret key or leave him
+ and auto-regenerate the public key, next time the secret key is used?
+
+Noteworthy changes in version 0.2.10 (1998-02-27)
+------------------------------------
+
+ * Code for the alpha is much faster (about 20 times); the data
+ was misaligned and the kernel traps this, so nearly all time
+ was used by system to trap the misalignments and to write
+ syslog messages. Shame on me and thanks to Ralph for
+ pointing me at this while drinking some beer yesterday.
+
+ * Changed some configure options and add an option
+ --disable-m-guard to remove the memory checking code
+ and to compile everything with optimization on.
+
+ * New environment variable GNUPGHOME, which can be used to set
+ another homedir than ~/.gnupg. Changed default homedir for
+ Windoze version to c:/gnupg.
+
+ * Fixed detached signatures; detached PGP signatures caused a SEGV.
+
+ * The Windoze version works (as usual w/o a strong RNG).
+
+
+Noteworthy changes in version 0.2.9 (1998-02-26)
+-----------------------------------
+
+ * Fixed FreeBSD bug.
+
+ * Added a simple man page.
+
+ * Switched to automake1.2f and a newer gettext.
+
+Noteworthy changes in version 0.2.8 (1998-02-24)
+-----------------------------------
+
+ * Changed the name to GNUPG, the binaries are called gpg and gpgm.
+ You must rename rename the directory "~/.g10" to ~/.gnupg/, rename
+ {pub,sec}ring.g10 to {pub,sec}ring.gpg, trustdb.g10 to trustdb.gpg
+ and g10.sig to gnupg.sig.
+
+ * New or changed passphrases are now salted.
+
+
+Noteworthy changes in version 0.2.7 (1998-02-18)
+-----------------------------------
+
+ * New command "gen-revoke" to create a key revocation certificate.
+
+ * New option "homedir" to set the homedir (which defaults to "~/.g10").
+ This directory is created if it does not exists (only the last
+ part of the name and not the complete hierarchy)
+
+ * Command "import" works. (Try: "finger gcrypt@ftp.guug.de|g10 --import")
+
+ * New commands "dearmor/enarmor" for g10maint. These are mainly
+ used for internal test purposes.
+
+ * Option --version now conforming to the GNU standards and lists
+ the available ciphers, message digests and public key algorithms.
+
+ * Assembler code for m68k (not tested).
+
+ * "make check" works.
+
+Noteworthy changes in version 0.2.6 (1998-02-13)
+-----------------------------------
+
+ * Option "--export" works.
+
+
+Noteworthy changes in version 0.2.5 (1998-02-12)
+-----------------------------------
+
+ * Added zlib for systems which don't have it.
+ Use "./configure --with-zlib" to link with the static version.
+
+ * Generalized some more functions and rewrote the encoding of
+ message digests into MPIs.
+
+ * Enhanced the checkit script
+
+
+Noteworthy changes in version 0.2.4 (1998-02-11)
+-----------------------------------
+
+ * nearly doubled the speed of the ElGamal signature verification.
+
+ * backup copies of keyrings are created.
+
+ * assembler stuff for Pentium; gives about 15% better performance.
+
+ * fixed a lot of bugs.
+
+
+Noteworthy changes in version 0.2.3 (1998-02-09)
+-----------------------------------
+
+ * Found a bug in the calculation of ELG fingerprints. This is now
+ fixed, but all existing fingerprints and keyids for ELG keys
+ are not any more valid.
+
+ * armor should now work; including clear signed text.
+
+ * moved some options to the new program g10maint
+
+ * It's now 64 bit clean and runs fine on an alpha--linux.
+
+ * Key generation is much faster now. I fixed this by using not
+ so strong random number for the primes (this was a bug because the
+ ElGamal primes are public parameters and it does not make sense
+ to generate them from strong random). The real secret is the x value
+ which is still generated from strong (okay: /dev/random) random bits.
+
+ * added option "--status-fd": see g10/OPTIONS
+
+ * We have secure memory on systems which support mlock().
+ It is not complete yet, because we do not have signal handler
+ which does a cleanup in very case.
+ We should also check the ulimit for the user in the case
+ that the admin does not have set a limit on locked pages.
+
+ * started with internationalization support.
+
+ * The logic to handle the web of trust is now implemented. It is
+ has some bugs; but I'm going to change the algorithm anyway.
+ It works by calculating the trustlevel on the fly. It may ask
+ you to provide trust parameters if the calculated trust probability
+ is too low. I will write a paper which discusses this new approach.
+
+ * a couple of changes to the configure script.
+
+ * New option "--quick-random" which uses a much quicker random
+ number generator. Keys generated while this option is in effect
+ are flags with "INSECURE!" in the user-id. This is a development
+ only option.
+
+ * Read support for new version packets (OpenPGP).
+
+ * Comment packets are now of correct OpenPGP type 16. Old comment
+ packets written by G10 are detected because they always start with
+ a hash which is an invalid version byte.
+
+ * The string "(INSECURE!)" is appended to a new user-id if this
+ is generated on a system without a good random number generator.
+
+
+Version 0.2.2 (1998-02-09)
+Version 0.2.1 (1998-01-28)
+Version 0.2.0 (1998-01-25)
+Version 0.1.3 (1998-01-12)
+Version 0.1.2 (1998-01-07)
+Version 0.1.1 (1998-01-07)
+Version 0.1.0 (1998-01-05)
+Version 0.0.0 (1997-12-20)
+
+
+ Copyright (C) 1998-2015 Free Software Foundation, Inc.
+ Copyright (C) 1997-2015 Werner Koch
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
/* agent.h - Global definitions for the agent
* Copyright (C) 2001, 2002, 2003, 2005, 2011 Free Software Foundation, Inc.
+ * Copyright (C) 2015 g10 Code GmbH.
*
* This file is part of GnuPG.
*
int keep_tty; /* Don't switch the TTY (for pinentry) on request */
int keep_display; /* Don't switch the DISPLAY (for pinentry) on request */
- /* This global option enables the ssh-agent subsystem. */
- int ssh_support;
-
/* This global options indicates the use of an extra socket. Note
that we use a hack for cleanup handling in gpg-agent.c: If the
value is less than 2 the name has not yet been malloced. */
typedef int (*lookup_ttl_t)(const char *hexgrip);
+/* This is a special version of the usual _() gettext macro. It
+ assumes a server connection control variable with the name "ctrl"
+ and uses that to translate a string according to the locale set for
+ the connection. The macro LunderscoreIMPL is used by i18n to
+ actually define the inline function when needed. */
+#define L_(a) agent_Lunderscore (ctrl, (a))
+#define LunderscorePROTO \
+ static inline const char *agent_Lunderscore (ctrl_t ctrl, \
+ const char *string) \
+ GNUPG_GCC_ATTR_FORMAT_ARG(2);
+#define LunderscoreIMPL \
+ static inline const char * \
+ agent_Lunderscore (ctrl_t ctrl, const char *string) \
+ { \
+ return ctrl? i18n_localegettext (ctrl->lc_messages, string) \
+ /* */: gettext (string); \
+ }
+
+
/*-- gpg-agent.c --*/
void agent_exit (int rc) GPGRT_GCC_A_NR; /* Also implemented in other tools */
gpg_error_t agent_copy_startup_env (ctrl_t ctrl);
membuf_t *outbuf, int *r_padding);
/*-- genkey.c --*/
-int check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent);
+int check_passphrase_constraints (ctrl_t ctrl, const char *pw,
+ char **failed_constraint);
gpg_error_t agent_ask_new_passphrase (ctrl_t ctrl, const char *prompt,
char **r_passphrase);
int agent_genkey (ctrl_t ctrl, const char *cache_nonce,
Pinentries. An underscore indicates that the next letter
should be used as an accelerator. Double the underscore for
a literal one. The actual to be translated text starts after
- the second vertical bar. */
+ the second vertical bar. Note that gpg-agent has been set to
+ utf-8 so that the strings are in the expected encoding. */
{ "ok", N_("|pinentry-label|_OK") },
{ "cancel", N_("|pinentry-label|_Cancel") },
{ "yes", N_("|pinentry-label|_Yes") },
{
if (!opt.allow_external_cache && tbl[idx].what == 1)
continue; /* No need for it. */
- s = _(tbl[idx].value);
+ s = L_(tbl[idx].value);
if (*s == '|' && (s2=strchr (s+1,'|')))
s = s2+1;
if (asprintf (&optstr, "OPTION default-%s=%s", tbl[idx].key, s) < 0 )
else
{
percent = estimate_passphrase_quality (pin);
- if (check_passphrase_constraints (NULL, pin, 1))
+ if (check_passphrase_constraints (NULL, pin, NULL))
percent = -percent;
snprintf (numbuf, sizeof numbuf, "%d", percent);
rc = assuan_send_data (ctx, numbuf, strlen (numbuf));
/* Helper for agent_askpin and agent_get_passphrase. */
static int
-setup_qualitybar (void)
+setup_qualitybar (ctrl_t ctrl)
{
int rc;
char line[ASSUAN_LINELENGTH];
/* TRANSLATORS: This string is displayed by Pinentry as the label
for the quality bar. */
- tmpstr = try_percent_escape (_("Quality:"), "\t\r\n\f\v");
+ tmpstr = try_percent_escape (L_("Quality:"), "\t\r\n\f\v");
snprintf (line, DIM(line)-1, "SETQUALITYBAR %s", tmpstr? tmpstr:"");
line[DIM(line)-1] = 0;
xfree (tmpstr);
tooltip is limited to about 900 characters. If you do not
translate this entry, a default english text (see source)
will be used. */
- tooltip = _("pinentry.qualitybar.tooltip");
+ tooltip = L_("pinentry.qualitybar.tooltip");
if (!strcmp ("pinentry.qualitybar.tooltip", tooltip))
tooltip = ("The quality of the text entered above.\n"
"Please ask your administrator for "
if (!pininfo || pininfo->max_length < 1)
return gpg_error (GPG_ERR_INV_VALUE);
if (!desc_text && pininfo->min_digits)
- desc_text = _("Please enter your PIN, so that the secret key "
- "can be unlocked for this session");
+ desc_text = L_("Please enter your PIN, so that the secret key "
+ "can be unlocked for this session");
else if (!desc_text)
- desc_text = _("Please enter your passphrase, so that the secret key "
- "can be unlocked for this session");
+ desc_text = L_("Please enter your passphrase, so that the secret key "
+ "can be unlocked for this session");
if (prompt_text)
is_pin = !!strstr (prompt_text, "PIN");
return unlock_pinentry (rc);
snprintf (line, DIM(line)-1, "SETPROMPT %s",
- prompt_text? prompt_text : is_pin? "PIN:" : "Passphrase:");
+ prompt_text? prompt_text : is_pin? L_("PIN:") : L_("Passphrase:"));
line[DIM(line)-1] = 0;
rc = assuan_transact (entry_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
if (rc)
to the pinentry. */
if (pininfo->with_qualitybar && opt.min_passphrase_len )
{
- rc = setup_qualitybar ();
+ rc = setup_qualitybar (ctrl);
if (rc)
return unlock_pinentry (rc);
}
if (pininfo->with_repeat)
{
snprintf (line, DIM(line)-1, "SETREPEATERROR %s",
- _("does not match - try again"));
+ L_("does not match - try again"));
line[DIM(line)-1] = 0;
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
/* TRANSLATORS: The string is appended to an error message in
the pinentry. The %s is the actual error message, the
two %d give the current and maximum number of tries. */
- snprintf (line, DIM(line)-1, _("SETERROR %s (try %d of %d)"),
+ snprintf (line, DIM(line)-1, L_("SETERROR %s (try %d of %d)"),
errtext, pininfo->failed_tries+1, pininfo->max_tries);
line[DIM(line)-1] = 0;
rc = assuan_transact (entry_ctx, line,
if (pininfo->with_repeat)
{
- snprintf (line, DIM(line)-1, "SETREPEAT %s", _("Repeat:"));
+ snprintf (line, DIM(line)-1, "SETREPEAT %s", L_("Repeat:"));
line[DIM(line)-1] = 0;
rc = assuan_transact (entry_ctx, line,
NULL, NULL, NULL, NULL, NULL, NULL);
rc = gpg_err_make (gpg_err_source (rc), GPG_ERR_FULLY_CANCELED);
if (gpg_err_code (rc) == GPG_ERR_ASS_TOO_MUCH_DATA)
- errtext = is_pin? _("PIN too long")
- : _("Passphrase too long");
+ errtext = is_pin? L_("PIN too long")
+ : L_("Passphrase too long");
else if (rc)
return unlock_pinentry (rc);
{
/* do some basic checks on the entered PIN. */
if (!all_digitsp (pininfo->pin))
- errtext = _("Invalid characters in PIN");
+ errtext = L_("Invalid characters in PIN");
else if (pininfo->max_digits
&& strlen (pininfo->pin) > pininfo->max_digits)
- errtext = _("PIN too long");
+ errtext = L_("PIN too long");
else if (strlen (pininfo->pin) < pininfo->min_digits)
- errtext = _("PIN too short");
+ errtext = L_("PIN too short");
}
if (!errtext && pininfo->check_cb)
errtext = pininfo->cb_errtext;
else if (gpg_err_code (rc) == GPG_ERR_BAD_PASSPHRASE
|| gpg_err_code (rc) == GPG_ERR_BAD_PIN)
- errtext = (is_pin? _("Bad PIN")
- : _("Bad Passphrase"));
+ errtext = (is_pin? L_("Bad PIN") : L_("Bad Passphrase"));
else if (rc)
return unlock_pinentry (rc);
}
return rc;
if (!prompt)
- prompt = desc && strstr (desc, "PIN")? "PIN": _("Passphrase");
+ prompt = desc && strstr (desc, "PIN")? L_("PIN:"): L_("Passphrase:");
/* If we have a KEYINFO string and are normal, user, or ssh cache
if (with_qualitybar && opt.min_passphrase_len)
{
- rc = setup_qualitybar ();
+ rc = setup_qualitybar (ctrl);
if (rc)
return unlock_pinentry (rc);
}
gcry_sexp_release (key);
if (err)
goto out;
- prompt = xtryasprintf (_("An ssh process requested the use of key%%0A"
- " %s%%0A"
- " (%s)%%0A"
- "Do you want to allow this?"),
+ prompt = xtryasprintf (L_("An ssh process requested the use of key%%0A"
+ " %s%%0A"
+ " (%s)%%0A"
+ "Do you want to allow this?"),
fpr, comment? comment:"");
xfree (fpr);
gcry_free (comment);
- err = agent_get_confirmation (ctrl, prompt, _("Allow"), _("Deny"), 0);
+ err = agent_get_confirmation (ctrl, prompt, L_("Allow"), L_("Deny"), 0);
xfree (prompt);
if (err)
goto out;
/* Create signature. */
ctrl->use_auth_call = 1;
err = agent_pksign_do (ctrl, NULL,
- _("Please enter the passphrase "
- "for the ssh key%%0A %F%%0A (%c)"),
+ L_("Please enter the passphrase "
+ "for the ssh key%%0A %F%%0A (%c)"),
&signature_sexp,
CACHE_MODE_SSH, ttl_from_sshcontrol,
hash, hashlen);
unsigned char *buffer = NULL;
size_t buffer_n;
char *description = NULL;
- const char *description2 = _("Please re-enter this passphrase");
+ const char *description2 = L_("Please re-enter this passphrase");
char *comment = NULL;
char *key_fpr = NULL;
const char *initial_errtext = NULL;
goto out;
if ( asprintf (&description,
- _("Please enter a passphrase to protect"
- " the received secret key%%0A"
- " %s%%0A"
- " %s%%0A"
- "within gpg-agent's key storage"),
+ L_("Please enter a passphrase to protect"
+ " the received secret key%%0A"
+ " %s%%0A"
+ " %s%%0A"
+ "within gpg-agent's key storage"),
key_fpr, comment ? comment : "") < 0)
{
err = gpg_error_from_syserror ();
if (err == -1)
{ /* The re-entered one did not match and the user did not
hit cancel. */
- initial_errtext = _("does not match - try again");
+ initial_errtext = L_("does not match - try again");
goto next_try;
}
}
/* command.c - gpg-agent command handler
* Copyright (C) 2001-2011 Free Software Foundation, Inc.
* Copyright (C) 2001-2013 Werner Koch
+ * Copyright (C) 2015 g10 Code GmbH.
*
* This file is part of GnuPG.
*
char *p;
int opt_data, opt_check, opt_no_ask, opt_qualbar;
int opt_repeat = 0;
- char *repeat_errtext = NULL;
+ char *entry_errtext = NULL;
if (ctrl->restricted)
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
next_try:
rc = agent_get_passphrase (ctrl, &response, desc, prompt,
- repeat_errtext? repeat_errtext:errtext,
+ entry_errtext? entry_errtext:errtext,
opt_qualbar, cacheid, CACHE_MODE_USER);
- xfree (repeat_errtext);
- repeat_errtext = NULL;
+ xfree (entry_errtext);
+ entry_errtext = NULL;
if (!rc)
{
int i;
- if (opt_check && check_passphrase_constraints (ctrl, response, 0))
+ if (opt_check
+ && check_passphrase_constraints (ctrl, response, &entry_errtext))
{
xfree (response);
goto next_try;
{
xfree (response2);
xfree (response);
- repeat_errtext = try_percent_escape
+ entry_errtext = try_percent_escape
(_("does not match - try again"), NULL);
- if (!repeat_errtext)
+ if (!entry_errtext)
{
rc = gpg_error_from_syserror ();
break;
\f
static const char hlp_passwd[] =
- "PASSWD [--cache-nonce=<c>] [--passwd-nonce=<s>] [--preset] <hexkeygrip>\n"
+ "PASSWD [--cache-nonce=<c>] [--passwd-nonce=<s>] [--preset]\n"
+ " [--verify] <hexkeygrip>\n"
"\n"
- "Change the passphrase/PIN for the key identified by keygrip in LINE. When\n"
- "--preset is used then the new passphrase will be added to the cache.\n";
+ "Change the passphrase/PIN for the key identified by keygrip in LINE. If\n"
+ "--preset is used then the new passphrase will be added to the cache.\n"
+ "If --verify is used the command asks for the passphrase and verifies\n"
+ "that the passphrase valid.\n";
static gpg_error_t
cmd_passwd (assuan_context_t ctx, char *line)
{
unsigned char *shadow_info = NULL;
char *passphrase = NULL;
char *pend;
- int opt_preset;
+ int opt_preset, opt_verify;
if (ctrl->restricted)
return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
opt_preset = has_option (line, "--preset");
cache_nonce = option_value (line, "--cache-nonce");
+ opt_verify = has_option (line, "--verify");
if (cache_nonce)
{
for (pend = cache_nonce; *pend && !spacep (pend); pend++)
goto leave;
ctrl->in_passwd++;
- err = agent_key_from_file (ctrl, cache_nonce, ctrl->server_local->keydesc,
+ err = agent_key_from_file (ctrl,
+ opt_verify? NULL : cache_nonce,
+ ctrl->server_local->keydesc,
grip, &shadow_info, CACHE_MODE_IGNORE, NULL,
&s_skey, &passphrase);
if (err)
log_error ("changing a smartcard PIN is not yet supported\n");
err = gpg_error (GPG_ERR_NOT_IMPLEMENTED);
}
+ else if (opt_verify)
+ {
+ /* All done. */
+ }
else
{
char *newpass = NULL;
"%s:%%0A%%0A"
" \"%.*s\"",
no_card
- ? _("Please insert the card with serial number")
- : _("Please remove the current card and "
- "insert the one with serial number"),
+ ? L_("Please insert the card with serial number")
+ : L_("Please remove the current card and "
+ "insert the one with serial number"),
want_sn_displen, want_sn) < 0)
{
rc = out_of_core ();
for (s=info+1; s < ends; s++)
{
if (*s == 'A')
- prompt = _("Admin PIN");
+ prompt = L_("Admin PIN");
else if (*s == 'P')
{
/* TRANSLATORS: A PUK is the Personal Unblocking Code
used to unblock a PIN. */
- prompt = _("PUK");
+ prompt = L_("PUK");
is_puk = 1;
}
else if (*s == 'N')
newpin = 1;
else if (*s == 'R')
{
- prompt = _("Reset Code");
+ prompt = L_("Reset Code");
resetcode = 1;
}
}
char *desc;
if ( asprintf (&desc,
- _("%s%%0A%%0AUse the reader's pinpad for input."),
+ L_("%s%%0A%%0AUse the reader's pinpad for input."),
info) < 0 )
rc = gpg_error_from_syserror ();
else
pi2->max_tries = 1;
rc = agent_askpin (ctrl,
(resetcode?
- _("Repeat this Reset Code"):
+ L_("Repeat this Reset Code"):
is_puk?
- _("Repeat this PUK"):
- _("Repeat this PIN")),
+ L_("Repeat this PUK"):
+ L_("Repeat this PIN")),
prompt, NULL, pi2, NULL, 0);
if (!rc && strcmp (pi->pin, pi2->pin))
{
again_text = (resetcode?
- N_("Reset Code not correctly repeated; try again"):
+ L_("Reset Code not correctly repeated; try again"):
is_puk?
- N_("PUK not correctly repeated; try again"):
- N_("PIN not correctly repeated; try again"));
+ L_("PUK not correctly repeated; try again"):
+ L_("PIN not correctly repeated; try again"));
xfree (pi2);
xfree (pi);
goto again;
{
char *desc;
if ( asprintf (&desc,
- _("Please enter the PIN%s%s%s to unlock the card"),
+ L_("Please enter the PIN%s%s%s to unlock the card"),
info? " (":"",
info? info:"",
info? ")":"") < 0)
try_unprotect_cb (struct pin_entry_info_s *pi)
{
struct try_unprotect_arg_s *arg = pi->check_cb_arg;
+ ctrl_t ctrl = arg->ctrl;
size_t dummy;
gpg_error_t err;
gnupg_isotime_t now, protected_at, tmptime;
assert (!arg->unprotected_key);
arg->change_required = 0;
- err = agent_unprotect (arg->ctrl, arg->protected_key, pi->pin, protected_at,
+ err = agent_unprotect (ctrl, arg->protected_key, pi->pin, protected_at,
&arg->unprotected_key, &dummy);
if (err)
return err;
- if (!opt.max_passphrase_days || arg->ctrl->in_passwd)
+ if (!opt.max_passphrase_days || ctrl->in_passwd)
return 0; /* No regular passphrase change required. */
if (!*protected_at)
{
/* No protection date known - must force passphrase change. */
- desc = xtrystrdup (_("Note: This passphrase has never been changed.%0A"
- "Please change it now."));
+ desc = xtrystrdup (L_("Note: This passphrase has never been changed.%0A"
+ "Please change it now."));
if (!desc)
return gpg_error_from_syserror ();
}
{
/* Passphrase "expired". */
desc = xtryasprintf
- (_("This passphrase has not been changed%%0A"
- "since %.4s-%.2s-%.2s. Please change it now."),
+ (L_("This passphrase has not been changed%%0A"
+ "since %.4s-%.2s-%.2s. Please change it now."),
protected_at, protected_at+4, protected_at+6);
if (!desc)
return gpg_error_from_syserror ();
/* Change required. */
if (opt.enforce_passphrase_constraints)
{
- err = agent_get_confirmation (arg->ctrl, desc,
- _("Change passphrase"), NULL, 0);
+ err = agent_get_confirmation (ctrl, desc,
+ L_("Change passphrase"), NULL, 0);
if (!err)
arg->change_required = 1;
}
else
{
- err = agent_get_confirmation (arg->ctrl, desc,
- _("Change passphrase"),
- _("I'll change it later"), 0);
+ err = agent_get_confirmation (ctrl, desc,
+ L_("Change passphrase"),
+ L_("I'll change it later"), 0);
if (!err)
arg->change_required = 1;
else if (gpg_err_code (err) == GPG_ERR_CANCELED
if (!desc_text)
{
default_desc = xtryasprintf
- ("Do you really want to delete the key identified by keygrip%%0A"
- " %s%%0A %%C%%0A?", hexgrip);
+ (L_("Do you really want to delete the key identified by keygrip%%0A"
+ " %s%%0A %%C%%0A?"), hexgrip);
desc_text = default_desc;
}
goto leave;
err = agent_get_confirmation (ctrl, desc_text_final,
- _("Delete key"), _("No"), 0);
+ L_("Delete key"), L_("No"), 0);
if (err)
goto leave;
{
err = agent_get_confirmation
(ctrl,
- _("Warning: This key is also listed for use with SSH!\n"
- "Deleting the key might remove your ability to "
- "access remote machines."),
- _("Delete key"), _("No"), 0);
+ L_("Warning: This key is also listed for use with SSH!\n"
+ "Deleting the key might remove your ability to "
+ "access remote machines."),
+ L_("Delete key"), L_("No"), 0);
if (err)
goto leave;
}
/* genkey.c - Generate a keypair
* Copyright (C) 2002, 2003, 2004, 2007, 2010 Free Software Foundation, Inc.
+ * Copyright (C) 2015 g10 Code GmbH.
*
* This file is part of GnuPG.
*
if (opt.enforce_passphrase_constraints)
{
- err = agent_show_message (ctrl, desc, _("Enter new passphrase"));
+ err = agent_show_message (ctrl, desc, L_("Enter new passphrase"));
if (!err)
err = gpg_error (GPG_ERR_CANCELED);
}
else
err = agent_get_confirmation (ctrl, desc,
- anyway_btn, _("Enter new passphrase"), 0);
+ anyway_btn, L_("Enter new passphrase"), 0);
return err;
}
static int
take_this_one_anyway (ctrl_t ctrl, const char *desc)
{
- return take_this_one_anyway2 (ctrl, desc, _("Take this one anyway"));
+ return take_this_one_anyway2 (ctrl, desc, L_("Take this one anyway"));
}
/* Check whether the passphrase PW is suitable. Returns 0 if the
passphrase is suitable and true if it is not and the user should be
- asked to provide a different one. If SILENT is set, no message are
- displayed. */
+ asked to provide a different one. If FAILED_CONSTRAINT is set, a
+ message describing the problem is returned in
+ *FAILED_CONSTRAINT. */
int
-check_passphrase_constraints (ctrl_t ctrl, const char *pw, int silent)
+check_passphrase_constraints (ctrl_t ctrl, const char *pw,
+ char **failed_constraint)
{
gpg_error_t err = 0;
unsigned int minlen = opt.min_passphrase_len;
if (!*pw)
{
const char *desc = (opt.enforce_passphrase_constraints?
- _("You have not entered a passphrase!%0A"
- "An empty passphrase is not allowed.") :
- _("You have not entered a passphrase - "
- "this is in general a bad idea!%0A"
- "Please confirm that you do not want to "
- "have any protection on your key."));
-
- if (silent)
- return gpg_error (GPG_ERR_INV_PASSPHRASE);
-
- err = take_this_one_anyway2 (ctrl, desc,
- _("Yes, protection is not needed"));
+ L_("You have not entered a passphrase!%0A"
+ "An empty passphrase is not allowed.") :
+ L_("You have not entered a passphrase - "
+ "this is in general a bad idea!%0A"
+ "Please confirm that you do not want to "
+ "have any protection on your key."));
+
+ err = 1;
+ if (failed_constraint)
+ {
+ if (opt.enforce_passphrase_constraints)
+ *failed_constraint = xstrdup (desc);
+ else
+ err = take_this_one_anyway2 (ctrl, desc,
+ L_("Yes, protection is not needed"));
+ }
+
goto leave;
}
in in silent mode which returns immediately. */
if (utf8_charcount (pw) < minlen )
{
- if (silent)
+ if (!failed_constraint)
{
err = gpg_error (GPG_ERR_INV_PASSPHRASE);
goto leave;
if (nonalpha_count (pw) < minnonalpha )
{
- if (silent)
+ if (!failed_constraint)
{
err = gpg_error (GPG_ERR_INV_PASSPHRASE);
goto leave;
if (*pw && opt.check_passphrase_pattern &&
check_passphrase_pattern (ctrl, pw))
{
- if (silent)
+ if (!failed_constraint)
{
err = gpg_error (GPG_ERR_INV_PASSPHRASE);
goto leave;
}
msg3 = xtryasprintf
- (_("A passphrase may not be a known term or match%%0A"
- "certain pattern."));
+ (L_("A passphrase may not be a known term or match%%0A"
+ "certain pattern."));
if (!msg3)
{
err = gpg_error_from_syserror ();
}
}
- if (msg1 || msg2 || msg3)
+ if (failed_constraint && (msg1 || msg2 || msg3))
{
char *msg;
size_t n;
msg = strconcat
- (_("Warning: You have entered an insecure passphrase."),
+ (L_("Warning: You have entered an insecure passphrase."),
"%0A%0A",
msg1? msg1 : "", msg1? "%0A" : "",
msg2? msg2 : "", msg2? "%0A" : "",
if (n > 3 && !strcmp (msg + n - 3, "%0A"))
msg[n-3] = 0;
- /* Show error messages. */
- err = take_this_one_anyway (ctrl, msg);
- xfree (msg);
+ err = 1;
+ if (opt.enforce_passphrase_constraints)
+ *failed_constraint = msg;
+ else
+ {
+ err = take_this_one_anyway (ctrl, msg);
+ xfree (msg);
+ }
}
leave:
{
gpg_error_t err;
const char *text1 = prompt;
- const char *text2 = _("Please re-enter this passphrase");
- const char *initial_errtext = NULL;
+ const char *text2 = L_("Please re-enter this passphrase");
+ char *initial_errtext = NULL;
struct pin_entry_info_s *pi, *pi2;
*r_passphrase = NULL;
next_try:
err = agent_askpin (ctrl, text1, NULL, initial_errtext, pi, NULL, 0);
+ xfree (initial_errtext);
initial_errtext = NULL;
if (!err)
{
- if (check_passphrase_constraints (ctrl, pi->pin, 0))
+ if (check_passphrase_constraints (ctrl, pi->pin, &initial_errtext))
{
pi->failed_tries = 0;
pi2->failed_tries = 0;
if (err == -1)
{ /* The re-entered one did not match and the user did not
hit cancel. */
- initial_errtext = _("does not match - try again");
- goto next_try;
+ initial_errtext = xtrystrdup (L_("does not match - try again"));
+ if (initial_errtext)
+ goto next_try;
+ err = gpg_error_from_syserror ();
}
}
}
if (!*r_passphrase)
err = gpg_error_from_syserror ();
}
+
+ xfree (initial_errtext);
xfree (pi);
return err;
}
else
{
rc = agent_ask_new_passphrase (ctrl,
- _("Please enter the passphrase to%0A"
- "protect your new key"),
+ L_("Please enter the passphrase to%0A"
+ "protect your new key"),
&passphrase_buffer);
if (rc)
return rc;
*passphrase_addr = NULL;
}
err = agent_ask_new_passphrase (ctrl,
- _("Please enter the new passphrase"),
+ L_("Please enter the new passphrase"),
&pass);
if (!err)
err = store_key (s_skey, pass, 1, ctrl->s2k_count);
ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
- ARGPARSE_s_u (oDebug, "debug", "@"),
+ ARGPARSE_s_s (oDebug, "debug", "@"),
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
ARGPARSE_s_s (oDebugLevel, "debug-level", "@"),
ARGPARSE_s_i (oDebugWait," debug-wait", "@"),
};
+/* The list of supported debug flags. */
+static struct debug_flags_s debug_flags [] =
+ {
+ { DBG_COMMAND_VALUE, "command" },
+ { DBG_MPI_VALUE , "mpi" },
+ { DBG_CRYPTO_VALUE , "crypto" },
+ { DBG_MEMORY_VALUE , "memory" },
+ { DBG_CACHE_VALUE , "cache" },
+ { DBG_MEMSTAT_VALUE, "memstat" },
+ { DBG_HASHING_VALUE, "hashing" },
+ { DBG_IPC_VALUE , "ipc" },
+ { 77, NULL } /* 77 := Do not exit on "help" or "?". */
+ };
+
+
+
#define DEFAULT_CACHE_TTL (10*60) /* 10 minutes */
#define DEFAULT_CACHE_TTL_SSH (30*60) /* 30 minutes */
#define MAX_CACHE_TTL (120*60) /* 2 hours */
#endif
+/* Flag indicating that the ssh-agent subsystem has been enabled. */
+static int ssh_support;
+
#ifdef HAVE_W32_SYSTEM
/* Flag indicating that support for Putty has been enabled. */
static int putty_support;
*/
static char *create_socket_name (char *standard_name, int with_homedir);
-static gnupg_fd_t create_server_socket (char *name, int primary,
+static gnupg_fd_t create_server_socket (char *name, int primary, int cygwin,
char **r_redir_name,
assuan_sock_nonce_t *nonce);
static void create_directories (void);
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
if (opt.debug)
- log_info ("enabled debug flags:%s%s%s%s%s%s%s%s\n",
- (opt.debug & DBG_COMMAND_VALUE)? " command":"",
- (opt.debug & DBG_MPI_VALUE )? " mpi":"",
- (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
- (opt.debug & DBG_MEMORY_VALUE )? " memory":"",
- (opt.debug & DBG_CACHE_VALUE )? " cache":"",
- (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
- (opt.debug & DBG_HASHING_VALUE)? " hashing":"",
- (opt.debug & DBG_IPC_VALUE )? " ipc":"");
+ parse_debug_flag (NULL, &opt.debug, debug_flags);
}
case oQuiet: opt.quiet = 1; break;
case oVerbose: opt.verbose++; break;
- case oDebug: opt.debug |= pargs->r.ret_ulong; break;
+ case oDebug:
+ parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
+ break;
case oDebugAll: opt.debug = ~0; break;
case oDebugLevel: debug_level = pargs->r.ret_str; break;
case oDebugPinentry: opt.debug_pinentry = 1; break;
static void
finalize_rereadable_options (void)
{
- /* It would be too surprising if the max-cache-ttl is lower than the
- default-cache-ttl - thus we silently correct that. */
- if (opt.def_cache_ttl > opt.max_cache_ttl)
- opt.max_cache_ttl = opt.def_cache_ttl;
- if (opt.def_cache_ttl_ssh > opt.max_cache_ttl_ssh)
- opt.max_cache_ttl_ssh = opt.def_cache_ttl_ssh;
}
case oXauthority: default_xauthority = xstrdup (pargs.r.ret_str);
break;
- case oUseStandardSocket: /* dummy */ break;
- case oNoUseStandardSocket: /* dummy */ break;
+ case oUseStandardSocket:
+ case oNoUseStandardSocket:
+ obsolete_option (configname, configlineno, "use-standard-socket");
+ break;
case oFakedSystemTime:
{
case oKeepTTY: opt.keep_tty = 1; break;
case oKeepDISPLAY: opt.keep_display = 1; break;
- case oSSHSupport: opt.ssh_support = 1; break;
+ case oSSHSupport:
+ ssh_support = 1;
+ break;
case oPuttySupport:
# ifdef HAVE_W32_SYSTEM
putty_support = 1;
- opt.ssh_support = 1;
# endif
break;
/* Only used by the first stage command line parser. */
break;
- case oWriteEnvFile: /* dummy */ break;
+ case oWriteEnvFile:
+ obsolete_option (configname, configlineno, "write-env-file");
+ break;
default : pargs.err = configfp? 1:2; break;
}
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
es_printf ("disable-scdaemon:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
+ es_printf ("enable-ssh-support:%lu:\n", GC_OPT_FLAG_NONE);
#ifdef HAVE_W32_SYSTEM
es_printf ("enable-putty-support:%lu:\n", GC_OPT_FLAG_NONE);
-#else
- es_printf ("enable-ssh-support:%lu:\n", GC_OPT_FLAG_NONE);
#endif
es_printf ("allow-loopback-pinentry:%lu:\n",
GC_OPT_FLAG_NONE|GC_OPT_FLAG_RUNTIME);
gnupg_unsetenv ("DISPLAY");
#endif
+ /* Remove the INSIDE_EMACS variable so that a pinentry does not
+ always try to interact with Emacs. The variable is set when
+ a client requested this using an OPTION command. */
+ gnupg_unsetenv ("INSIDE_EMACS");
+
/* Create the sockets. */
socket_name = create_socket_name (GPG_AGENT_SOCK_NAME, 1);
- fd = create_server_socket (socket_name, 1,
+ fd = create_server_socket (socket_name, 1, 0,
&redir_socket_name, &socket_nonce);
if (opt.extra_socket)
{
socket_name_extra = create_socket_name (socket_name_extra, 0);
opt.extra_socket = 2; /* Indicate that it has been malloced. */
- fd_extra = create_server_socket (socket_name_extra, 0,
+ fd_extra = create_server_socket (socket_name_extra, 0, 0,
&redir_socket_name_extra,
&socket_nonce_extra);
}
{
socket_name_browser = create_socket_name (socket_name_browser, 0);
opt.browser_socket = 2; /* Indicate that it has been malloced. */
- fd_browser = create_server_socket (socket_name_browser, 0,
+ fd_browser = create_server_socket (socket_name_browser, 0, 0,
&redir_socket_name_browser,
&socket_nonce_browser);
}
- if (opt.ssh_support)
+ if (ssh_support)
{
socket_name_ssh = create_socket_name (GPG_AGENT_SSH_SOCK_NAME, 1);
- fd_ssh = create_server_socket (socket_name_ssh, 0,
+ fd_ssh = create_server_socket (socket_name_ssh, 0, 1,
&redir_socket_name_ssh,
&socket_nonce_ssh);
}
#endif /*HAVE_SIGPROCMASK*/
/* Create the SSH info string if enabled. */
- if (opt.ssh_support)
+ if (ssh_support)
{
if (asprintf (&infostr_ssh_sock, "SSH_AUTH_SOCK=%s",
socket_name_ssh) < 0)
*socket_name_extra = 0;
if (opt.browser_socket)
*socket_name_browser = 0;
- if (opt.ssh_support)
+ if (ssh_support)
*socket_name_ssh = 0;
if (argc)
{ /* Run the program given on the commandline. */
- if (opt.ssh_support && (putenv (infostr_ssh_sock)
- || putenv (infostr_ssh_valid)))
+ if (ssh_support && (putenv (infostr_ssh_sock)
+ || putenv (infostr_ssh_valid)))
{
log_error ("failed to set environment: %s\n",
strerror (errno) );
shell's eval to set it */
if (csh_style)
{
- if (opt.ssh_support)
+ if (ssh_support)
{
*strchr (infostr_ssh_sock, '=') = ' ';
es_printf ("setenv %s;\n", infostr_ssh_sock);
}
else
{
- if (opt.ssh_support)
+ if (ssh_support)
{
es_printf ("%s; export SSH_AUTH_SOCK;\n",
infostr_ssh_sock);
}
}
- if (opt.ssh_support)
+ if (ssh_support)
{
xfree (infostr_ssh_sock);
xfree (infostr_ssh_valid);
function needs to be used for the regular socket first (indicated
by PRIMARY) and only then for the extra and the ssh sockets. If
the socket has been redirected the name of the real socket is
- stored as a malloced string at R_REDIR_NAME. */
+ stored as a malloced string at R_REDIR_NAME. If CYGWIN is set a
+ Cygwin compatible socket is created (Windows only). */
static gnupg_fd_t
-create_server_socket (char *name, int primary,
+create_server_socket (char *name, int primary, int cygwin,
char **r_redir_name, assuan_sock_nonce_t *nonce)
{
struct sockaddr *addr;
agent_exit (2);
}
+#if ASSUAN_VERSION_NUMBER >= 0x020300 /* >= 2.3.0 */
+ if (cygwin)
+ assuan_sock_set_flag (fd, "cygwin", 1);
+#else
+ (void)cygwin;
+#endif
+
unaddr = xmalloc (sizeof *unaddr);
addr = (struct sockaddr*)unaddr;
plain % sign, you need to encode it as "%%25". The
"%s" gets replaced by the name as stored in the
certificate. */
- _("Do you ultimately trust%%0A"
- " \"%s\"%%0A"
- "to correctly certify user certificates?"),
+ L_("Do you ultimately trust%%0A"
+ " \"%s\"%%0A"
+ "to correctly certify user certificates?"),
nameformatted);
if (!desc)
{
xfree (nameformatted);
return out_of_core ();
}
- err = agent_get_confirmation (ctrl, desc, _("Yes"), _("No"), 1);
+ err = agent_get_confirmation (ctrl, desc, L_("Yes"), L_("No"), 1);
xfree (desc);
if (!err)
yes_i_trust = 1;
"%%25". The second "%s" gets replaced by a hexdecimal
fingerprint string whereas the first one receives the name
as stored in the certificate. */
- _("Please verify that the certificate identified as:%%0A"
- " \"%s\"%%0A"
- "has the fingerprint:%%0A"
- " %s"), nameformatted, fprformatted);
+ L_("Please verify that the certificate identified as:%%0A"
+ " \"%s\"%%0A"
+ "has the fingerprint:%%0A"
+ " %s"), nameformatted, fprformatted);
if (!desc)
{
xfree (fprformatted);
/* TRANSLATORS: "Correct" is the label of a button and intended
to be hit if the fingerprint matches the one of the CA. The
other button is "the default "Cancel" of the Pinentry. */
- err = agent_get_confirmation (ctrl, desc, _("Correct"), _("Wrong"), 1);
+ err = agent_get_confirmation (ctrl, desc, L_("Correct"), L_("Wrong"), 1);
xfree (desc);
if (gpg_err_code (err) == GPG_ERR_NOT_CONFIRMED)
yes_i_trust = 0;
$(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 installer
this-w32-installer: check-tools
- $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=0 installer
+ $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=0 \
+ CUSTOM_SWDB=1 installer
w32-source: check-tools
$(SPEEDOMAKE) TARGETOS=w32 WHAT=release WITH_GUI=0 dist-source
$(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 dist-source
this-w32-source: check-tools
- $(SPEEDOMAKE) TARGETOS=w32 WHAT=git WITH_GUI=0 dist-source
+ $(SPEEDOMAKE) TARGETOS=w32 WHAT=this WITH_GUI=0 \
+ CUSTOM_SWDB=1 dist-source
# Set this to "git" to build from git,
--anchored --exclude './PLAY' . ;\
tar --totals -rf "$$tarname" --exclude-backups --exclude-vc \
--transform='s,^,$(INST_NAME)-$(INST_VERSION)/,' \
- PLAY/stamps/stamp-*-00-unpack PLAY/src ;\
+ PLAY/stamps/stamp-*-00-unpack PLAY/src swdb.lst swdb.lst.sig ;\
xz "$$tarname" ;\
)
/* i18n.c - gettext initialization
- * Copyright (C) 2007, 2010 Free Software Foundation, Inc.
+ * Copyright (C) 2007, 2010 Free Software Foundation, Inc.
+ * Copyright (C) 2015 g10 Code GmbH
*
* This file is free software; you can redistribute it and/or modify
* it under the terms of either
#include "i18n.h"
+/* An object to store pointers to static strings and there static
+ translation. A linked list is not optimal but given that we only
+ have a few dozen messages it should be acceptable. */
+struct msg_cache_s
+{
+ struct msg_cache_s *next;
+ const char *key;
+ const char *value;
+};
+
+/* A object to store an lc_messages string and a link to the cache
+ object. */
+struct msg_cache_heads_s
+{
+ struct msg_cache_heads_s *next;
+ struct msg_cache_s *cache;
+ char lc_messages[1];
+};
+
+/* Out static cache of translated messages. We need this because
+ there is no gettext API to return a translation depending on the
+ locale. Switching the locale for each access to a translatable
+ string seems to be too expensive. Note that this is used only for
+ strings in gpg-agent which are passed to Pinentry. All other
+ strings are using the regular gettext interface. Note that we can
+ never release this memory because consumers take the result as
+ static strings. */
+static struct msg_cache_heads_s *msgcache;
+
+
+
void
i18n_init (void)
{
i18n_switchback (saved);
return result;
}
+
+
+/* A variant of gettext which allows to specify the local to use for
+ translating the message. The function assumes that utf-8 is used
+ for the encoding. */
+const char *
+i18n_localegettext (const char *lc_messages, const char *string)
+{
+#if defined(HAVE_SETLOCALE) && defined(LC_MESSAGES) \
+ && !defined(USE_SIMPLE_GETTEXT) && defined(ENABLE_NLS)
+ const char *result = NULL;
+ char *saved = NULL;
+ struct msg_cache_heads_s *mh;
+ struct msg_cache_s *mc;
+
+ if (!lc_messages)
+ goto leave;
+
+ /* Lookup in the cache. */
+ for (mh = msgcache; mh; mh = mh->next)
+ if (!strcmp (mh->lc_messages, lc_messages))
+ break;
+ if (mh)
+ {
+ /* A cache entry for this local exists - find the string.
+ Because the system is designed for static strings it is
+ sufficient to compare the pointers. */
+ for (mc = mh->cache; mc; mc = mc->next)
+ if (mc->key == string)
+ {
+ /* Cache hit. */
+ result = mc->value;
+ goto leave;
+ }
+ }
+
+ /* Cached miss. Change the locale, translate, reset locale. */
+ saved = setlocale (LC_MESSAGES, NULL);
+ if (!saved)
+ goto leave;
+ saved = xtrystrdup (saved);
+ if (!saved)
+ goto leave;
+ if (!setlocale (LC_MESSAGES, lc_messages))
+ goto leave;
+
+ bindtextdomain (PACKAGE_GT, LOCALEDIR);
+ result = gettext (string);
+ setlocale (LC_MESSAGES, saved);
+ bindtextdomain (PACKAGE_GT, LOCALEDIR);
+
+ /* Cache the result. */
+ if (!mh)
+ {
+ /* First use of this locale - create an entry. */
+ mh = xtrymalloc (sizeof *mh + strlen (lc_messages));
+ if (!mh)
+ goto leave;
+ strcpy (mh->lc_messages, lc_messages);
+ mh->cache = NULL;
+ mh->next = msgcache;
+ msgcache = mh;
+ }
+ mc = xtrymalloc (sizeof *mc);
+ if (!mc)
+ goto leave;
+ mc->key = string;
+ mc->value = result;
+ mc->next = mh->cache;
+ mh->cache = mc;
+
+ leave:
+ xfree (saved);
+ return result? result : _(string);
+
+#else /*!(HAVE_SETLOCALE && LC_MESSAGES ...)*/
+ (void)lc_messages;
+ return _(string);
+#endif /*!(HAVE_SETLOCALE && LC_MESSAGES ...)*/
+}
# endif
#endif /*!USE_SIMPLE_GETTEXT*/
+#ifndef GNUPG_GCC_ATTR_FORMAT_ARG
+#if __GNUC__ >= 3 /* Actually 2.8 but testing the major is easier. */
+# define GNUPG_GCC_ATTR_FORMAT_ARG(a) __attribute__ ((__format_arg__ (a)))
+#else
+# define GNUPG_GCC_ATTR_FORMAT_ARG(a)
+#endif
+#endif
+
void i18n_init (void);
char *i18n_switchto_utf8 (void);
void i18n_switchback (char *saved_codeset);
const char *i18n_utf8 (const char *string);
+const char *i18n_localegettext (const char *lc_messages, const char *string)
+ GNUPG_GCC_ATTR_FORMAT_ARG(2);
+
+/* If a module wants a local L_() fucntion we define it here. */
+#ifdef LunderscoreIMPL
+LunderscorePROTO
+LunderscoreIMPL
+#endif
#endif /*GNUPG_COMMON_I18N_H*/
#include <config.h>
#include <stdlib.h>
+#include <limits.h>
#include <errno.h>
#include "util.h"
gcry_set_outofcore_handler (my_gcry_outofcore_handler, NULL);
}
+
/* A wrapper around gcry_cipher_algo_name to return the string
"AES-128" instead of "AES". Given that we have an alias in
libgcrypt for it, it does not harm to too much to return this other
}
+void
+obsolete_option (const char *configname, unsigned int configlineno,
+ const char *name)
+{
+ if (configname)
+ log_info (_("%s:%u: obsolete option \"%s\" - it has no effect\n"),
+ configname, configlineno, name);
+ else
+ log_info (_("WARNING: \"%s%s\" is an obsolete option - it has no effect\n"),
+ "--", name);
+}
+
+
/* Decide whether the filename is stdout or a real filename and return
* an appropriate string. */
const char *
&& a_micro == b_micro
&& strcmp (a_plvl, b_plvl) >= 0));
}
+
+
+\f
+/* Parse an --debug style argument. We allow the use of number values
+ * in the usual C notation or a string with comma separated keywords.
+ *
+ * Returns: 0 on success or -1 and ERRNO set on error. On success the
+ * supplied variable is updated by the parsed flags.
+ *
+ * If STRING is NULL the enabled debug flags are printed.
+ */
+int
+parse_debug_flag (const char *string, unsigned int *debugvar,
+ const struct debug_flags_s *flags)
+
+{
+ unsigned long result = 0;
+ int i, j;
+
+ if (!string)
+ {
+ if (debugvar)
+ {
+ log_info ("enabled debug flags:");
+ for (i=0; flags[i].name; i++)
+ if ((*debugvar & flags[i].flag))
+ log_printf (" %s", flags[i].name);
+ log_printf ("\n");
+ }
+ return 0;
+ }
+
+ while (spacep (string))
+ string++;
+ if (*string == '-')
+ {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (!strcmp (string, "?") || !strcmp (string, "help"))
+ {
+ log_info ("available debug flags:\n");
+ for (i=0; flags[i].name; i++)
+ log_info (" %5u %s\n", flags[i].flag, flags[i].name);
+ if (flags[i].flag != 77)
+ exit (0);
+ }
+ else if (digitp (string))
+ {
+ errno = 0;
+ result = strtoul (string, NULL, 0);
+ if (result == ULONG_MAX && errno == ERANGE)
+ return -1;
+ }
+ else
+ {
+ char **words;
+ words = strtokenize (string, ",");
+ if (!words)
+ return -1;
+ for (i=0; words[i]; i++)
+ {
+ if (*words[i])
+ {
+ for (j=0; flags[j].name; j++)
+ if (!strcmp (words[i], flags[j].name))
+ {
+ result |= flags[j].flag;
+ break;
+ }
+ if (!flags[j].name)
+ {
+ if (!strcmp (words[i], "none"))
+ {
+ *debugvar = 0;
+ result = 0;
+ }
+ else if (!strcmp (words[i], "all"))
+ result = ~0;
+ else
+ log_info (_("unknown debug flag '%s' ignored\n"), words[i]);
+ }
+ }
+ }
+ xfree (words);
+ }
+
+ *debugvar |= result;
+ return 0;
+}
modules (eg "@im=SCIM"). */
{ "GTK_IM_MODULE" }, /* Used by gtk to select gtk input
modules (eg "scim-bridge"). */
+ { "DBUS_SESSION_BUS_ADDRESS" },/* Used by GNOME3 to talk to gcr over
+ dbus */
{ "QT_IM_MODULE" }, /* Used by Qt to select qt input
modules (eg "xim"). */
{ "INSIDE_EMACS" }, /* Set by Emacs before running a
# endif
# include <windows.h>
#endif
+#include <assert.h>
#include "util.h"
#include "common-defs.h"
return result;
}
+
+
+/* Tokenize STRING using the set of delimiters in DELIM. Leading
+ * spaces and tabs are removed from all tokens. The caller must xfree
+ * the result.
+ *
+ * Returns: A malloced and NULL delimited array with the tokens. On
+ * memory error NULL is returned and ERRNO is set.
+ */
+char **
+strtokenize (const char *string, const char *delim)
+{
+ const char *s;
+ size_t fields;
+ size_t bytes, n;
+ char *buffer;
+ char *p, *px, *pend;
+ char **result;
+
+ /* Count the number of fields. */
+ for (fields = 1, s = strpbrk (string, delim); s; s = strpbrk (s + 1, delim))
+ fields++;
+ fields++; /* Add one for the terminating NULL. */
+
+ /* Allocate an array for all fields, a terminating NULL, and space
+ for a copy of the string. */
+ bytes = fields * sizeof *result;
+ if (bytes / sizeof *result != fields)
+ {
+ gpg_err_set_errno (ENOMEM);
+ return NULL;
+ }
+ n = strlen (string) + 1;
+ bytes += n;
+ if (bytes < n)
+ {
+ gpg_err_set_errno (ENOMEM);
+ return NULL;
+ }
+ result = xtrymalloc (bytes);
+ if (!result)
+ return NULL;
+ buffer = (char*)(result + fields);
+
+ /* Copy and parse the string. */
+ strcpy (buffer, string);
+ for (n = 0, p = buffer; (pend = strpbrk (p, delim)); p = pend + 1)
+ {
+ *pend = 0;
+ while (spacep (p))
+ p++;
+ for (px = pend - 1; px >= p && spacep (px); px--)
+ *px = 0;
+ result[n++] = p;
+ }
+ while (spacep (p))
+ p++;
+ for (px = p + strlen (p) - 1; px >= p && spacep (px); px--)
+ *px = 0;
+ result[n++] = p;
+ result[n] = NULL;
+
+ assert ((char*)(result + n + 1) == buffer);
+
+ return result;
+}
char **strsplit (char *string, char delim, char replacement, int *count);
+/* Tokenize STRING using the set of delimiters in DELIM. */
+char **strtokenize (const char *string, const char *delim);
+
+
/*-- mapstrings.c --*/
const char *map_static_macro_string (const char *string);
}
}
+
+
+static void
+test_strtokenize (void)
+{
+ struct {
+ const char *s;
+ const char *delim;
+ const char *fields_expected[10];
+ } tv[] = {
+ {
+ "", ":",
+ { "", NULL }
+ },
+ {
+ "a", ":",
+ { "a", NULL }
+ },
+ {
+ ":", ":",
+ { "", "", NULL }
+ },
+ {
+ "::", ":",
+ { "", "", "", NULL }
+ },
+ {
+ "a:b:c", ":",
+ { "a", "b", "c", NULL }
+ },
+ {
+ "a:b:", ":",
+ { "a", "b", "", NULL }
+ },
+ {
+ "a:b", ":",
+ { "a", "b", NULL }
+ },
+ {
+ "aa:b:cd", ":",
+ { "aa", "b", "cd", NULL }
+ },
+ {
+ "aa::b:cd", ":",
+ { "aa", "", "b", "cd", NULL }
+ },
+ {
+ "::b:cd", ":",
+ { "", "", "b", "cd", NULL }
+ },
+ {
+ "aa: : b:cd ", ":",
+ { "aa", "", "b", "cd", NULL }
+ },
+ {
+ " aa: : b: cd ", ":",
+ { "aa", "", "b", "cd", NULL }
+ },
+ {
+ " ", ":",
+ { "", NULL }
+ },
+ {
+ " :", ":",
+ { "", "", NULL }
+ },
+ {
+ " : ", ":",
+ { "", "", NULL }
+ },
+ {
+ ": ", ":",
+ { "", "", NULL }
+ },
+ {
+ ": x ", ":",
+ { "", "x", NULL }
+ },
+ {
+ "a:bc:cde:fghi:jklmn::foo:", ":",
+ { "a", "bc", "cde", "fghi", "jklmn", "", "foo", "", NULL }
+ },
+ {
+ ",a,bc,,def,", ",",
+ { "", "a", "bc", "", "def", "", NULL }
+ },
+ {
+ " a ", " ",
+ { "", "a", "", NULL }
+ },
+ {
+ " ", " ",
+ { "", "", NULL }
+ },
+ {
+ "", " ",
+ { "", NULL }
+ }
+ };
+
+ int tidx;
+
+ for (tidx = 0; tidx < DIM(tv); tidx++)
+ {
+ char **fields;
+ int field_count;
+ int field_count_expected;
+ int i;
+
+ for (field_count_expected = 0;
+ tv[tidx].fields_expected[field_count_expected];
+ field_count_expected ++)
+ ;
+
+ fields = strtokenize (tv[tidx].s, tv[tidx].delim);
+ if (!fields)
+ fail (tidx * 1000);
+ else
+ {
+ for (field_count = 0; fields[field_count]; field_count++)
+ ;
+ if (field_count != field_count_expected)
+ fail (tidx * 1000);
+ else
+ {
+ for (i = 0; i < field_count_expected; i++)
+ if (strcmp (tv[tidx].fields_expected[i], fields[i]))
+ {
+ printf ("For field %d, expected '%s', but got '%s'\n",
+ i, tv[tidx].fields_expected[i], fields[i]);
+ fail (tidx * 1000 + i + 1);
+ }
+ }
+ }
+
+ xfree (fields);
+ }
+}
+
+
int
main (int argc, char **argv)
{
test_make_filename_try ();
test_make_absfilename_try ();
test_strsplit ();
+ test_strtokenize ();
xfree (home_buffer);
return 0;
/* GCC attributes. */
+#ifndef GNUPG_GCC_ATTR_FORMAT_ARG
+#if __GNUC__ >= 3 /* Actually 2.8 but testing the major is easier. */
+# define GNUPG_GCC_ATTR_FORMAT_ARG(a) __attribute__ ((__format_arg__ (a)))
+#else
+# define GNUPG_GCC_ATTR_FORMAT_ARG(a)
+#endif
+#endif
+
#if __GNUC__ >= 4
# define GNUPG_GCC_A_SENTINEL(a) __attribute__ ((sentinel(a)))
#else
/* Replacement for gcry_cipher_algo_name. */
const char *gnupg_cipher_algo_name (int algo);
+void obsolete_option (const char *configname, unsigned int configlineno,
+ const char *name);
+
const char *print_fname_stdout (const char *s);
const char *print_fname_stdin (const char *s);
void print_utf8_buffer3 (estream_t fp, const void *p, size_t n,
int gnupg_compare_version (const char *a, const char *b);
+struct debug_flags_s
+{
+ unsigned int flag;
+ const char *name;
+};
+int parse_debug_flag (const char *string, unsigned int *debugvar,
+ const struct debug_flags_s *flags);
+
/*-- Simple replacement functions. */
m4_define([mym4_package],[gnupg])
m4_define([mym4_major], [2])
m4_define([mym4_minor], [1])
-m4_define([mym4_micro], [5])
+m4_define([mym4_micro], [6])
# To start a new development series, i.e a new major or minor number
# you need to mark an arbitrary commit before the first beta release
issuername_uri = ksba_name_get_uri (issuername, 0);
ksba_name_release (issuername); issuername = NULL;
+ /* Close the reader. */
+ crl_close_reader (reader);
+ reader = NULL;
}
if (gpg_err_code (err) == GPG_ERR_EOF)
err = 0;
if (opt.verbose)
log_info ("no distribution point - trying issuer name\n");
- if (reader)
- {
- crl_close_reader (reader);
- reader = NULL;
- }
+ crl_close_reader (reader);
+ reader = NULL;
issuer = ksba_cert_get_issuer (cert, 0);
if (!issuer)
}
leave:
- if (reader)
- crl_close_reader (reader);
+ crl_close_reader (reader);
xfree (distpoint_uri);
xfree (issuername_uri);
ksba_name_release (distpoint);
ARGPARSE_s_s (oSocketName, "socket-name", "@"), /* Only for debugging. */
ARGPARSE_s_u (oFakedSystemTime, "faked-system-time", "@"), /*(epoch time)*/
- ARGPARSE_p_u (oDebug, "debug", "@"),
+ ARGPARSE_s_s (oDebug, "debug", "@"),
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
ARGPARSE_s_i (oGnutlsDebug, "gnutls-debug", "@"),
ARGPARSE_s_i (oGnutlsDebug, "tls-debug", "@"),
ARGPARSE_end ()
};
+/* The list of supported debug flags. */
+static struct debug_flags_s debug_flags [] =
+ {
+ { DBG_X509_VALUE , "x509" },
+ { DBG_CRYPTO_VALUE , "crypto" },
+ { DBG_MEMORY_VALUE , "memory" },
+ { DBG_CACHE_VALUE , "cache" },
+ { DBG_MEMSTAT_VALUE, "memstat" },
+ { DBG_HASHING_VALUE, "hashing" },
+ { DBG_IPC_VALUE , "ipc" },
+ { DBG_LOOKUP_VALUE , "lookup" },
+ { 77, NULL } /* 77 := Do not exit on "help" or "?". */
+ };
+
#define DEFAULT_MAX_REPLIES 10
#define DEFAULT_LDAP_TIMEOUT 100 /* arbitrary large timeout */
/* The key used to store the current file descriptor in the thread
local storage. We use this in conjunction with the
- log_set_pid_suffix_cb feature.. */
+ log_set_pid_suffix_cb feature. */
#ifndef HAVE_W32_SYSTEM
static int my_tlskey_current_fd;
#endif
gnutls_global_set_log_level (opt_gnutls_debug);
}
#endif /*HTTP_USE_GNUTLS*/
+
+ if (opt.debug)
+ parse_debug_flag (NULL, &opt.debug, debug_flags);
}
{
case oQuiet: opt.quiet = 1; break;
case oVerbose: opt.verbose++; break;
- case oDebug: opt.debug |= pargs->r.ret_ulong; break;
+ case oDebug:
+ parse_debug_flag (pargs->r.ret_str, &opt.debug, debug_flags);
+ break;
case oDebugAll: opt.debug = ~0; break;
case oDebugLevel: debug_level = pargs->r.ret_str; break;
case oGnutlsDebug: opt_gnutls_debug = pargs->r.ret_int; break;
{
union int_and_ptr_u value;
+ memset (&value, 0, sizeof value);
value.aptr = npth_getspecific (my_tlskey_current_fd);
*r_suffix = value.aint;
return (*r_suffix != -1); /* Use decimal representation. */
case oVerbose: opt.verbose++; break;
case oBatch: opt.batch=1; break;
- case oDebug: opt.debug |= pargs.r.ret_ulong; break;
- case oDebugAll: opt.debug = ~0; break;
- case oDebugLevel: debug_level = pargs.r.ret_str; break;
case oDebugWait: debug_wait = pargs.r.ret_int; break;
case oOptions:
union int_and_ptr_u argval;
gnupg_fd_t fd;
+ memset (&argval, 0, sizeof argval);
argval.aptr = arg;
fd = argval.afd;
union int_and_ptr_u argval;
npth_t thread;
+ memset (&argval, 0, sizeof argval);
argval.afd = fd;
snprintf (threadname, sizeof threadname-1,
"conn fd=%d", FD2INT(fd));
threadname[sizeof threadname -1] = 0;
- ret = npth_create (&thread, &tattr, start_connection_thread, argval.aptr);
+ ret = npth_create (&thread, &tattr,
+ start_connection_thread, argval.aptr);
if (ret)
{
log_error ("error spawning connection handler: %s\n",
{
if (n < 0)
log_error (_("error reading log from ldap wrapper %d: %s\n"),
- ctx->pid, strerror (errno));
+ (int)ctx->pid, strerror (errno));
print_log_line (ctx, NULL);
SAFE_CLOSE (ctx->log_fd);
return 1;
struct timespec abstime;
struct timespec curtime;
struct timespec timeout;
- int saved_errno;
- fd_set fdset, read_fdset;
+ fd_set fdset;
int ret;
time_t exptime;
(void)dummy;
- FD_ZERO (&fdset);
- nfds = -1;
- for (ctx = wrapper_list; ctx; ctx = ctx->next)
- {
- if (ctx->log_fd != -1)
- {
- FD_SET (ctx->log_fd, &fdset);
- if (ctx->log_fd > nfds)
- nfds = ctx->log_fd;
- }
- }
- nfds++;
-
npth_clock_gettime (&abstime);
abstime.tv_sec += TIMERTICK_INTERVAL;
{
int any_action = 0;
- /* POSIX says that fd_set should be implemented as a structure,
- thus a simple assignment is fine to copy the entire set. */
- read_fdset = fdset;
-
npth_clock_gettime (&curtime);
if (!(npth_timercmp (&curtime, &abstime, <)))
{
/* Inactivity is checked below. Nothing else to do. */
- // handle_tick ();
npth_clock_gettime (&abstime);
abstime.tv_sec += TIMERTICK_INTERVAL;
}
npth_timersub (&abstime, &curtime, &timeout);
+ FD_ZERO (&fdset);
+ nfds = -1;
+ for (ctx = wrapper_list; ctx; ctx = ctx->next)
+ {
+ if (ctx->log_fd != -1)
+ {
+ FD_SET (ctx->log_fd, &fdset);
+ if (ctx->log_fd > nfds)
+ nfds = ctx->log_fd;
+ }
+ }
+ nfds++;
+
/* FIXME: For Windows, we have to use a reader thread on the
pipe that signals an event (and a npth_select_ev variant). */
- ret = npth_pselect (nfds + 1, &read_fdset, NULL, NULL, &timeout, NULL);
- saved_errno = errno;
-
- if (ret == -1 && saved_errno != EINTR)
+ ret = npth_pselect (nfds + 1, &fdset, NULL, NULL, &timeout, NULL);
+ if (ret == -1)
{
- log_error (_("npth_select failed: %s - waiting 1s\n"),
- strerror (saved_errno));
- npth_sleep (1);
+ if (errno != EINTR)
+ {
+ log_error (_("npth_select failed: %s - waiting 1s\n"),
+ strerror (errno));
+ npth_sleep (1);
+ }
continue;
}
- if (ret <= 0)
- /* Interrupt or timeout. Will be handled when calculating the
- next timeout. */
- continue;
-
/* All timestamps before exptime should be considered expired. */
exptime = time (NULL);
if (exptime > INACTIVITY_TIMEOUT)
for (ctx = wrapper_list; ctx; ctx = ctx->next)
{
/* Check whether there is any logging to be done. */
- if (nfds && ctx->log_fd != -1 && FD_ISSET (ctx->log_fd, &read_fdset))
+ if (nfds && ctx->log_fd != -1 && FD_ISSET (ctx->log_fd, &fdset))
{
if (read_log_data (ctx))
- any_action = 1;
+ {
+ SAFE_CLOSE (ctx->log_fd);
+ any_action = 1;
+ }
}
/* Check whether the process is still running. */
The TrustDB is built from fixed length records, where the first byte
describes the record type. All numeric values are stored in network
- byte order. The length of each record is 40 bytes. The first record
- of the DB is always of type 1 and this is the only record of this
- type.
-
- FIXME: The layout changed, document it here.
-#+begin_example
- Record type 0:
- --------------
- Unused record, can be reused for any purpose.
-
- Record type 1:
- --------------
- Version information for this TrustDB. This is always the first
- record of the DB and the only one with type 1.
- 1 byte value 1
- 3 bytes 'gpg' magic value
- 1 byte Version of the TrustDB (2)
- 1 byte marginals needed
- 1 byte completes needed
- 1 byte max_cert_depth
- The three items are used to check whether the cached
- validity value from the dir record can be used.
- 1 u32 locked flags [not used]
- 1 u32 timestamp of trustdb creation
- 1 u32 timestamp of last modification which may affect the validity
- of keys in the trustdb. This value is checked against the
- validity timestamp in the dir records.
- 1 u32 timestamp of last validation [currently not used]
- (Used to keep track of the time, when this TrustDB was checked
- against the pubring)
- 1 u32 record number of keyhashtable [currently not used]
- 1 u32 first free record
- 1 u32 record number of shadow directory hash table [currently not used]
- It does not make sense to combine this table with the key table
- because the keyid is not in every case a part of the fingerprint.
- 1 u32 record number of the trusthashtbale
-
-
- Record type 2: (directory record)
- --------------
- Informations about a public key certificate.
- These are static values which are never changed without user interaction.
-
- 1 byte value 2
- 1 byte reserved
- 1 u32 LID . (This is simply the record number of this record.)
- 1 u32 List of key-records (the first one is the primary key)
- 1 u32 List of uid-records
- 1 u32 cache record
- 1 byte ownertrust
- 1 byte dirflag
- 1 byte maximum validity of all the user ids
- 1 u32 time of last validity check.
- 1 u32 Must check when this time has been reached.
- (0 = no check required)
-
-
- Record type 3: (key record)
- --------------
- Informations about a primary public key.
- (This is mainly used to lookup a trust record)
-
- 1 byte value 3
- 1 byte reserved
- 1 u32 LID
- 1 u32 next - next key record
- 7 bytes reserved
- 1 byte keyflags
- 1 byte pubkey algorithm
- 1 byte length of the fingerprint (in bytes)
- 20 bytes fingerprint of the public key
- (This is the value we use to identify a key)
-
- Record type 4: (uid record)
- --------------
- Informations about a userid
- We do not store the userid but the hash value of the userid because that
- is sufficient.
-
- 1 byte value 4
- 1 byte reserved
- 1 u32 LID points to the directory record.
- 1 u32 next next userid
- 1 u32 pointer to preference record
- 1 u32 siglist list of valid signatures
- 1 byte uidflags
- 1 byte validity of the key calculated over this user id
- 20 bytes ripemd160 hash of the username.
-
-
- Record type 5: (pref record)
- --------------
- This record type is not anymore used.
-
- 1 byte value 5
- 1 byte reserved
- 1 u32 LID; points to the directory record (and not to the uid record!).
- (or 0 for standard preference record)
- 1 u32 next
- 30 byte preference data
-
- Record type 6 (sigrec)
- -------------
- Used to keep track of key signatures. Self-signatures are not
- stored. If a public key is not in the DB, the signature points to
- a shadow dir record, which in turn has a list of records which
- might be interested in this key (and the signature record here
- is one).
-
- 1 byte value 6
- 1 byte reserved
- 1 u32 LID points back to the dir record
- 1 u32 next next sigrec of this uid or 0 to indicate the
- last sigrec.
- 6 times
- 1 u32 Local_id of signatures dir or shadow dir record
- 1 byte Flag: Bit 0 = checked: Bit 1 is valid (we have a real
- directory record for this)
- 1 = valid is set (but may be revoked)
-
-
-
- Record type 8: (shadow directory record)
- --------------
- This record is used to reserve a LID for a public key. We
- need this to create the sig records of other keys, even if we
- do not yet have the public key of the signature.
- This record (the record number to be more precise) will be reused
- as the dir record when we import the real public key.
-
- 1 byte value 8
- 1 byte reserved
- 1 u32 LID (This is simply the record number of this record.)
- 2 u32 keyid
- 1 byte pubkey algorithm
- 3 byte reserved
- 1 u32 hintlist A list of records which have references to
- this key. This is used for fast access to
- signature records which are not yet checked.
- Note, that this is only a hint and the actual records
- may not anymore hold signature records for that key
- but that the code cares about this.
- 18 byte reserved
-
-
-
- Record Type 10 (hash table)
- --------------
- Due to the fact that we use fingerprints to lookup keys, we can
- implement quick access by some simple hash methods, and avoid
- the overhead of gdbm. A property of fingerprints is that they can be
- used directly as hash values. (They can be considered as strong
- random numbers.)
- What we use is a dynamic multilevel architecture, which combines
- hashtables, record lists, and linked lists.
-
- This record is a hashtable of 256 entries; a special property
- is that all these records are stored consecutively to make one
- big table. The hash value is simple the 1st, 2nd, ... byte of
- the fingerprint (depending on the indirection level).
-
- When used to hash shadow directory records, a different table is used
- and indexed by the keyid.
-
- 1 byte value 10
- 1 byte reserved
- n u32 recnum; n depends on the record length:
- n = (reclen-2)/4 which yields 9 for the current record length
- of 40 bytes.
-
- the total number of such record which makes up the table is:
- m = (256+n-1) / n
- which is 29 for a record length of 40.
-
- To look up a key we use the first byte of the fingerprint to get
- the recnum from this hashtable and look up the addressed record:
- - If this record is another hashtable, we use 2nd byte
- to index this hash table and so on.
- - if this record is a hashlist, we walk all entries
- until we found one a matching one.
- - if this record is a key record, we compare the
- fingerprint and to decide whether it is the requested key;
-
-
- Record type 11 (hash list)
- --------------
- see hash table for an explanation.
- This is also used for other purposes.
-
- 1 byte value 11
- 1 byte reserved
- 1 u32 next next hash list record
- n times n = (reclen-5)/5
- 1 u32 recnum
-
- For the current record length of 40, n is 7
-
-
-
- Record type 254 (free record)
- ---------------
- All these records form a linked list of unused records.
- 1 byte value 254
- 1 byte reserved (0)
- 1 u32 next_free
-#+end_example
+ byte order. The length of each record is 40 bytes. The first
+ record of the DB is always of type 1 and this is the only record of
+ this type.
+
+ The record types: directory(2), key(3), uid(4), pref(5), sigrec(6),
+ and shadow directory(8) are not anymore used by version 2 of the
+ TrustDB.
+
+** Record type 0
+
+ Unused record or deleted, can be reused for any purpose. Such
+ records should in general not exist because deleted records are of
+ type 254 and kept in a linked list.
+
+** Version info (RECTYPE_VER, 1)
+
+ Version information for this TrustDB. This is always the first
+ record of the DB and the only one of this type.
+
+ - 1 u8 :: Record type (value: 1).
+ - 3 byte :: Magic value ("gpg")
+ - 1 u8 :: TrustDB version (value: 2).
+ - 1 u8 :: =marginals=. How many marginal trusted keys are required.
+ - 1 u8 :: =completes=. How many completely trusted keys are
+ required.
+ - 1 u8 :: =max_cert_depth=. How deep is the WoT evaluated. Along
+ with =marginals= and =completes=, this value is used to
+ check whether the cached validity value from a [FIXME
+ dir] record can be used.
+ - 1 u8 :: =trust_model=
+ - 1 u8 :: =min_cert_level=
+ - 2 byte :: Not used
+ - 1 u32 :: =created=. Timestamp of trustdb creation.
+ - 1 u32 :: =nextcheck=. Timestamp of last modification which may
+ affect the validity of keys in the trustdb. This value
+ is checked against the validity timestamp in the dir
+ records.
+ - 1 u32 :: =reserved=. Not used.
+ - 1 u32 :: =reserved2=. Not used.
+ - 1 u32 :: =firstfree=. Number of the record with the head record
+ of the RECTYPE_FREE linked list.
+ - 1 u32 :: =reserved3=. Not used.
+ - 1 u32 :: =trusthashtbl=. Record number of the trusthashtable.
+
+
+** Hash table (RECTYPE_HTBL, 10)
+
+ Due to the fact that we use fingerprints to lookup keys, we can
+ implement quick access by some simple hash methods, and avoid the
+ overhead of gdbm. A property of fingerprints is that they can be
+ used directly as hash values. What we use is a dynamic multilevel
+ architecture, which combines hash tables, record lists, and linked
+ lists.
+
+ This record is a hash table of 256 entries with the property that
+ all these records are stored consecutively to make one big
+ table. The hash value is simple the 1st, 2nd, ... byte of the
+ fingerprint (depending on the indirection level).
+
+ - 1 u8 :: Record type (value: 10).
+ - 1 u8 :: Reserved
+ - n u32 :: =recnum=. A table with the hash table items fitting into
+ this record. =n= depends on the record length:
+ $n=(reclen-2)/4$ which yields 9 for oure current record
+ length of 40 bytes.
+
+ The total number of hash table records to form the table is:
+ $m=(256+n-1)/n$. This is 29 for our record length of 40.
+
+ To look up a key we use the first byte of the fingerprint to get
+ the recnum from this hash table and then look up the addressed
+ record:
+
+ - If that record is another hash table, we use 2nd byte to index
+ that hash table and so on;
+ - if that record is a hash list, we walk all entries until we find
+ a matching one; or
+ - if that record is a key record, we compare the fingerprint to
+ decide whether it is the requested key;
+
+
+** Hash list (RECTYPE_HLST, 11)
+
+ See hash table above on how it is used. It may also be used for
+ other purposes.
+
+ - 1 u8 :: Record type (value: 11).
+ - 1 u8 :: Reserved.
+ - 1 u32 :: =next=. Record number of the next hash list record or 0
+ if none.
+ - n u32 :: =rnum=. Array with record numbers to values. With
+ $n=(reclen-5)/5$ and our record length of 40, n is 7.
+
+** Trust record (RECTYPE_TRUST, 12)
+
+ - 1 u8 :: Record type (value: 12).
+ - 1 u8 :: Reserved.
+ - 20 byte :: =fingerprint=.
+ - 1 u8 :: =ownertrust=.
+ - 1 u8 :: =depth=.
+ - 1 u8 :: =min_ownertrust=.
+ - 1 byte :: Not used.
+ - 1 u32 :: =validlist=.
+ - 10 byte :: Not used.
+
+** Validity record (RECTYPE_VALID, 13)
+
+ - 1 u8 :: Record type (value: 13).
+ - 1 u8 :: Reserved.
+ - 20 byte :: =namehash=.
+ - 1 u8 :: =validity=
+ - 1 u32 :: =next=.
+ - 1 u8 :: =full_count=.
+ - 1 u8 :: =marginal_count=.
+ - 11 byte :: Not used.
+
+** Free record (RECTYPE_FREE, 254)
+
+ All these records form a linked list of unused records in the TrustDB.
+
+ - 1 u8 :: Record type (value: 254)
+ - 1 u8 :: Reserved.
+ - 1 u32 :: =next=. Record number of the next rcord of this type.
+ The record number to the head of this linked list is
+ stored in the version info record.
* GNU extensions to the S2K algorithm
need. If you really need to do it, use a separate commit for such a
change.
+** Commit log keywords
+
+ - GnuPG-bug-id :: Values are comma or space delimited bug numbers
+ from bug.gnupg.org pertaining to this commit.
+ - Debian-bug-id :: Same as above but from the Debian bug tracker.
+ - CVE-id :: CVE id number pertaining to this commit.
+ - Regression-due-to :: Commit id of the regression fixed by this commit.
+ - Fixes-commit :: Commit id this commit fixes.
+ - Reported-by :: Value is a name or mail address of a bug reporte.
+ - Suggested-by :: Value is a name or mail address of someone how
+ suggested this change.
+ - Co-authored-by :: Name or mail address of a co-author
+ - Some-comments-by :: Name or mail address of the author of
+ additional comments (commit log or code).
+ - Proofread-by :: Sometimes used by translation commits.
+ - Signed-off-by :: Name or mail address of the developer
+
* Windows
** How to build an installer for Windows
** Detailed Roadmap
- This list of file is not up to date!
+ This list of files is not up to date!
- g10/gpg.c :: Main module with option parsing and all the stuff you
- have to do on startup. Also has the exout handler
- and some helper functions.
-
- - g10/sign.c :: Create signature and optionally encrypt
+ have to do on startup. Also has the exit handler and
+ some helper functions.
- g10/parse-packet.c ::
- g10/build-packet.c ::
- g10/getkey.c :: Key selection code
- g10/pkclist.c :: Build a list of public keys
- g10/skclist.c :: Build a list of secret keys
- - g10/ringedit.c :: Keyring I/O
+ - g10/keyring.c :: Keyring access functions
- g10/keydb.h ::
- - g10/keyid.c :: Helper functions to get the keyid, fingerprint etc.
-
+ - g10/keyid.c :: Helper functions to get the keyid, fingerprint etc.
- - g10/trustdb.c ::
+ - g10/trustdb.c :: Web-of-Trust computations
- g10/trustdb.h ::
- - g10/tdbdump.c :: Management of the trustdb.gpg
- - g10/tdbio.c ::
- - g10/tdbio.h :: I/O handling for the trustdb.gpg
+ - g10/tdbdump.c :: Export/import/list the trustdb.gpg
+ - g10/tdbio.c :: I/O handling for the trustdb.gpg
+ - g10/tdbio.h ::
- g10/compress.c :: Filter to handle compression
- g10/filter.h :: Declarations for all filter functions
- g10/delkey.c :: Delete a key
- - g10/kbnode.c :: Helper for the KBNODE linked list
+ - g10/kbnode.c :: Helper for the kbnode_t linked list
- g10/main.h :: Prototypes and some constants
- g10/mainproc.c :: Message processing
- g10/armor.c :: Ascii armor filter
- g10/options.h :: Structure with all the command line options
and related constants
- g10/openfile.c :: Create/Open Files
- - g10/hkp.h :: Keyserver access
- - g10/hkp.c :: Ditto.
+ - g10/keyserver.h :: Keyserver access dispatcher.
- g10/packet.h :: Defintion of OpenPGP structures.
- g10/passphrase.c :: Passphrase handling code
- - g10/pubkey-enc.c ::
- - g10/seckey-cert.c ::
- - g10/seskey.c ::
- - g10/import.c ::
- - g10/export.c ::
- - g10/comment.c ::
- - g10/status.c ::
- - g10/status.h ::
- - g10/sign.c ::
- - g10/plaintext.c ::
- - g10/encr-data.c ::
- - g10/encode.c ::
- - g10/revoke.c ::
- - g10/keylist.c ::
- - g10/sig-check.c ::
- - g10/signal.c ::
- - g10/helptext.c ::
- - g10/verify.c ::
- - g10/decrypt.c ::
- - g10/keyedit.c ::
- - g10/dearmor.c ::
- - g10/keygen.c ::
+ - g10/pubkey-enc.c :: Process a public key encoded packet.
+ - g10/seckey-cert.c :: Not anymore used
+ - g10/seskey.c :: Make sesssion keys etc.
+ - g10/import.c :: Import keys into our key storage.
+ - g10/export.c :: Export keys to the OpenPGP format.
+ - g10/sign.c :: Create signature and optionally encrypt.
+ - g10/plaintext.c :: Process plaintext packets.
+ - g10/decrypt-data.c :: Decrypt an encrypted data packet
+ - g10/encrypt.c :: Main encryption driver
+ - g10/revoke.c :: Create recovation certificates.
+ - g10/keylist.c :: Print information about OpenPGP keys
+ - g10/sig-check.c :: Check a signature
+ - g10/helptext.c :: Show online help texts
+ - g10/verify.c :: Verify signed data.
+ - g10/decrypt.c :: Decrypt and verify data.
+ - g10/keyedit.c :: Edit properties of a key.
+ - g10/dearmor.c :: Armor utility.
+ - g10/keygen.c :: Generate a key pair
** Memory allocation
- xfree
-The *secure versions allocated memory in the secure memory. That is,
+The *secure versions allocate memory in the secure memory. That is,
swapping out of this memory is avoided and is gets overwritten on
free. Use this for passphrases, session keys and other sensitive
material. This memory set aside for secure memory is linited to a few
uncompress filter and the next read byte is one which has already been
uncompressed by this filter. Same goes for enciphered packet,
plaintext packets and so on. The file g10/encode.c might be a good
-staring point to see how it is used - actually this is the other way:
+starting point to see how it is used - actually this is the other way:
constructing messages using pushed filters but it may be easier to
understand.
gpgv.texi yat2m.c ChangeLog-2011 whats-new-in-2.1.txt
BUILT_SOURCES = gnupg-card-architecture.eps gnupg-card-architecture.png \
- gnupg-card-architecture.pdf defsincdate
+ gnupg-card-architecture.pdf defsincdate defs.inc
info_TEXINFOS = gnupg.texi
@item --default-cache-ttl @var{n}
@opindex default-cache-ttl
-Set the time a cache entry is valid to @var{n} seconds. The default is
-600 seconds.
+Set the time a cache entry is valid to @var{n} seconds. The default
+is 600 seconds. Each time a cache entry is accessed, the entry's
+timer is reset. To set an entry's maximum lifetime, use
+@command{max-cache-ttl}.
@item --default-cache-ttl-ssh @var{n}
@opindex default-cache-ttl
Set the time a cache entry used for SSH keys is valid to @var{n}
-seconds. The default is 1800 seconds.
+seconds. The default is 1800 seconds. Each time a cache entry is
+accessed, the entry's timer is reset. To set an entry's maximum
+lifetime, use @command{max-cache-ttl-ssh}.
@item --max-cache-ttl @var{n}
@opindex max-cache-ttl
@anchor{option --enable-ssh-support}
@item --enable-ssh-support
+@itemx --enable-putty-support
@opindex enable-ssh-support
+@opindex enable-putty-support
Enable the OpenSSH Agent protocol.
Adding the @option{--verbose} shows the progress of starting the agent.
+The @option{--enable-putty-support} is only available under Windows
+and allows the use of gpg-agent with the ssh implementation
+@command{putty}. This is similar to the regular ssh-agent support but
+makes use of Windows message queue as required by @command{putty}.
+
+
@end table
All the long options may also be given in the configuration file after
@item --debug @var{flags}
@opindex debug
-Set debugging flags. All flags are or-ed and @var{flags} may
-be given in C syntax (e.g. 0x0042).
+Set debugging flags. All flags are or-ed and @var{flags} may be given
+in C syntax (e.g. 0x0042) or as a comma separated list of flag names.
+To get a list of all supported flags the single word "help" can be
+used.
@item --debug-all
@opindex debug-all
address and the time when you verified the signature.
+@anchor{gpgsm-option --validation-model}
@item --validation-model @var{name}
@opindex validation-model
This option changes the default validation model. The only possible
Write output to @var{file}. The default is to write it to stdout.
+@anchor{gpgsm-option --with-key-data}
@item --with-key-data
@opindex with-key-data
Displays extra information with the @code{--list-keys} commands. Especially
key. This string is for example used as the file name of the
secret key.
+@anchor{gpgsm-option --with-validation}
@item --with-validation
@opindex with-validation
When doing a key listing, do a full validation check for each key and
* GPGSM EXPORT:: Export certificates.
* GPGSM IMPORT:: Import certificates.
* GPGSM DELETE:: Delete certificates.
+* GPGSM GETAUDITLOG:: Retrieve an audit log.
* GPGSM GETINFO:: Information about the process
+* GPGSM OPTION:: Session options.
@end menu
@node GPGSM LISTKEYS
@subsection List available keys
+@anchor{gpgsm-cmd listkeys}
To list the keys in the internal database or using an external key
provider, the command:
The certificates must be specified unambiguously otherwise an error is
returned.
+@node GPGSM GETAUDITLOG
+@subsection Retrieve an audit log.
+@anchor{gpgsm-cmd getauditlog}
+
+This command is used to retrieve an audit log.
+
+@example
+GETAUDITLOG [--data] [--html]
+@end example
+
+If @option{--data} is used, the audit log is send using D-lines
+instead of being sent to the file descriptor given by an OUTPUT
+command. If @option{--html} is used, the output is formated as an
+XHTML block. This is designed to be incorporated into a HTML
+document.
+
+
@node GPGSM GETINFO
@subsection Return information about the process
@item pid
Return the process id of the process.
@item agent-check
-Return success if the agent is running.
+Return OK if the agent is running.
@item cmd_has_option @var{cmd} @var{opt}
-Return success if the command @var{cmd} implements the option @var{opt}.
+Return OK if the command @var{cmd} implements the option @var{opt}.
The leading two dashes usually used with @var{opt} shall not be given.
+@item offline
+Return OK if the connection is in offline mode. This may be either
+due to a @code{OPTION offline=1} or due to @command{gpgsm} being
+started with option @option{--disable-dirmngr}.
+@end table
+
+@node GPGSM OPTION
+@subsection Session options.
+
+The standard Assuan option handler supports these options.
+
+@example
+OPTION @var{name}[=@var{value}]
+@end example
+
+These @var{name}s are recognized:
+
+@table @code
+
+@item putenv
+Change the session's environment to be passed via gpg-agent to
+Pinentry. @var{value} is a string of the form
+@code{<KEY>[=[<STRING>]]}. If only @code{<KEY>} is given the
+environment variable @code{<KEY>} is removed from the session
+environment, if @code{<KEY>=} is given that environment variable is
+set to the empty string, and if @code{<STRING>} is given it is set to
+that string.
+
+@item display
+Set the session environment variable @code{DISPLAY} is set to @var{value}.
+@item ttyname
+Set the session environment variable @code{GPG_TTY} is set to @var{value}.
+@item ttytype
+Set the session environment variable @code{TERM} is set to @var{value}.
+@item lc-ctype
+Set the session environment variable @code{LC_CTYPE} is set to @var{value}.
+@item lc-messages
+Set the session environment variable @code{LC_MESSAGES} is set to @var{value}.
+@item xauthority
+Set the session environment variable @code{XAUTHORITY} is set to @var{value}.
+@item pinentry-user-data
+Set the session environment variable @code{PINENTRY_USER_DATA} is set
+to @var{value}.
+
+@item include-certs
+This option overrides the command line option
+@option{--include-certs}. A @var{value} of -2 includes all
+certificates except for the root certificate, -1 includes all
+certicates, 0 does not include any certicates, 1 includes only the
+signers certicate and all other positive values include up to
+@var{value} certificates starting with the signer cert.
+
+@item list-mode
+@xref{gpgsm-cmd listkeys}.
+
+@item list-to-output
+If @var{value} is true the output of the list commands
+(@pxref{gpgsm-cmd listkeys}) is written to the file descriptor set
+with the last OUTPUT command. If @var{value} is false the output is
+written via data lines; this is the default.
+
+@item with-validation
+If @var{value} is true for each listed certificate the validation
+status is printed. This may result in the download of a CRL or the
+user being asked about the trustworthiness of a root certificate. The
+default is given by a command line option (@pxref{gpgsm-option
+--with-validation}).
+
+
+@item with-secret
+If @var{value} is true certificates with a corresponding private key
+are marked by the list commands.
+
+@item validation-model
+This option overrides the command line option
+@option{validation-model} for the session.
+(@pxref{gpgsm-option --validation-model}.)
+
+@item with-key-data
+This option globally enables the command line option
+@option{--with-key-data}. (@pxref{gpgsm-option --with-key-data}.)
+
+@item enable-audit-log
+If @var{value} is true data to write an audit log is gathered.
+(@pxref{gpgsm-cmd getauditlog}.)
+
+@item allow-pinentry-notify
+If this option is used notifications about the launch of a Pinentry
+are passed back to the client.
+
+@item with-ephemeral-keys
+If @var{value} is true ephemeral certificates are included in the
+output of the list commands.
+
+@item no-encrypt-to
+If this option is used all keys set by the command line option
+@option{--encrypt-to} are ignored.
+
+@item offline
+If @var{value} is true or @var{value} is not given all network access
+is disabled for this session. This is the same as the command line
+option @option{--disable-dirmngr}.
+
@end table
@mansect see also
+++ /dev/null
-/* comment.c - write comment stuff
- * Copyright (C) 1998, 2003 Free Software Foundation, Inc.
- *
- * This file is part of GnuPG.
- *
- * GnuPG is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuPG is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, see <http://www.gnu.org/licenses/>.
- */
-
-#include <config.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <errno.h>
-#include <assert.h>
-
-#include "options.h"
-#include "packet.h"
-#include "status.h"
-#include "iobuf.h"
-#include "util.h"
-#include "main.h"
-#include "keydb.h"
-
-
-
-int
-write_comment( iobuf_t out, const char *s )
-{
- PACKET pkt;
- size_t n = strlen(s);
- int rc=0;
-
- pkt.pkttype = PKT_COMMENT;
- if( *s != '#' ) {
- pkt.pkt.comment = xmalloc ( sizeof *pkt.pkt.comment + n );
- pkt.pkt.comment->len = n+1;
- *pkt.pkt.comment->data = '#';
- strcpy(pkt.pkt.comment->data+1, s);
- }
- else {
- pkt.pkt.comment = xmalloc ( sizeof *pkt.pkt.comment + n - 1 );
- pkt.pkt.comment->len = n;
- strcpy(pkt.pkt.comment->data, s);
- }
- if( (rc = build_packet( out, &pkt )) )
- log_error("build_packet(comment) failed: %s\n", gpg_strerror (rc) );
- free_packet( &pkt );
- return rc;
-}
-
-
-KBNODE
-make_comment_node_from_buffer (const char *s, size_t n)
-{
- PACKET *pkt;
-
- pkt = gcry_xcalloc( 1, sizeof *pkt );
- pkt->pkttype = PKT_COMMENT;
- pkt->pkt.comment = gcry_xmalloc( sizeof *pkt->pkt.comment + n - 1 );
- pkt->pkt.comment->len = n;
- strcpy(pkt->pkt.comment->data, s);
- return new_kbnode( pkt );
-}
-
-KBNODE
-make_comment_node( const char *s )
-{
- return make_comment_node_from_buffer (s, strlen (s));
-}
-
-
-KBNODE
-make_mpi_comment_node( const char *s, gcry_mpi_t a )
-{
- PACKET *pkt;
- byte *buf, *pp;
- size_t n1, nb1;
- size_t n = strlen(s);
-
- nb1 = mpi_get_nbits( a );
- if (gcry_mpi_print (GCRYMPI_FMT_PGP, NULL, 0, &n1, a))
- BUG ();
- /* fixme: allocate it on the stack */
- buf = xmalloc (n1);
- if (gcry_mpi_print (GCRYMPI_FMT_PGP, buf, n1, &n1, a))
- BUG ();
-
- pkt = xcalloc (1, sizeof *pkt );
- pkt->pkttype = PKT_COMMENT;
- pkt->pkt.comment = xmalloc ( sizeof *pkt->pkt.comment + n + 2 + n1 );
- pkt->pkt.comment->len = n+1+2+n1;
- pp = pkt->pkt.comment->data;
- memcpy(pp, s, n+1);
- memcpy(pp+n+1, buf, n1 );
- xfree (buf);
- return new_kbnode( pkt );
-}
kek = NULL;
}
- while (!(err = keydb_search (kdbhd, desc, ndesc, &descindex)))
+ for (;;)
{
int skip_until_subkey = 0;
u32 keyid[2];
PKT_public_key *pk;
+ err = keydb_search (kdbhd, desc, ndesc, &descindex);
if (!users)
desc[0].mode = KEYDB_SEARCH_MODE_NEXT;
+ if (gpg_err_code (err) == GPG_ERR_LEGACY_KEY)
+ continue; /* Skip PGP2 keys. */
+ if (err)
+ break;
/* Read the keyblock. */
release_kbnode (keyblock);
keyblock = NULL;
err = keydb_get_keyblock (kdbhd, &keyblock);
+ if (gpg_err_code (err) == GPG_ERR_LEGACY_KEY)
+ continue; /* Skip PGP2 keys. */
if (err)
{
log_error (_("error reading keyblock: %s\n"), gpg_strerror (err));
ARGPARSE_s_s (oDisplayCharset, "charset", "@"),
ARGPARSE_s_s (oOptions, "options", "@"),
- ARGPARSE_p_u (oDebug, "debug", "@"),
+ ARGPARSE_s_s (oDebug, "debug", "@"),
ARGPARSE_s_s (oDebugLevel, "debug-level", "@"),
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
ARGPARSE_s_n (oDebugIOLBF, "debug-iolbf", "@"),
};
+/* The list of supported debug flags. */
+static struct debug_flags_s debug_flags [] =
+ {
+ { DBG_PACKET_VALUE , "packet" },
+ { DBG_MPI_VALUE , "mpi" },
+ { DBG_CRYPTO_VALUE , "crypto" },
+ { DBG_FILTER_VALUE , "filter" },
+ { DBG_IOBUF_VALUE , "iobuf" },
+ { DBG_MEMORY_VALUE , "memory" },
+ { DBG_CACHE_VALUE , "cache" },
+ { DBG_MEMSTAT_VALUE, "memstat" },
+ { DBG_TRUST_VALUE , "trust" },
+ { DBG_HASHING_VALUE, "hashing" },
+ { DBG_CARD_IO_VALUE, "cardio" },
+ { DBG_IPC_VALUE , "ipc" },
+ { DBG_CLOCK_VALUE , "clock" },
+ { DBG_LOOKUP_VALUE , "lookup" },
+ { DBG_EXTPROG_VALUE, "extprog" },
+ { 0, NULL }
+ };
+
+
#ifdef ENABLE_SELINUX_HACKS
#define ALWAYS_ADD_KEYRINGS 1
#else
gpg_strerror (err));
}
+
/* Setup the debugging. With a LEVEL of NULL only the active debug
flags are propagated to the subsystems. With LEVEL set, a specific
set of debug flags is set; thus overriding all flags already
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
if (opt.debug)
- log_info ("enabled debug flags:%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n",
- (opt.debug & DBG_PACKET_VALUE )? " packet":"",
- (opt.debug & DBG_MPI_VALUE )? " mpi":"",
- (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
- (opt.debug & DBG_FILTER_VALUE )? " filter":"",
- (opt.debug & DBG_IOBUF_VALUE )? " iobuf":"",
- (opt.debug & DBG_MEMORY_VALUE )? " memory":"",
- (opt.debug & DBG_CACHE_VALUE )? " cache":"",
- (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
- (opt.debug & DBG_TRUST_VALUE )? " trust":"",
- (opt.debug & DBG_HASHING_VALUE)? " hashing":"",
- (opt.debug & DBG_EXTPROG_VALUE)? " extprog":"",
- (opt.debug & DBG_CARD_IO_VALUE)? " cardio":"",
- (opt.debug & DBG_IPC_VALUE )? " ipc":"",
- (opt.debug & DBG_CLOCK_VALUE )? " clock":"",
- (opt.debug & DBG_LOOKUP_VALUE )? " lookup":"");
+ parse_debug_flag (NULL, &opt.debug, debug_flags);
}
compile everywhere, so fill in the show-sig-subpackets argument
here. Note that if the parse_options array changes, we'll have
to change the subscript here. */
- lopts[12].value=&subpackets;
+ lopts[13].value=&subpackets;
if(parse_options(str,&opt.list_options,lopts,1))
{
opt.list_options|=LIST_SHOW_KEYRING;
break;
- case oDebug: opt.debug |= pargs.r.ret_ulong; break;
+ case oDebug:
+ if (parse_debug_flag (pargs.r.ret_str, &opt.debug, debug_flags))
+ {
+ pargs.r_opt = ARGPARSE_INVALID_ARG;
+ pargs.err = ARGPARSE_PRINT_ERROR;
+ }
+ break;
+
case oDebugAll: opt.debug = ~0; break;
case oDebugLevel: debug_level = pargs.r.ret_str; break;
}
FREE_STRLIST(nrings);
+ if (opt.pinentry_mode == PINENTRY_MODE_LOOPBACK)
+ /* In loopback mode, never ask for the password multiple
+ times. */
+ {
+ opt.passphrase_repeat = 0;
+ }
+
if (cmd == aGPGConfTest)
g10_exit(0);
gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE);
if (DBG_CLOCK)
log_clock ("stop");
+
if ( (opt.debug & DBG_MEMSTAT_VALUE) )
{
+ keydb_dump_stats ();
gcry_control (GCRYCTL_DUMP_MEMORY_STATS);
gcry_control (GCRYCTL_DUMP_RANDOM_STATS);
}
};
+/* This object is used to keep a list of keyids in a linked list. */
+typedef struct kid_list_s
+{
+ struct kid_list_s *next;
+ u32 kid[2];
+ int state; /* True if found. */
+} *kid_list_t;
+
+/* To avoid looking up a key by keyid where we know that it does not
+ yet exist, we keep a table of keyids with search results. This
+ improves the --list-sigs and --check-sigs commands substantively.
+ To avoid extra complexity we clear the entire table on any insert
+ or update operation. The array is indexed by the LSB of the keyid.
+ KID_FOUND_TABLE_COUNT gives the number of keys in the table. */
+static kid_list_t kid_found_table[256];
+static unsigned int kid_found_table_count;
+
+
/* This is a simple cache used to return the last result of a
successful fingerprint search. This works only for keybox resources
because (due to lack of a copy_keyblock function) we need to store
static void unlock_all (KEYDB_HANDLE hd);
+/* Checkwhether the keyid KID is in the table of found or not found
+ keyids.
+
+ Returns:
+ 0 - Keyid not in table
+ 1 - Keyid in table because not found in a previous search
+ 2 - Keyid in table because found in a previous search
+ */
+static int
+kid_not_found_p (u32 *kid)
+{
+ kid_list_t k;
+
+ for (k = kid_found_table[kid[0] % 256]; k; k = k->next)
+ if (k->kid[0] == kid[0] && k->kid[1] == kid[1])
+ {
+ if (DBG_CACHE)
+ log_debug ("keydb: kid_not_found_p (%08lx%08lx) => %s\n",
+ (ulong)kid[0], (ulong)kid[1],
+ k->state? "false (found)": "true");
+ return k->state? 2 : 1;
+ }
+
+ if (DBG_CACHE)
+ log_debug ("keydb: kid_not_found_p (%08lx%08lx) => false\n",
+ (ulong)kid[0], (ulong)kid[1]);
+ return 0;
+}
+
+
+/* Put the keyid KID into the table of keyids with their find states of
+ previous searches. Note that there is no check whether the keyid
+ is already in the table, thus kid_not_found_p() should be used prior. */
+static void
+kid_not_found_insert (u32 *kid, int found)
+{
+ kid_list_t k;
+
+ if (DBG_CACHE)
+ log_debug ("keydb: kid_not_found_insert (%08lx%08lx, %d)\n",
+ (ulong)kid[0], (ulong)kid[1], found);
+ k = xmalloc (sizeof *k);
+ k->kid[0] = kid[0];
+ k->kid[1] = kid[1];
+ k->state = found;
+ k->next = kid_found_table[kid[0]%256];
+ kid_found_table[kid[0]%256] = k;
+ kid_found_table_count++;
+}
+
+
+/* Flush the entire table of keyids whche were not found in previous
+ searches. */
+static void
+kid_not_found_flush (void)
+{
+ kid_list_t k, knext;
+ int i;
+
+ if (DBG_CACHE)
+ log_debug ("keydb: kid_not_found_flush\n");
+
+ if (!kid_found_table_count)
+ return;
+
+ for (i=0; i < DIM(kid_found_table); i++)
+ {
+ for (k = kid_found_table[i]; k; k = knext)
+ {
+ knext = k->next;
+ xfree (k);
+ }
+ kid_found_table[i] = NULL;
+ }
+ kid_found_table_count = 0;
+}
+
+
static void
keyblock_cache_clear (void)
{
}
+void
+keydb_dump_stats (void)
+{
+ if (kid_found_table_count)
+ log_info ("keydb: kid_not_found_table: total: %u\n", kid_found_table_count);
+}
KEYDB_HANDLE
if (!hd)
return gpg_error (GPG_ERR_INV_ARG);
+ if (DBG_CLOCK)
+ log_clock ("keydb_get_keybock enter");
+
if (keyblock_cache.state == KEYBLOCK_CACHE_FILLED)
{
iobuf_seek (keyblock_cache.iobuf, 0);
ret_kb);
if (err)
keyblock_cache_clear ();
+ if (DBG_CLOCK)
+ log_clock (err? "keydb_get_keyblock leave (cached, failed)"
+ : "keydb_get_keyblock leave (cached)");
return err;
}
if (keyblock_cache.state != KEYBLOCK_CACHE_FILLED)
keyblock_cache_clear ();
+ if (DBG_CLOCK)
+ log_clock (err? "keydb_get_keyblock leave (failed)"
+ : "keydb_get_keyblock leave");
return err;
}
if (!hd)
return gpg_error (GPG_ERR_INV_ARG);
+ kid_not_found_flush ();
keyblock_cache_clear ();
if (hd->found < 0 || hd->found >= hd->used)
if (!hd)
return gpg_error (GPG_ERR_INV_ARG);
+ kid_not_found_flush ();
keyblock_cache_clear ();
if (opt.dry_run)
if (!hd)
return gpg_error (GPG_ERR_INV_ARG);
+ kid_not_found_flush ();
keyblock_cache_clear ();
if (hd->found < 0 || hd->found >= hd->used)
size_t ndesc, size_t *descindex)
{
gpg_error_t rc;
+ int once_found = 0;
if (descindex)
*descindex = 0; /* Make sure it is always set on return. */
if (DBG_CACHE)
dump_search_desc (hd, "keydb_search", desc, ndesc);
+
+ /* Note that we track the found state in the table to cope with the
+ case that a initial search found the key and the next search
+ (without a reset) did not found the key. Without keeping the
+ found state we would falsely claim that the key has not been
+ found. Actually this is quite common because we need to check
+ for ambgious keyids. */
+ if (ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID
+ && (once_found = kid_not_found_p (desc[0].u.kid)) == 1 )
+ {
+ if (DBG_CLOCK)
+ log_clock ("keydb_search leave (not found, cached)");
+ return gpg_error (GPG_ERR_NOT_FOUND);
+ }
+
/* NB: If one of the exact search modes below is used in a loop to
walk over all keys (with the same fingerprint) the caching must
have been disabled for the handle. */
memcpy (keyblock_cache.fpr, desc[0].u.fpr, 20);
}
+ if ((!rc || gpg_err_code (rc) == GPG_ERR_NOT_FOUND)
+ && ndesc == 1 && desc[0].mode == KEYDB_SEARCH_MODE_LONG_KID
+ && !once_found)
+ {
+ kid_not_found_insert (desc[0].u.kid, !rc);
+ }
+
if (DBG_CLOCK)
log_clock (rc? "keydb_search leave (not found)"
: "keydb_search leave (found)");
#define KEYDB_RESOURCE_FLAG_READONLY 8 /* Open in read only mode. */
gpg_error_t keydb_add_resource (const char *url, unsigned int flags);
+void keydb_dump_stats (void);
KEYDB_HANDLE keydb_new (void);
void keydb_release (KEYDB_HANDLE hd);
gpg_error_t keydb_search_kid (KEYDB_HANDLE hd, u32 *kid);
gpg_error_t keydb_search_fpr (KEYDB_HANDLE hd, const byte *fpr);
+
/*-- pkclist.c --*/
void show_revocation_reason( PKT_public_key *pk, int mode );
int check_signatures_trust( PKT_signature *sig );
-/* keygen.c - generate a key pair
+/* keygen.c - Generate a key pair
* Copyright (C) 1998-2007, 2009-2011 Free Software Foundation, Inc.
* Copyright (C) 2014, 2015 Werner Koch
*
struct keylist_context
{
int check_sigs; /* If set signatures shall be verified. */
+ int good_sigs; /* Counter used if CHECK_SIGS is set. */
int inv_sigs; /* Counter used if CHECK_SIGS is set. */
int no_key; /* Counter used if CHECK_SIGS is set. */
int oth_err; /* Counter used if CHECK_SIGS is set. */
if (!s->check_sigs)
return; /* Signature checking was not requested. */
+ if (s->good_sigs == 1)
+ log_info (_("1 good signature\n"));
+ else if (s->good_sigs)
+ log_info (_("%d good signatures\n"), s->good_sigs);
+
if (s->inv_sigs == 1)
- tty_printf (_("1 bad signature\n"));
+ log_info (_("1 bad signature\n"));
else if (s->inv_sigs)
- tty_printf (_("%d bad signatures\n"), s->inv_sigs);
+ log_info (_("%d bad signatures\n"), s->inv_sigs);
+
if (s->no_key == 1)
- tty_printf (_("1 signature not checked due to a missing key\n"));
+ log_info (_("1 signature not checked due to a missing key\n"));
else if (s->no_key)
- tty_printf (_("%d signatures not checked due to missing keys\n"),
- s->no_key);
+ log_info (_("%d signatures not checked due to missing keys\n"), s->no_key);
+
if (s->oth_err == 1)
- tty_printf (_("1 signature not checked due to an error\n"));
+ log_info (_("1 signature not checked due to an error\n"));
else if (s->oth_err)
- tty_printf (_("%d signatures not checked due to errors\n"), s->oth_err);
+ log_info (_("%d signatures not checked due to errors\n"), s->oth_err);
}
switch (gpg_err_code (rc))
{
case 0:
+ listctx->good_sigs++;
sigrc = '!';
break;
case GPG_ERR_BAD_SIGNATURE:
void deprecated_warning(const char *configname,unsigned int configlineno,
const char *option,const char *repl1,const char *repl2);
void deprecated_command (const char *name);
-void obsolete_option (const char *configname, unsigned int configlineno,
- const char *name);
void obsolete_scdaemon_option (const char *configname,
unsigned int configlineno, const char *name);
void
-obsolete_option (const char *configname, unsigned int configlineno,
- const char *name)
-{
- if(configname)
- log_info (_("%s:%u: obsolete option \"%s\" - it has no effect\n"),
- configname, configlineno, name);
- else
- log_info (_("WARNING: \"%s%s\" is an obsolete option - it has no effect\n"),
- "--", name);
-}
-
-
-void
obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
const char *name)
{
if (list_mode)
es_fprintf (listfp, "# off=%lu ctb=%02x tag=%d hlen=%d plen=%lu%s%s\n",
(unsigned long)pos, ctb, pkttype, hdrlen, pktlen,
- partial? " partial":"",
+ partial? (new_ctb ? " partial" : " indeterminate") :"",
new_ctb? " new-ctb":"");
pkt->pkttype = pkttype;
-/* revoke.c
+/* revoke.c - Create recovation certificates.
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003,
* 2004 Free Software Foundation, Inc.
*
ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
- ARGPARSE_p_u (oDebug, "debug", "@"),
+ ARGPARSE_s_s (oDebug, "debug", "@"),
ARGPARSE_s_s (oDebugLevel, "debug-level",
N_("|LEVEL|set the debugging level to LEVEL")),
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
};
+/* The list of supported debug flags. */
+static struct debug_flags_s debug_flags [] =
+ {
+ { DBG_MOUNT_VALUE , "mount" },
+ { DBG_CRYPTO_VALUE , "crypto" },
+ { DBG_MEMORY_VALUE , "memory" },
+ { DBG_MEMSTAT_VALUE, "memstat" },
+ { DBG_IPC_VALUE , "ipc" },
+ { 0, NULL }
+ };
+
+
/* The timer tick interval used by the idle task. */
#define TIMERTICK_INTERVAL_SEC (1)
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
if (opt.debug)
- log_info ("enabled debug flags:%s%s%s%s%s\n",
- (opt.debug & DBG_MOUNT_VALUE )? " mount":"",
- (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
- (opt.debug & DBG_MEMORY_VALUE )? " memory":"",
- (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
- (opt.debug & DBG_IPC_VALUE )? " ipc":"");
+ parse_debug_flag (NULL, &opt.debug, debug_flags);
}
case oNoDetach: /*nodetach = 1; */break;
- case oDebug: debug_value |= pargs.r.ret_ulong; break;
+ case oDebug:
+ if (parse_debug_flag (pargs.r.ret_str, &opt.debug, debug_flags))
+ {
+ pargs.r_opt = ARGPARSE_INVALID_ARG;
+ pargs.err = ARGPARSE_PRINT_ERROR;
+ }
+ break;
case oDebugAll: debug_value = ~0; break;
case oDebugNone: debug_value = 0; break;
case oDebugLevel: debug_level = pargs.r.ret_str; break;
top_builddir = ..
# These options get passed to xgettext.
-XGETTEXT_OPTIONS = --keyword=_ --keyword=N_
+XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ --keyword=L_
# This is the copyright holder that gets inserted into the header of the
# $(DOMAIN).pot file. Set this to the copyright holder of the surrounding
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Introduïu la contrasenya; aquesta ha de ser una frase secreta \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "la contrasenya és errònia"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "la contrasenya és errònia"
-#, fuzzy
-msgid "Passphrase"
-msgstr "la contrasenya és errònia"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "l'algoritme de protecció %d%s no està suportat\n"
msgstr "Introduïu la contrasenya; aquesta ha de ser una frase secreta \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "la contrasenya és errònia"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Cancel·la"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Realment voleu eliminar les claus seleccionades? "
+
#, fuzzy
msgid "Delete key"
msgstr "activa una clau"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "AVÍS: %s és una opció desaconsellada.\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Notació de signatura: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 signatura errònia\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d signatures errònies\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "AVÍS: %s és una opció desaconsellada.\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "AVÍS: %s és una opció desaconsellada.\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "AVÍS: %s és una opció desaconsellada.\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "la contrasenya és errònia"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr ""
#~ "AVÍS: les opcions en «%s» encara no estan actives durant aquesta "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "|pinentry-label|_OK"
msgstr ""
"Prosím, zadejte vaše heslo, aby pro tuto relaci mohl být odemknut tajný klíč"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Heslo:"
+
msgid "does not match - try again"
msgstr "neshodují se – zkuste to znovu"
msgid "Bad Passphrase"
msgstr "Špatné heslo"
-msgid "Passphrase"
-msgstr "Heslo"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "SSH klíče delší než %d bitů nejsou podporovány\n"
msgstr[2] ""
"Heslo by mělo obsahovat alespoň %u číslic nebo %%0Azvláštních znaků."
-#, c-format
+#, fuzzy, c-format
+#| msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgstr ""
"Heslo by nemělo být známým slovem nebo se shodovat%%0As určitým vzorem."
"Prosím, vložte heslo nebo PIN\n"
"potřebný pro dokončení této operace."
-msgid "Passphrase:"
-msgstr "Heslo:"
-
msgid "cancelled\n"
msgstr "zrušeno\n"
msgid "I'll change it later"
msgstr "Změním jej později"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Opravdu chcete smazat vybrané klíče? (a/N) "
+
msgid "Delete key"
msgstr "Smazat klíč"
msgstr "při pokusu alokovat %lu bajtů došla paměť"
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: zastaralý parametr „%s“ – neúčinkuje\n"
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "VAROVÁNÍ: „%s%s“ je zastaralý parametr – neúčinkuje\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr "gpg-agent neběží – spouští se „%s“\n"
msgid "Signature notation: "
msgstr "Podepisovací notace: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 špatný podpis\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d špatných podpisů\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr "Pozor: %lu klíč(ů) přeskočen(o) kvůli jejich přílišné velikosti\n"
msgstr "VAROVÁNÍ: používání příkaz „%s“ se nedoporučuje - nepoužívejte jej\n"
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: zastaralý parametr „%s“ – neúčinkuje\n"
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "VAROVÁNÍ: „%s%s“ je zastaralý parametr – neúčinkuje\n"
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "%s:%u: „%s“ je v tomto souboru zastaralý – účinkuje pouze v %s\n"
"Syntaxe: gpg-check-pattern [volby] soubor_se_vzorem\n"
"Prověří heslo zadané na vstupu proti souboru se vzory\n"
+#~ msgid "Passphrase"
+#~ msgstr "Heslo"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr "používat dočasné soubory na přenos dat k modulům pro servery klíčů"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "_O.k."
"Indtast din adgangsfrase, så at den hemmelige nøgle kan låses op for denne "
"session"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Adgangsfrase:"
+
msgid "does not match - try again"
msgstr "matcher ikke - prøv igen"
msgid "Bad Passphrase"
msgstr "Ugyldig adgangsfrase"
-msgid "Passphrase"
-msgstr "Adgangsfrase"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "ssh-nøgler større end %d bit er ikke understøttet\n"
"Indtast venligst adgangsfrasen eller PIN'en\n"
"krævet for at færdiggøre denne handling."
-msgid "Passphrase:"
-msgstr "Adgangsfrase:"
-
msgid "cancelled\n"
msgstr "afbrudt\n"
msgid "I'll change it later"
msgstr "Jeg ændrer den senere"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Vil du virkelig slette de valgte nøgler? (j/N) "
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgid "out of core while allocating %lu bytes"
msgstr "ikke nok kerne under allokering af %lu byte"
+#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: forældet indstilling »%s« - den har ingen effekt\n"
+
+#, fuzzy, c-format
+#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "ADVARSEL: »%s« er en forældet indstilling - den har ingen effekt\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
#, fuzzy, c-format
#| msgid "no running gpg-agent - starting one\n"
msgid "no running gpg-agent - starting '%s'\n"
msgid "Signature notation: "
msgstr "Underskriftsnotation: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 ugyldig underskrift\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d ugyldige underskrifter\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "ADVARSEL: »%s« er en forældet kommando - brug den ikke\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: forældet indstilling »%s« - den har ingen effekt\n"
-
-#, fuzzy, c-format
-#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "ADVARSEL: »%s« er en forældet indstilling - den har ingen effekt\n"
-
#, fuzzy, c-format
#| msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
"Syntaks: gpg-check-pattern [tilvalg] mønsterfil\n"
"Kontroller en adgangsfrase angivet på stdin mod mønsterfilen\n"
+#~ msgid "Passphrase"
+#~ msgstr "Adgangsfrase"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr "brug midlertidige filer til at sende data til nøgleserverhjælpere"
msgstr ""
"Project-Id-Version: gnupg-2.1.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-06-11 13:03+0200\n"
+"PO-Revision-Date: 2015-07-01 13:04+0200\n"
"Last-Translator: Werner Koch <wk@gnupg.org>\n"
"Language-Team: German <de@li.org>\n"
"Language: de\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "_OK"
"Bitte geben Sie Ihre Passphrase ein, so daß der geheime Schlüssel benutzt "
"werden kann."
+msgid "PIN:"
+msgstr "PIN:"
+
+msgid "Passphrase:"
+msgstr "Passphrase:"
+
msgid "does not match - try again"
msgstr "Keine Übereinstimmung - bitte nochmal versuchen."
msgid "Bad Passphrase"
msgstr "Falsche Passphrase!"
-msgid "Passphrase"
-msgstr "Passphrase"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "SSH Schlüssel von mehr als %d Bits werden nicht unterstützt\n"
"Die Eingabe der Passphrase bzw. der PIN\n"
"wird benötigt, um diese Aktion auszuführen."
-msgid "Passphrase:"
-msgstr "Passphrase:"
-
msgid "cancelled\n"
msgstr "Vom Benutzer abgebrochen\n"
msgid "I'll change it later"
msgstr "Ich werde sie später ändern"
+#, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr ""
+"Möchten Sie den Schlüssel mit dem \"Keygrip\"%%0A %s%%0A %%C%%0Awirklich "
+"entfernen?"
+
msgid "Delete key"
msgstr "Schlüssel löschen"
msgstr "Kein Speicher mehr vorhanden, als %lu Byte zugewiesen werden sollten"
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: Die Option \"%s\" is veraltet - sie hat keine Wirkung\n"
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "WARNUNG: \"%s%s\" ist eine veraltete Option - sie hat keine Wirkung.\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr "Unbekanntes Debug Flag '%s' wird ignoriert\n"
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr "Kein aktiver gpg-agent - `%s' wird gestartet\n"
msgid "Signature notation: "
msgstr "Beglaubigungs-\"Notation\": "
+msgid "1 good signature\n"
+msgstr "1 korrekte Signatur\n"
+
+#, c-format
+msgid "%d good signatures\n"
+msgstr "%d korrekte Signaturen\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr "WARNUNG: %lu Schlüssel übersprungen, da sie zu groß sind\n"
"WARNUNG: \"%s\" ist ein nicht ratsamer Befehl - verwenden Sie ihn nicht.\n"
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: Die Option \"%s\" is veraltet - sie hat keine Wirkung\n"
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "WARNUNG: \"%s%s\" ist eine veraltete Option - sie hat keine Wirkung.\n"
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr ""
"%s:%u: Die Option \"%s\" is veraltet - sie hat eine Wirkung nur in %s.\n"
"Syntax: gpg-check-pattern [optionen] Musterdatei\n"
"Die von stdin gelesene Passphrase gegen die Musterdatei prüfen\n"
+#~ msgid "Passphrase"
+#~ msgstr "Passphrase"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr ""
#~ "verwende temporäre Dateien, um Daten an die Schlüsselserverhilfsprogramme "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "ÐëçêôñïëïãÞóôå ôç öñÜóç êëåéäß· áõôÞ åßíáé ìéá ìõóôéêÞ ðñüôáóç \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "êáêÞ öñÜóç êëåéäß"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "êáêÞ öñÜóç êëåéäß"
-#, fuzzy
-msgid "Passphrase"
-msgstr "êáêÞ öñÜóç êëåéäß"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "äåí õðïóôçñßæåôáé ï áëãüñéèìïò ðñïóôáóßáò %d%s\n"
msgstr "ÐëçêôñïëïãÞóôå ôç öñÜóç êëåéäß· áõôÞ åßíáé ìéá ìõóôéêÞ ðñüôáóç \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "êáêÞ öñÜóç êëåéäß"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Áêýñùóç"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Óßãïõñá èÝëåôå íá äéáãñáöïýí ôá åðéëåãìÝíá êëåéäéÜ; "
+
#, fuzzy
msgid "Delete key"
msgstr "åíåñãïðïéåß Ýíá êëåéäß"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "ÐÑÏÅÉÄÏÐÏÉÇÓÇ: \"%s\" åßíáé ìéá ìç óõíåéóôþìåíç åðéëïãÞ\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Óçìåßùóç õðïãñáöÞò: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 êáêÞ õðïãñáöÞ\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d êáêÝò õðïãñáöÝò\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "ÐÑÏÅÉÄÏÐÏÉÇÓÇ: \"%s\" åßíáé ìéá ìç óõíåéóôþìåíç åðéëïãÞ\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "ÐÑÏÅÉÄÏÐÏÉÇÓÇ: \"%s\" åßíáé ìéá ìç óõíåéóôþìåíç åðéëïãÞ\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "ÐÑÏÅÉÄÏÐÏÉÇÓÇ: \"%s\" åßíáé ìéá ìç óõíåéóôþìåíç åðéëïãÞ\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "êáêÞ öñÜóç êëåéäß"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr ""
#~ "ÐÑÏÅÉÄÏÐÏÉÇÓÇ: ïé åðéëïãåò óôï `%s' äåí åßíáé åíåñãÝò óå áõôÞ ôçí "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Bonvolu doni la pasfrazon; tio estas sekreta frazo \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "malbona pasfrazo"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "malbona pasfrazo"
-#, fuzzy
-msgid "Passphrase"
-msgstr "malbona pasfrazo"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "protekto-metodo %d%s ne estas realigita\n"
msgstr "Bonvolu doni la pasfrazon; tio estas sekreta frazo \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "malbona pasfrazo"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "nuligita de uzanto\n"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Æu vi vere volas forviþi la elektitajn þlosilojn? "
+
#, fuzzy
msgid "Delete key"
msgstr "þalti þlosilon"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "AVERTO: '%s' estas malplena dosiero\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Subskribo-notacio: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 malbona subskribo\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d malbonaj subskriboj\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "AVERTO: '%s' estas malplena dosiero\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "AVERTO: '%s' estas malplena dosiero\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "AVERTO: '%s' estas malplena dosiero\n"
"Check a passphrase given on stdin against the patternfile\n"
msgstr ""
+#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "malbona pasfrazo"
+
#~ msgid "gpg-agent is not available in this session\n"
#~ msgstr "gpg-agent ne estas disponata en æi tiu sesio\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "|entrada de pin-etiqueta|_OK"
"Por favor introduzca la frase contraseña para desbloquear la clave secreta "
"de esta sesión"
+msgid "PIN:"
+msgstr ""
+
+# ¿Por qué no frase de paso?
+# Porque todo el mundo sabe lo que es una contraseña
+# y una "frase de paso" no. Soy consciente de que se
+# traduce igual password y passphrase pero el contexto
+# permite saber de lo que se está hablando.
+# No sé, no sé.
+# ¿Por qué los ingleses entonces sí que saben lo que es un "passphrase"?
+# ¿Es que son más listos? :-)
+#
+msgid "Passphrase:"
+msgstr "Frase contraseña:"
+
msgid "does not match - try again"
msgstr "no coincide - reinténtelo"
msgid "Bad Passphrase"
msgstr "Frase contraseña errónea"
-# ¿Por qué no frase de paso?
-# Porque todo el mundo sabe lo que es una contraseña
-# y una "frase de paso" no. Soy consciente de que se
-# traduce igual password y passphrase pero el contexto
-# permite saber de lo que se está hablando.
-# No sé, no sé.
-# ¿Por qué los ingleses entonces sí que saben lo que es un "passphrase"?
-# ¿Es que son más listos? :-)
-#
-msgid "Passphrase"
-msgstr "Frase contraseña"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "no pueden usarse claves ssh de más de %d bits\n"
"Por favor introduzca la frase contraseña o PIN\n"
"necesarios para completar esta operación."
-# ¿Por qué no frase de paso?
-# Porque todo el mundo sabe lo que es una contraseña
-# y una "frase de paso" no. Soy consciente de que se
-# traduce igual password y passphrase pero el contexto
-# permite saber de lo que se está hablando.
-# No sé, no sé.
-# ¿Por qué los ingleses entonces sí que saben lo que es un "passphrase"?
-# ¿Es que son más listos? :-)
-#
-msgid "Passphrase:"
-msgstr "Frase contraseña:"
-
msgid "cancelled\n"
msgstr "cancelado\n"
msgid "I'll change it later"
msgstr "La cambiaré más tarde"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "¿De verdad quiere borrar las claves seleccionadas? (s/N) "
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgid "out of core while allocating %lu bytes"
msgstr "error de memoria reservando %lu bytes"
+#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: opción obsoleta \"%s\" - no tiene efecto\n"
+
+#, fuzzy, c-format
+#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "ATENCIÓN: \"%s\" es una opción obsoleta - no tiene efecto\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
#, fuzzy, c-format
#| msgid "no running gpg-agent - starting one\n"
msgid "no running gpg-agent - starting '%s'\n"
msgid "Signature notation: "
msgstr "Notación de firma: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 firma incorrecta\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d firmas incorrectas\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "ATENCIÓN: \"%s\" es una orden obsoleta - no la use\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: opción obsoleta \"%s\" - no tiene efecto\n"
-
-#, fuzzy, c-format
-#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "ATENCIÓN: \"%s\" es una opción obsoleta - no tiene efecto\n"
-
#, fuzzy, c-format
#| msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
"Compara frase contraseña dada en entrada estándar con un fichero de "
"patrones\n"
+# ¿Por qué no frase de paso?
+# Porque todo el mundo sabe lo que es una contraseña
+# y una "frase de paso" no. Soy consciente de que se
+# traduce igual password y passphrase pero el contexto
+# permite saber de lo que se está hablando.
+# No sé, no sé.
+# ¿Por qué los ingleses entonces sí que saben lo que es un "passphrase"?
+# ¿Es que son más listos? :-)
+#
+#~ msgid "Passphrase"
+#~ msgstr "Frase contraseña"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr ""
#~ "usar ficheros temporales para pasar datos a los ayudantes delservidor de "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Palun sisestage parool; see on salajane tekst \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "halb parool"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "halb parool"
-#, fuzzy
-msgid "Passphrase"
-msgstr "halb parool"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "kaitse algoritm %d%s ei ole toetatud\n"
msgstr "Palun sisestage parool; see on salajane tekst \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "halb parool"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Katkesta"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Kas te tõesti soovite valitud võtmeid kustutada? "
+
#, fuzzy
msgid "Delete key"
msgstr "luba võti"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "HOIATUS: võtit \"%s\" ei soovitata kasutada.\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Allkirja noteerimine: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 halb allkiri\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d halba allkirja\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "HOIATUS: võtit \"%s\" ei soovitata kasutada.\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "HOIATUS: võtit \"%s\" ei soovitata kasutada.\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "HOIATUS: võtit \"%s\" ei soovitata kasutada.\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "halb parool"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr "HOIATUS: seaded failis `%s' pole seekord veel aktiivsed\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Ole hyvä ja syötä salasana, tämän on salainen lause \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "väärä salasana"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "väärä salasana"
-#, fuzzy
-msgid "Passphrase"
-msgstr "väärä salasana"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "suojausalgoritmi %d%s ei ole käytettävissä\n"
msgstr "Ole hyvä ja syötä salasana, tämän on salainen lause \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "väärä salasana"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Peru"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Haluatko varmasti poistaa valitut avaimet? "
+
#, fuzzy
msgid "Delete key"
msgstr "ota avain käyttöön"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "VAROITUS: \"%s\" on paheksuttu valitsin\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Allekirjoitusnotaatio: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 väärä allekirjoitus\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d väärää allekirjoitusta\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "VAROITUS: \"%s\" on paheksuttu valitsin\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "VAROITUS: \"%s\" on paheksuttu valitsin\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "VAROITUS: \"%s\" on paheksuttu valitsin\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "väärä salasana"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr ""
#~ "VAROITUS: asetukset tiedostossa \"%s\" eivät ole käytössä vielä tässä "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "|pinentry-label|_OK"
"Veuillez entrer votre phrase secrète, afin de débloquer la clef secrète "
"pendant cette session"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Phrase secrète :"
+
msgid "does not match - try again"
msgstr "ne correspond pas — veuillez réessayer"
msgid "Bad Passphrase"
msgstr "Mauvaise phrase secrète"
-msgid "Passphrase"
-msgstr "Phrase secrète"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "les clefs SSH plus grandes que %d bits ne sont pas prises en charge\n"
"Une phrase secrète devrait contenir au moins %u chiffres%%0Aou caractères "
"spéciaux."
-#, c-format
+#, fuzzy, c-format
+#| msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgstr ""
"Une phrase secrète ne devrait ni être un mot commun,%%0Ani correspondre à un "
"Veuillez entrer la phrase secrète ou le code personnel\n"
"nécessaires pour terminer cette opération."
-msgid "Passphrase:"
-msgstr "Phrase secrète :"
-
msgid "cancelled\n"
msgstr "annulé\n"
msgid "I'll change it later"
msgstr "Je la modifierai plus tard"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Voulez-vous vraiment supprimer les clefs sélectionnées ? (o/N) "
+
msgid "Delete key"
msgstr "Supprimer la clef"
msgstr "hors limite lors de l'allocation de %lu octets"
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s : %u : option « %s » obsolète — non prise en compte\n"
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "Attention : « %s%s » est une option obsolète — non prise en compte\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
"pas d'instance de gpg-agent en cours d'exécution — démarrage de « %s »\n"
msgid "Signature notation: "
msgstr "Notation de signature : "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 mauvaise signature\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d mauvaises signatures\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr "Attention : %lu clefs ignorées en raison de leur grande taille\n"
msgstr "Attention : « %s » est une commande déconseillée — ne l'utilisez pas\n"
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s : %u : option « %s » obsolète — non prise en compte\n"
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "Attention : « %s%s » est une option obsolète — non prise en compte\n"
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr ""
"%s : %u : « %s » est obsolète dans ce fichier — n’est prise en compte que "
"Vérifier une phrase secrète donnée sur l'entrée standard par rapport à "
"ficmotif\n"
+#~ msgid "Passphrase"
+#~ msgstr "Phrase secrète"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr ""
#~ "utiliser des fichiers temporaires pour passer les données aux assistants "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Por favor, introduza o contrasinal; esta é unha frase secreta \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "contrasinal erróneo"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "contrasinal erróneo"
-#, fuzzy
-msgid "Passphrase"
-msgstr "contrasinal erróneo"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "o algoritmo de protección %d%s non está soportado\n"
msgstr "Por favor, introduza o contrasinal; esta é unha frase secreta \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "contrasinal erróneo"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Cancelar"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "¿Seguro de que quere borra-las chaves seleccionadas? "
+
#, fuzzy
msgid "Delete key"
msgstr "habilitar unha chave"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "AVISO: \"%s\" é unha opción a extinguir\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Notación de sinaturas: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 sinatura errónea\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d sinaturas erróneas\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "AVISO: \"%s\" é unha opción a extinguir\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "AVISO: \"%s\" é unha opción a extinguir\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "AVISO: \"%s\" é unha opción a extinguir\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "contrasinal erróneo"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr "AVISO: as opcións de `%s' aínda non están activas nesta execución\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Kérem, adja meg a jelszót! Ezt egy titkos mondat. \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "rossz jelszó"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "rossz jelszó"
-#, fuzzy
-msgid "Passphrase"
-msgstr "rossz jelszó"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "%d%s védõ algoritmus nem támogatott.\n"
msgstr "Kérem, adja meg a jelszót! Ezt egy titkos mondat. \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "rossz jelszó"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Mégsem"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Valóban törli a kiválasztott kulcsokat? "
+
#, fuzzy
msgid "Delete key"
msgstr "kulcs engedélyezése"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "FIGYELEM: \"%s\" elavult opció!\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Aláírás-jelölés: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 rossz aláírás.\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d rossz aláírás.\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "FIGYELEM: \"%s\" elavult opció!\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "FIGYELEM: \"%s\" elavult opció!\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "FIGYELEM: \"%s\" elavult opció!\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "rossz jelszó"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr ""
#~ "FIGYELEM: \"%s\" opciói csak a következõ futáskor lesznek érvényesek!\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Silakan masukkan passphrase; ini kalimat rahasia\n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "passphrase yang buruk"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "passphrase yang buruk"
-#, fuzzy
-msgid "Passphrase"
-msgstr "passphrase yang buruk"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "algoritma proteksi %d%s tidak didukung\n"
msgstr "Silakan masukkan passphrase; ini kalimat rahasia\n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "passphrase yang buruk"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Batal"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Anda ingin menghapus kunci terpilih ini? "
+
#, fuzzy
msgid "Delete key"
msgstr "aktifkan kunci"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "WARNING: \"%s\" adalah opsi terdepresiasi\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Notasi signature: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 signature yang buruk\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d signature yang buruk\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "WARNING: \"%s\" adalah opsi terdepresiasi\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "WARNING: \"%s\" adalah opsi terdepresiasi\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "WARNING: \"%s\" adalah opsi terdepresiasi\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "passphrase yang buruk"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr "PERINGATAN: opsi dalam `%s' belum aktif selama pelaksanaan ini\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Inserisci la passphrase, cioè una frase segreta \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "passphrase errata"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "passphrase errata"
-#, fuzzy
-msgid "Passphrase"
-msgstr "passphrase errata"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "l'algoritmo di protezione %d%s non è gestito\n"
msgstr "Inserisci la passphrase, cioè una frase segreta \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "passphrase errata"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Cancella"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Vuoi davvero cancellare le chiavi selezionate? "
+
#, fuzzy
msgid "Delete key"
msgstr "abilita una chiave"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "ATTENZIONE: \"%s\" è una opzione deprecata\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Annotazione della firma: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "una firma non corretta\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d firme non corrette\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "ATTENZIONE: \"%s\" è una opzione deprecata\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "ATTENZIONE: \"%s\" è una opzione deprecata\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "ATTENZIONE: \"%s\" è una opzione deprecata\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "passphrase errata"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr ""
#~ "ATTENZIONE: le opzioni in `%s' non sono ancora attive durante questa\n"
#
msgid ""
msgstr ""
-"Project-Id-Version: gnupg 2.1.1\n"
+"Project-Id-Version: gnupg 2.1.5\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2014-12-17 09:43+0900\n"
+"PO-Revision-Date: 2015-06-16 12:46+0900\n"
"Last-Translator: NIIBE Yutaka <gniibe@fsij.org>\n"
"Language-Team: none\n"
"Language: ja\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "|pinentry-label|_OK"
msgid "|pinentry-label|_Cancel"
-msgstr "|pinentry-label|_キャンセル"
+msgstr "|pinentry-label|キャンセル(_C)"
-#, fuzzy
-#| msgid "|pinentry-label|_OK"
msgid "|pinentry-label|_Yes"
-msgstr "|pinentry-label|_OK"
+msgstr "|pinentry-label|_Yes"
-#, fuzzy
-#| msgid "|pinentry-label|_OK"
msgid "|pinentry-label|_No"
-msgstr "|pinentry-label|_OK"
+msgstr "|pinentry-label|_No"
msgid "|pinentry-label|PIN:"
msgstr "|pinentry-label|PIN:"
-#, fuzzy
-#| msgid "|pinentry-label|_Cancel"
msgid "|pinentry-label|_Save in password manager"
-msgstr "|pinentry-label|_キャンセル"
+msgstr "|pinentry-label|パスワードマネージャに保管(_S)"
-#, fuzzy
-#| msgid "Do you really want to permanently delete the OpenPGP secret key:"
msgid "Do you really want to make your passphrase visible on the screen?"
-msgstr "選択したOpenPGP秘密鍵を本当に永久に削除しますか? (y/N) "
+msgstr "本当に画面にパスフレーズを見えるようにしますか?"
msgid "|pinentry-tt|Make passphrase visible"
-msgstr ""
+msgstr "|pinentry-tt|パスフレーズを見えるようにする"
-#, fuzzy
-#| msgid "Enter new passphrase"
msgid "|pinentry-tt|Hide passphrase"
-msgstr "新しいパスフレーズを入力してください"
+msgstr "|pinentry-tt|パスフレーズを隠す"
#. TRANSLATORS: This string is displayed by Pinentry as the label
#. for the quality bar.
msgid "Quality:"
-msgstr "品質: %s"
+msgstr "品質:"
#. TRANSLATORS: This string is a tooltip, shown by pinentry when
#. hovering over the quality bar. Please use an appropriate
"あなたのパスフレーズを入力してください(このセッションで秘密鍵のロックを解除す"
"るために使われます)"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "パスフレーズ:"
+
msgid "does not match - try again"
msgstr "一致しません - もう一度"
msgid "Bad Passphrase"
msgstr "パスフレーズが不正です"
-msgid "Passphrase"
-msgstr "パスフレーズ"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "ssh鍵で%dビットより大きいものはサポートされません\n"
"A passphrase should contain at least %u digits or%%0Aspecial characters."
msgstr[0] "パスフレーズは最低でも%u文字の数字か特殊文字を含むべきです。"
-#, c-format
+#, fuzzy, c-format
+#| msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgstr ""
"パスフレーズには、よく知られている用語や特定のパターンにマッチするものは%%0A"
msgid "do not use the SCdaemon"
msgstr "SCdaemonを使わない"
-#, fuzzy
-#| msgid "|NAME|connect to host NAME"
msgid "|NAME|accept some commands via NAME"
-msgstr "|NAME|ホストNAMEに接続する"
+msgstr "|NAME|NAMEからのコマンドを受け付ける"
msgid "ignore requests to change the TTY"
msgstr "TTYの変更要求を無視する"
msgid "do not use the PIN cache when signing"
msgstr "署名に対してPINの保持を使わない"
-#, fuzzy
-#| msgid "do not allow the reuse of old passphrases"
msgid "disallow the use of an external password cache"
-msgstr "å\8f¤ã\81\84ã\83\91ã\82¹ã\83\95ã\83¬ã\83¼ã\82ºã\82\92å\86\8d使ç\94¨ã\81\99ã\82\8bã\81\93ã\81¨ã\82\92èª\8dã\82\81ã\81ªã\81\84"
+msgstr "å¤\96é\83¨ã\81®ã\83\91ã\82¹ã\83¯ã\83¼ã\83\89ã\82ã\83£ã\83\83ã\82·ã\83¥ã\81®ä½¿ç\94¨ã\82\92èª\8dã\82\81ã\81ªã\81\84"
msgid "disallow clients to mark keys as \"trusted\""
msgstr "クライアントが鍵に\"trusted\"マークをつけることを認めない"
msgstr "pinentryより優先してパスフレーズ入力を認める"
msgid "allow passphrase to be prompted through Emacs"
-msgstr ""
+msgstr "Emacsを通じてパスフレーズを催促することを認める"
msgid "enable ssh support"
msgstr "sshサポートを有功にする"
"パスフレーズまたはPINを入力してください。\n"
"この操作を完了するのに必要です。"
-msgid "Passphrase:"
-msgstr "パスフレーズ:"
-
msgid "cancelled\n"
msgstr "キャンセルされました\n"
msgid "I'll change it later"
msgstr "後で変更する"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "選択した鍵を本当に削除しますか? (y/N) "
+
msgid "Delete key"
msgstr "鍵を削除する"
msgstr "%luバイトの確保においてメモリが足りません"
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+"%s:%u: \"%s\"は、使われなくなったオプションです - なんの効果もありません\n"
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr ""
+"*警告*: \"%s%s\"は、使われなくなったオプションです - なんの効果もありません\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr "gpg-agentが実行されていません - '%s'を開始します\n"
msgstr "キーワードが長すぎます"
msgid "missing argument"
-msgstr "引数ありません"
+msgstr "å¼\95æ\95°ã\81\8cã\81\82ã\82\8aã\81¾ã\81\9bã\82\93"
msgid "invalid argument"
msgstr "無効な引数"
msgid "quickly generate a new key pair"
msgstr "すばやく新しい鍵ペアを生成"
-#, fuzzy
-#| msgid "quickly generate a new key pair"
msgid "quickly add a new user-id"
-msgstr "すばやく新しい鍵ペアを生成"
+msgstr "すばやく新しいユーザIDを追加"
msgid "full featured key pair generation"
msgstr "全機能の鍵ペアを生成"
msgid "Signature notation: "
msgstr "署名注釈: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "不正な署名1個\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "不正な署名%d個\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr "*警告*: %lu 鍵がその大きさのためスキップされました\n"
msgstr "%s: 鍵リングができました\n"
msgid "override proxy options set for dirmngr"
-msgstr ""
+msgstr "dirmngrのプロキシ・オプション設定を押し切る"
msgid "include revoked keys in search results"
msgstr "失効した鍵を検索結果に含める"
msgstr "key IDによる検索に副鍵も含める"
msgid "override timeout options set for dirmngr"
-msgstr ""
+msgstr "dirmngrのタイムアウト・オプション設定を押し切る"
msgid "automatically retrieve keys when verifying signatures"
msgstr "署名の検証時に自動的に鍵を取得する"
msgstr "*警告*: \"%s\" は、廃止されているコマンドです - 使わないでください\n"
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-"%s:%u: \"%s\"は、使われなくなったオプションです - なんの効果もありません\n"
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr ""
-"*警告*: \"%s%s\"は、使われなくなったオプションです - なんの効果もありません\n"
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr ""
"%s:%u: \"%s\"は、このファイルで使われなくなりました - %sになんの効果もありま"
"形式: gpg-check-pattern [オプション] パターンファイル\n"
"パターンファイルに対して標準入力のパスフレーズを確認する\n"
+#~ msgid "Passphrase"
+#~ msgstr "パスフレーズ"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr "キーサーバ・ヘルパーにデータを与える際、一時ファイルを使う"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr ""
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "ugyldig passfrase"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "ugyldig passfrase"
-#, fuzzy
-msgid "Passphrase"
-msgstr "ugyldig passfrase"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr ""
msgstr ""
#, fuzzy
-msgid "Passphrase:"
-msgstr "ugyldig passfrase"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "cancel|cancel"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Vil du virkelig slette den valgte nøkkelen? (j/N) "
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr ""
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr ""
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 ubrukelig signatur\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d ubrukelige signaturer\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgstr ""
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr ""
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr ""
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "ugyldig passfrase"
+
+#, fuzzy
#~| msgid "WARNING: keyserver option `%s' is not used on this platform\n"
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr ""
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "|pinentry-label|_OK"
msgstr ""
"Proszê wprowadziæ swoje has³o, ¿eby odblokowaæ klucz tajny dla tej sesji"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Has³o:"
+
msgid "does not match - try again"
msgstr "nie pasuj± - proszê spróbowaæ jeszcze raz"
msgid "Bad Passphrase"
msgstr "Niepoprawne has³o"
-msgid "Passphrase"
-msgstr "Has³o"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "klucze ssh wiêksze ni¿ %d bitów nie s± obs³ugiwane\n"
"Proszê wprowadziæ has³o lub PIN\n"
"Potrzebny do zakoñczenia tej operacji."
-msgid "Passphrase:"
-msgstr "Has³o:"
-
msgid "cancelled\n"
msgstr "anulowano\n"
msgid "I'll change it later"
msgstr "Zmieniê je pó¼niej"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Czy na pewno chcesz usun±æ wybrane klucze? (t/N) "
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgid "out of core while allocating %lu bytes"
msgstr "brak miejsca podczas przydzielania %lu bajtów"
+#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: przestarza³a opcja ,,%s'' - nie ma efektu\n"
+
+#, fuzzy, c-format
+#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "OSTRZE¯ENIE: ,,%s'' jest przestarza³± opcj± - nie ma efektu\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
#, fuzzy, c-format
#| msgid "no running gpg-agent - starting one\n"
msgid "no running gpg-agent - starting '%s'\n"
msgid "Signature notation: "
msgstr "Adnotacje podpisu: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 niepoprawny podpis\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d niepoprawnych podpisów\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgstr ""
"OSTRZE¯ENIE: ,,%s'' jest przestarza³ym poleceniem - nie nale¿y go u¿ywaæ\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: przestarza³a opcja ,,%s'' - nie ma efektu\n"
-
-#, fuzzy, c-format
-#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "OSTRZE¯ENIE: ,,%s'' jest przestarza³± opcj± - nie ma efektu\n"
-
#, fuzzy, c-format
#| msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
"Sk³adnia: gpg-check-pattern [opcje] plik-wzorców\n"
"Sprawdzanie has³a ze standardowego wej¶cia wzglêdem pliku wzorców\n"
+#~ msgid "Passphrase"
+#~ msgstr "Has³o"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr ""
#~ "u¿ycie plików tymczasowych do przekazywania danych do modu³ów obs³ugi "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Por favor digite a frase secreta \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "frase secreta incorrecta"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "frase secreta incorrecta"
-#, fuzzy
-msgid "Passphrase"
-msgstr "frase secreta incorrecta"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "algoritmo de protecção %d%s não é suportado\n"
msgstr "Por favor digite a frase secreta \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "frase secreta incorrecta"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "cancelado pelo utilizador\n"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Você quer realmente remover as chaves selecionadas? "
+
#, fuzzy
msgid "Delete key"
msgstr "activa uma chave"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "AVISO: \"%s\" é uma opção depreciada\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Notação de assinatura: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 assinatura incorrecta\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d assinaturas incorrectas\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "AVISO: \"%s\" é uma opção depreciada\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "AVISO: \"%s\" é uma opção depreciada\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "AVISO: \"%s\" é uma opção depreciada\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "frase secreta incorrecta"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr "AVISO: opções em `%s' ainda não estão activas nesta execução\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
msgstr ""
"Vã rugãm introduceþi fraza-parolã; aceasta este o propoziþie secretã \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "frazã-parolã incorectã"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "frazã-parolã incorectã"
-#, fuzzy
-msgid "Passphrase"
-msgstr "frazã-parolã incorectã"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "algoritm rezumat %d nu este suportat\n"
"Vã rugãm introduceþi fraza-parolã; aceasta este o propoziþie secretã \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "frazã-parolã incorectã"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "anulatã"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Doriþi într-adevãr sã ºtergeþi cheile selectate? (d/N) "
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "AVERTISMENT: \"%s\" este o opþiune învechitã\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Notare semnãturã: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 semnãturã incorectã\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d semnãturi incorecte\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "AVERTISMENT: \"%s\" este o comandã învechitã - nu o folosiþi\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "AVERTISMENT: \"%s\" este o opþiune învechitã\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "AVERTISMENT: \"%s\" este o opþiune învechitã\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "frazã-parolã incorectã"
+
+#, fuzzy
#~| msgid "WARNING: keyserver option `%s' is not used on this platform\n"
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr ""
-# Copyright (C)2006 Free Software Foundation, Inc.
+# Copyright (C) 2015 Free Software Foundation, Inc.
# This file is distributed under the same license as the GnuPG package.
# Maxim Britov <maxim.britov@gmail.com>, 2006.
# !-- no such user (2011-01-11)
msgstr ""
"Project-Id-Version: GnuPG 2.1.0\n"
"Report-Msgid-Bugs-To: translations@gnupg.org\n"
-"PO-Revision-Date: 2015-05-23 17:17+0000\n"
+"PO-Revision-Date: 2015-06-25 17:17+0000\n"
"Last-Translator: Ineiev <ineiev@gnu.org>\n"
"Language-Team: Russian <gnupg-ru@gnupg.org>\n"
"Language: ru\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "|pinentry-label|_OK"
msgstr "|pinentry-tt|Показывать фразу-пароль"
msgid "|pinentry-tt|Hide passphrase"
-msgstr "pinentry-tt|Скрывать фразу-пароль"
+msgstr "|pinentry-tt|Скрывать фразу-пароль"
#. TRANSLATORS: This string is displayed by Pinentry as the label
#. for the quality bar.
"Введите фразу-пароль, чтобы сделать закрытый ключ доступным на протяжении "
"этого сеанса"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Фраза-пароль:"
+
msgid "does not match - try again"
msgstr "не подходит - попробуйте еще раз"
msgid "Bad Passphrase"
msgstr "Неверная фраза-пароль"
-msgid "Passphrase"
-msgstr "Фраза-пароль"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "ключи ssh длиннее %d бит не поддерживаются\n"
msgstr "разрешить клиентам замещать собой pinentry"
msgid "allow passphrase to be prompted through Emacs"
-msgstr ""
+msgstr "разрешить ввод фразы-пароля через Emacs"
msgid "enable ssh support"
msgstr "включить поддержку ssh"
"Введите фразу-пароль или PIN,\n"
"необходимые для выполнения данной операции."
-msgid "Passphrase:"
-msgstr "Фраза-пароль:"
-
msgid "cancelled\n"
msgstr "отменено\n"
msgid "I'll change it later"
msgstr "Сменю позже"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Вы действительно хотите удалить выбранные ключи? (y/N) "
+
msgid "Delete key"
msgstr "Удалить ключ"
msgstr "выход за границы при размещении %lu байтов"
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: устаревший параметр \"%s\" - игнорируется\n"
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "Внимание: параметр \"%s%s\" устарел - он игнорируется\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr "неизвестный отладочный флаг '%s' игнорируется\n"
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr "агент gpg не работает - запускаем '%s'\n"
msgid "Signature notation: "
msgstr "Примечание к подписи: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 плохая подпись\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d плохих подписей\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr "Внимание: %lu ключей пропущено из-за большого размера\n"
"Внимание: команда \"%s\" не рекомендуется к употреблению - не применяйте ее\n"
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: устаревший параметр \"%s\" - игнорируется\n"
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "Внимание: параметр \"%s%s\" устарел - он игнорируется\n"
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "%s:%u: \"%s\" в этом файле устарело - оно действует только в %s\n"
"Синтаксис: gpg-check-pattern [параметры] файл_образцов\n"
"Проверить фразу-пароль, поступающую из stdin, по файлу образцов\n"
+#~ msgid "Passphrase"
+#~ msgstr "Фраза-пароль"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr "передавать данные в сервер с помощью временных файлов"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "Prosím, vlo¾te heslo; toto je tajná veta \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "nesprávne heslo"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "nesprávne heslo"
-#, fuzzy
-msgid "Passphrase"
-msgstr "nesprávne heslo"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "ochranný algoritmus %d%s nie je podporováný\n"
msgstr "Prosím, vlo¾te heslo; toto je tajná veta \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "nesprávne heslo"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "Zru¹i»"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Skutoène chcete zmaza» vybrané kµúèe? "
+
#, fuzzy
msgid "Delete key"
msgstr "nastavi» kµúè ako platný (enable)"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "VAROVÁNÍ: pou¾itie parametra \"%s\" sa neodporúèa\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "Podpisová notácia: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 zlý podpis\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d zlých podpisov\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "VAROVÁNÍ: pou¾itie parametra \"%s\" sa neodporúèa\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "VAROVÁNÍ: pou¾itie parametra \"%s\" sa neodporúèa\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "VAROVÁNÍ: pou¾itie parametra \"%s\" sa neodporúèa\n"
msgstr ""
#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "nesprávne heslo"
+
+#, fuzzy
#~ msgid "WARNING: keyserver option '%s' is not used on this platform\n"
#~ msgstr "VAROVANIE: nastavenie v `%s' e¹te nie je aktívne\n"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "_OK"
msgstr ""
"Ange din lösenfras så att den hemliga nyckeln kan låsas upp för denna session"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Lösenfras:"
+
msgid "does not match - try again"
msgstr "stämmer inte överens - försök igen"
msgid "Bad Passphrase"
msgstr "Felaktig lösenfras"
-msgid "Passphrase"
-msgstr "Lösenfras"
-
# Skyddssammandraget låter underligt
# Kontrollsumma?
#, c-format
"Ange lösenfrasen eller PIN-koden som\n"
"behövs för att färdigställa denna åtgärd."
-msgid "Passphrase:"
-msgstr "Lösenfras:"
-
msgid "cancelled\n"
msgstr "avbruten\n"
msgid "I'll change it later"
msgstr "Jag ändrar den senare"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Vill du verkligen ta bort de valda nycklarna? (j/N) "
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgid "out of core while allocating %lu bytes"
msgstr "slut på kärna vid allokering av %lu byte"
+#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: föråldrad flagga \"%s\" - den har ingen effekt\n"
+
+#, fuzzy, c-format
+#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "VARNING: \"%s\" är en föråldrad flagga - den har ingen effekt\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
#, fuzzy, c-format
#| msgid "no running gpg-agent - starting one\n"
msgid "no running gpg-agent - starting '%s'\n"
msgid "Signature notation: "
msgstr "Signaturnotation: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 felaktig signatur\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d felaktiga signaturer\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "VARNING: \"%s\" är ett föråldrat kommando - använd det inte\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: föråldrad flagga \"%s\" - den har ingen effekt\n"
-
-#, fuzzy, c-format
-#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "VARNING: \"%s\" är en föråldrad flagga - den har ingen effekt\n"
-
#, fuzzy, c-format
#| msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
"Syntax: gpg-check-pattern [flaggor] mönsterfil\n"
"Kontrollera en lösenfras angiven på standard in mot mönsterfilen\n"
+#~ msgid "Passphrase"
+#~ msgstr "Lösenfras"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr ""
#~ "använd temporärfiler för att skicka data till nyckelserverns hjälpprogram"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"Lütfen anahtar parolanızı giriniz, böylelikle bu oturumda bu gizli anahtar "
"kilitsiz olabilecek"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Anahtar Parolası:"
+
msgid "does not match - try again"
msgstr "aynı değiller - tekrar deneyin"
msgid "Bad Passphrase"
msgstr "Anahtar Parolası hatalı"
-msgid "Passphrase"
-msgstr "Anahtar Parolası"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "%d bitlikten daha büyük SSH anahtarları desteklenmiyor\n"
"Lütfen bu işlemi tamamlamak için gereken\n"
"PIN'i veya anahtar parolasını giriniz."
-msgid "Passphrase:"
-msgstr "Anahtar Parolası:"
-
msgid "cancelled\n"
msgstr "iptal edildi\n"
msgid "I'll change it later"
msgstr "Sonra değiştireceğim"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Seçili anahtarları gerçekten silmek istiyor musunuz? (e/H ya da y/N) "
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgid "out of core while allocating %lu bytes"
msgstr "%lu bayt ayrılırken nüve dışına çıkıldı"
+#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: eskimiş seçenek \"%s\" - artık etkisiz\n"
+
+#, fuzzy, c-format
+#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "UYARI: \"%s\" seçeneği eskidi - artık etkisiz\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
#, fuzzy, c-format
#| msgid "no running gpg-agent - starting one\n"
msgid "no running gpg-agent - starting '%s'\n"
msgid "Signature notation: "
msgstr "imza simgelemi: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 kötü imza\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d kötü imza\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "UYARI: \"%s\" komutu artık önerilmiyor - kullanmayın onu\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: eskimiş seçenek \"%s\" - artık etkisiz\n"
-
-#, fuzzy, c-format
-#| msgid "WARNING: \"%s\" is an obsolete option - it has no effect\n"
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "UYARI: \"%s\" seçeneği eskidi - artık etkisiz\n"
-
#, fuzzy, c-format
#| msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
"Standart girdiden verilen anahtar parolasını örüntü dosyasıyla "
"karşılaştırır\n"
+#~ msgid "Passphrase"
+#~ msgstr "Anahtar Parolası"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr ""
#~ "anahtar sunucusu yardımcılarına veri aktaracak geçici dosyalar kullanılır"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "_Гаразд"
"Будь ласка, вкажіть ваш пароль, щоб ключ можна було розблокувати для цього "
"сеансу"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "Пароль:"
+
msgid "does not match - try again"
msgstr "паролі не збігаються, повторіть спробу"
msgid "Bad Passphrase"
msgstr "Помилковий пароль"
-msgid "Passphrase"
-msgstr "Пароль"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr ""
msgstr[1] "У паролі має бути принаймні %u цифри або%%0Aспеціальних символи."
msgstr[2] "У паролі має бути принаймні %u цифр або%%0Aспеціальних символів."
-#, c-format
+#, fuzzy, c-format
+#| msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgstr ""
"Паролем не повинно бути слово зі словника або слово%%0A, що відповідає "
"Будь ласка, вкажіть пароль або пінкод,\n"
"потрібні для завершення цієї дії."
-msgid "Passphrase:"
-msgstr "Пароль:"
-
msgid "cancelled\n"
msgstr "скасовано\n"
msgid "I'll change it later"
msgstr "Я зміню його пізніше"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "Справді бажаєте вилучити вибрані ключі? (y/N або т/Н) "
+
msgid "Delete key"
msgstr "Вилучити ключ"
msgstr "вихід за межі області під час спроби отримання %lu байтів"
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: застарілий параметр «%s» — він не працюватиме\n"
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "УВАГА: «%s%s» є застарілим параметром — він не працюватиме\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr "не запущено gpg-agent — запускаємо «%s»\n"
msgid "Signature notation: "
msgstr "Примітка підпису: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 помилковий підпис\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d помилкових підписів\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr "Попередження: %lu ключів пропущено через їхній надто великий розмір\n"
msgstr "УВАГА: «%s» вважається застарілою командою — не користуйтеся нею\n"
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: застарілий параметр «%s» — він не працюватиме\n"
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "УВАГА: «%s%s» є застарілим параметром — він не працюватиме\n"
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "%s:%u: «%s» є застарілим у цьому файлі — він працює лише у %s\n"
"Синтаксис: gpg-check-pattern [параметри] файл_шаблонів\n"
"Перевірити пароль, вказаний у stdin, за допомогою файла_шаблонів\n"
+#~ msgid "Passphrase"
+#~ msgstr "Пароль"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr ""
#~ "використовувати тимчасові файли для передавання даних до допоміжних "
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr ""
"this session"
msgstr "请输入密码:这是一个秘密的句子 \n"
+msgid "PIN:"
+msgstr ""
+
+#, fuzzy
+msgid "Passphrase:"
+msgstr "错误的密码"
+
msgid "does not match - try again"
msgstr ""
msgid "Bad Passphrase"
msgstr "错误的密码"
-#, fuzzy
-msgid "Passphrase"
-msgstr "错误的密码"
-
#, fuzzy, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "不支持保护散列 %d\n"
msgstr "请输入密码:这是一个秘密的句子 \n"
#, fuzzy
-msgid "Passphrase:"
-msgstr "错误的密码"
-
-#, fuzzy
msgid "cancelled\n"
msgstr "已取消"
msgid "I'll change it later"
msgstr ""
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "您真的想要删除选定的密钥吗?(y/N)"
+
#, fuzzy
#| msgid "enable key"
msgid "Delete key"
msgstr ""
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr ""
+
+#, fuzzy, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "警告:“%s”选项已不建议使用\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr ""
msgid "Signature notation: "
msgstr "签名注记:"
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 个损坏的签名\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d 个损坏的签名\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr ""
msgid "WARNING: \"%s\" is a deprecated command - do not use it\n"
msgstr "警告:“%s”命令已不建议使用——不要使用它\n"
-#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr ""
-
-#, fuzzy, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "警告:“%s”选项已不建议使用\n"
-
#, fuzzy, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "警告:“%s”选项已不建议使用\n"
"Check a passphrase given on stdin against the patternfile\n"
msgstr ""
+#, fuzzy
+#~ msgid "Passphrase"
+#~ msgstr "错误的密码"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr "向公钥服务器辅助程序传递数据时使用临时文件"
#. Pinentries. An underscore indicates that the next letter
#. should be used as an accelerator. Double the underscore for
#. a literal one. The actual to be translated text starts after
-#. the second vertical bar.
+#. the second vertical bar. Note that gpg-agent has been set to
+#. utf-8 so that the strings are in the expected encoding.
msgid "|pinentry-label|_OK"
msgstr "|pinentry-label|_OK"
"this session"
msgstr "請輸入你的密語以便在此階段作業中解開私鑰"
+msgid "PIN:"
+msgstr ""
+
+msgid "Passphrase:"
+msgstr "密語:"
+
msgid "does not match - try again"
msgstr "前後不一致 - 請再試一次"
msgid "Bad Passphrase"
msgstr "不良的密語"
-msgid "Passphrase"
-msgstr "密語"
-
#, c-format
msgid "ssh keys greater than %d bits are not supported\n"
msgstr "未支援大於 %d 位元的 ssh 金鑰\n"
"A passphrase should contain at least %u digits or%%0Aspecial characters."
msgstr[0] "密語至少得要含有 %u 個數字或%%0A特別字符."
-#, c-format
+#, fuzzy, c-format
+#| msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgid "A passphrase may not be a known term or match%%0Acertain pattern."
msgstr "密語不得含有已知的詞彙, 亦不得與%%0A確知的模式吻合."
"請輸入完成這項操作所需的\n"
"密語或個人識別碼 (PIN)."
-msgid "Passphrase:"
-msgstr "密語:"
-
msgid "cancelled\n"
msgstr "已取消\n"
msgid "I'll change it later"
msgstr "我稍後再變更"
+#, fuzzy, c-format
+#| msgid "Do you really want to delete the selected keys? (y/N) "
+msgid ""
+"Do you really want to delete the key identified by keygrip%%0A %s%%0A %%C"
+"%%0A?"
+msgstr "你真的想要刪除所選的金鑰嗎? (y/N) "
+
msgid "Delete key"
msgstr "刪除金鑰"
msgstr "配置 %lu 位元組時超出核心"
#, c-format
+msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
+msgstr "%s:%u: 廢棄的 \"%s\" 選項 - 沒有任何影響\n"
+
+#, c-format
+msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
+msgstr "警告: \"%s%s\" 是已廢棄的選項 - 沒有效果\n"
+
+#, c-format
+msgid "unknown debug flag '%s' ignored\n"
+msgstr ""
+
+#, c-format
msgid "no running gpg-agent - starting '%s'\n"
msgstr "沒有執行中的 gpg-agent - 正在啟動 '%s'\n"
msgid "Signature notation: "
msgstr "簽章註記: "
+#, fuzzy
+#| msgid "1 bad signature\n"
+msgid "1 good signature\n"
+msgstr "1 份損壞的簽章\n"
+
+#, fuzzy, c-format
+#| msgid "%d bad signatures\n"
+msgid "%d good signatures\n"
+msgstr "%d 份損壞的簽章\n"
+
#, c-format
msgid "Warning: %lu key(s) skipped due to their large size\n"
msgstr "警告: %lu 把金鑰因尺寸太大已跳過\n"
msgstr "警告: \"%s\" 是個棄而不顧的指令 - 別再用了\n"
#, c-format
-msgid "%s:%u: obsolete option \"%s\" - it has no effect\n"
-msgstr "%s:%u: 廢棄的 \"%s\" 選項 - 沒有任何影響\n"
-
-#, c-format
-msgid "WARNING: \"%s%s\" is an obsolete option - it has no effect\n"
-msgstr "警告: \"%s%s\" 是已廢棄的選項 - 沒有效果\n"
-
-#, c-format
msgid "%s:%u: \"%s\" is obsolete in this file - it only has effect in %s\n"
msgstr "%s:%u: 此檔案內的 \"%s\" 已廢棄 - 僅對 %s 有影響\n"
"語法: gpg-check-pattern [選項] 樣式檔案\n"
"用樣式檔案來檢查由標準輸入給定的密語\n"
+#~ msgid "Passphrase"
+#~ msgstr "密語"
+
#~ msgid "use temporary files to pass data to keyserver helpers"
#~ msgstr "用暫存檔來將資料遞送給金鑰伺服器協助程式"
reader_table[slot].is_spr532 = 1;
reader_table[slot].pinpad_varlen_supported = 1;
}
- else if (strstr (reader_table[slot].rdrname, "ST-2xxx")
- || strstr (reader_table[slot].rdrname, "cyberJack")
+ else if (strstr (reader_table[slot].rdrname, "ST-2xxx"))
+ {
+ reader_table[slot].pcsc.pinmax = 15;
+ reader_table[slot].pinpad_varlen_supported = 1;
+ }
+ else if (strstr (reader_table[slot].rdrname, "cyberJack")
|| strstr (reader_table[slot].rdrname, "DIGIPASS")
|| strstr (reader_table[slot].rdrname, "Gnuk")
|| strstr (reader_table[slot].rdrname, "KAAN"))
reader_table[slot].is_spr532 = 1;
reader_table[slot].pinpad_varlen_supported = 1;
}
- else if ((vendor == 0x046a && product == 0x003e) /* Cherry ST-2xxx */
- || vendor == 0x0c4b /* Tested with Reiner cyberJack GO */
+ else if (vendor == 0x046a && product == 0x003e) /* Cherry ST-2xxx */
+ {
+ reader_table[slot].pcsc.pinmax = 15;
+ reader_table[slot].pinpad_varlen_supported = 1;
+ }
+ else if (vendor == 0x0c4b /* Tested with Reiner cyberJack GO */
|| vendor == 0x1a44 /* Tested with Vasco DIGIPASS 920 */
|| vendor == 0x234b /* Tested with FSIJ Gnuk Token */
|| vendor == 0x0d46 /* Tested with KAAN Advanced??? */)
int sw;
unsigned char *pin_verify;
int len = PIN_VERIFY_STRUCTURE_SIZE + pininfo->fixedlen;
- unsigned char result[2];
- pcsc_dword_t resultlen = 2;
+ /*
+ * The result buffer is only expected to have two-byte result on
+ * return. However, some implementation uses this buffer for lower
+ * layer too and it assumes that there is enough space for lower
+ * layer communication. Such an implementation fails for TPDU
+ * readers with "insufficient buffer", as it needs header and
+ * trailer. Six is the number for header + result + trailer (TPDU).
+ */
+ unsigned char result[6];
+ pcsc_dword_t resultlen = 6;
int no_lc;
if (!reader_table[slot].atrlen
int sw;
unsigned char *pin_modify;
int len = PIN_MODIFY_STRUCTURE_SIZE + 2 * pininfo->fixedlen;
- unsigned char result[2];
- pcsc_dword_t resultlen = 2;
+ unsigned char result[6]; /* See the comment at pinpad_verify. */
+ pcsc_dword_t resultlen = 6;
int no_lc;
if (!reader_table[slot].atrlen
/* app-openpgp.c - The OpenPGP card application.
* Copyright (C) 2003, 2004, 2005, 2007, 2008,
- * 2009, 2013, 2014 Free Software Foundation, Inc.
+ * 2009, 2013, 2014, 2015 Free Software Foundation, Inc.
*
* This file is part of GnuPG.
*
{ 0x0103, 0, 0, 0, 0, 0, 0, 0, "Private DO 3"},
{ 0x0104, 0, 0, 0, 0, 0, 0, 0, "Private DO 4"},
{ 0x7F21, 1, 0, 1, 0, 0, 0, 1, "Cardholder certificate"},
+ /* V3.0 */
+ { 0x7F74, 0, 0, 1, 0, 0, 0, 0, "General Feature Management"},
+ { 0x00D5, 0, 0, 1, 0, 0, 0, 0, "AES key data"},
{ 0 }
};
struct
{
unsigned int is_v2:1; /* This is a v2.0 compatible card. */
+ unsigned int sm_supported:1; /* Secure Messaging is supported. */
unsigned int get_challenge:1;
unsigned int key_import:1;
unsigned int change_force_chv:1;
unsigned int private_dos:1;
unsigned int algo_attr_change:1; /* Algorithm attributes changeable. */
- unsigned int sm_supported:1; /* Secure Messaging is supported. */
- unsigned int sm_aes128:1; /* Use AES-128 for SM. */
+ unsigned int has_decrypt:1; /* Support symmetric decryption. */
+ unsigned int has_button:1;
+ unsigned int sm_algo:2; /* Symmetric crypto algo for SM. */
unsigned int max_certlen_3:16;
unsigned int max_get_challenge:16; /* Maximum size for get_challenge. */
unsigned int max_cmd_data:16; /* Maximum data size for a command. */
char tmp[110];
snprintf (tmp, sizeof tmp,
- "gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d sm=%d si=%u",
+ "gc=%d ki=%d fc=%d pd=%d mcl3=%u aac=%d "
+ "sm=%d si=%u dec=%d bt=%d",
app->app_local->extcap.get_challenge,
app->app_local->extcap.key_import,
app->app_local->extcap.change_force_chv,
app->app_local->extcap.max_certlen_3,
app->app_local->extcap.algo_attr_change,
(app->app_local->extcap.sm_supported
- ? (app->app_local->extcap.sm_aes128? 7 : 2)
+ ? (app->app_local->extcap.sm_algo == 0? 2 :
+ (app->app_local->extcap.sm_algo == 1? 7 : 9))
: 0),
- app->app_local->status_indicator);
+ app->app_local->status_indicator,
+ app->app_local->extcap.has_decrypt,
+ app->app_local->extcap.has_button);
send_status_info (ctrl, table[idx].name, tmp, strlen (tmp), NULL, 0);
return 0;
}
{ "SM-KEY-ENC", 0x00D1, 3, 0, 1 },
{ "SM-KEY-MAC", 0x00D2, 3, 0, 1 },
{ "KEY-ATTR", 0, 0, 3, 1 },
+ { "AESKEY", 0x00D5, 3, 0, 1 },
{ NULL, 0 }
};
int exmode;
log_info ("Algo-Attr-Change: %s\n", s->extcap.algo_attr_change? "yes":"no");
log_info ("SM-Support .....: %s", s->extcap.sm_supported? "yes":"no");
if (s->extcap.sm_supported)
- log_printf (" (%s)", s->extcap.sm_aes128? "AES-128":"3DES");
+ log_printf (" (%s)", s->extcap.sm_algo==2? "3DES":
+ (s->extcap.sm_algo==2? "AES-128" : "AES-256"));
log_info ("Max-Cert3-Len ..: %u\n", s->extcap.max_certlen_3);
log_info ("Max-Cmd-Data ...: %u\n", s->extcap.max_cmd_data);
log_info ("Max-Rsp-Data ...: %u\n", s->extcap.max_rsp_data);
log_info ("Cmd-Chaining ...: %s\n", s->cardcap.cmd_chaining?"yes":"no");
log_info ("Ext-Lc-Le ......: %s\n", s->cardcap.ext_lc_le?"yes":"no");
log_info ("Status Indicator: %02X\n", s->status_indicator);
+ log_info ("Symmetric crypto: %s\n", s->extcap.has_decrypt? "yes":"no");
+ log_info ("Button..........: %s\n", s->extcap.has_button? "yes":"no");
log_info ("GnuPG-No-Sync ..: %s\n", s->flags.no_sync? "yes":"no");
log_info ("GnuPG-Def-PW2 ..: %s\n", s->flags.def_chv2? "yes":"no");
app->app_local->extcap.change_force_chv = !!(*buffer & 0x10);
app->app_local->extcap.private_dos = !!(*buffer & 0x08);
app->app_local->extcap.algo_attr_change = !!(*buffer & 0x04);
+ app->app_local->extcap.has_decrypt = !!(*buffer & 0x02);
}
if (buflen >= 10)
{
/* Available with v2 cards. */
- app->app_local->extcap.sm_aes128 = (buffer[1] == 1);
+ app->app_local->extcap.sm_algo = buffer[1];
app->app_local->extcap.max_get_challenge
= (buffer[2] << 8 | buffer[3]);
app->app_local->extcap.max_certlen_3 = (buffer[4] << 8 | buffer[5]);
if (app->card_version <= 0x0100 && manufacturer == 1)
app->app_local->extcap.change_force_chv = 1;
+ /* Check optional DO of "General Feature Management" for button. */
+ relptr = get_one_do (app, 0x7f74, &buffer, &buflen, NULL);
+ if (relptr)
+ /* It must be: 03 81 01 20 */
+ app->app_local->extcap.has_button = 1;
+
parse_login_data (app);
if (opt.verbose)
size_t dummy_nresp;
int testmode;
int cherry_mode = 0;
+ int add_zero = 0;
int enable_varlen = 0;
testmode = !resp && !nresp;
enable_varlen = 1;
break;
case VENDOR_CHERRY:
- pininfo->maxlen = 25;
+ pininfo->maxlen = 15;
enable_varlen = 1;
/* The CHERRY XX44 keyboard echos an asterisk for each entered
character on the keyboard channel. We use a special variant
Lc byte to the APDU. It seems that it will be replaced with
the actual length instead of being appended before the APDU
is send to the card. */
+ add_zero = 1;
if (handle->id_product != CHERRY_ST2000)
cherry_mode = 1;
break;
msg[msglen++] = apdu_buf[1]; /* INS */
msg[msglen++] = apdu_buf[2]; /* P1 */
msg[msglen++] = apdu_buf[3]; /* P2 */
- if (cherry_mode)
+ if (add_zero)
msg[msglen++] = 0;
else if (pininfo->fixedlen != 0)
{
ARGPARSE_s_n (oSh, "sh", N_("sh-style command output")),
ARGPARSE_s_n (oCsh, "csh", N_("csh-style command output")),
ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
- ARGPARSE_p_u (oDebug, "debug", "@"),
+ ARGPARSE_s_s (oDebug, "debug", "@"),
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
ARGPARSE_s_s (oDebugLevel, "debug-level" ,
N_("|LEVEL|set the debugging level to LEVEL")),
};
+/* The list of supported debug flags. */
+static struct debug_flags_s debug_flags [] =
+ {
+ { DBG_COMMAND_VALUE, "command" },
+ { DBG_MPI_VALUE , "mpi" },
+ { DBG_CRYPTO_VALUE , "crypto" },
+ { DBG_MEMORY_VALUE , "memory" },
+ { DBG_CACHE_VALUE , "cache" },
+ { DBG_MEMSTAT_VALUE, "memstat" },
+ { DBG_HASHING_VALUE, "hashing" },
+ { DBG_IPC_VALUE , "ipc" },
+ { DBG_CARD_IO_VALUE, "cardio" },
+ { DBG_READER_VALUE , "reader" },
+ { 0, NULL }
+ };
+
+
/* The card driver we use by default for PC/SC. */
#if defined(HAVE_W32_SYSTEM) || defined(__CYGWIN__)
#define DEFAULT_PCSC_DRIVER "winscard.dll"
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
if (opt.debug)
- log_info ("enabled debug flags:%s%s%s%s%s%s%s%s%s%s\n",
- (opt.debug & DBG_COMMAND_VALUE)? " command":"",
- (opt.debug & DBG_MPI_VALUE )? " mpi":"",
- (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
- (opt.debug & DBG_MEMORY_VALUE )? " memory":"",
- (opt.debug & DBG_CACHE_VALUE )? " cache":"",
- (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
- (opt.debug & DBG_HASHING_VALUE)? " hashing":"",
- (opt.debug & DBG_IPC_VALUE )? " ipc":"",
- (opt.debug & DBG_CARD_IO_VALUE)? " cardio":"",
- (opt.debug & DBG_READER_VALUE )? " reader":"");
+ parse_debug_flag (NULL, &opt.debug, debug_flags);
}
case oVerbose: opt.verbose++; break;
case oBatch: opt.batch=1; break;
- case oDebug: opt.debug |= pargs.r.ret_ulong; break;
+ case oDebug:
+ if (parse_debug_flag (pargs.r.ret_str, &opt.debug, debug_flags))
+ {
+ pargs.r_opt = ARGPARSE_INVALID_ARG;
+ pargs.err = ARGPARSE_PRINT_ERROR;
+ }
+ break;
case oDebugAll: opt.debug = ~0; break;
case oDebugLevel: debug_level = pargs.r.ret_str; break;
case oDebugWait: debug_wait = pargs.r.ret_int; break;
gpg_error_t err;
assuan_context_t ctx;
- if (opt.disable_dirmngr)
+ if (opt.disable_dirmngr || ctrl->offline)
return gpg_error (GPG_ERR_NO_DIRMNGR);
if (*ctx_r)
{
gpg_error_t err;
- if (opt.no_crl_check && !ctrl->use_ocsp)
+ if (ctrl->offline || (opt.no_crl_check && !ctrl->use_ocsp))
{
audit_log_ok (ctrl->audit, AUDIT_CRL_CHECK,
gpg_error (GPG_ERR_NOT_ENABLED));
if (opt.no_policy_check)
log_info ("policies not checked due to %s option\n",
"--disable-policy-checks");
- if (opt.no_crl_check && !ctrl->use_ocsp)
+ if (ctrl->offline || (opt.no_crl_check && !ctrl->use_ocsp))
log_info ("CRLs not checked due to %s option\n",
- "--disable-crl-checks");
+ ctrl->offline ? "offline" : "--disable-crl-checks");
}
if (!rc)
N_("|SPEC|use this keyserver to lookup keys")),
ARGPARSE_s_s (oOptions, "options", N_("|FILE|read options from FILE")),
- ARGPARSE_p_u (oDebug, "debug", "@"),
+ ARGPARSE_s_s (oDebug, "debug", "@"),
ARGPARSE_s_s (oDebugLevel, "debug-level",
N_("|LEVEL|set the debugging level to LEVEL")),
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
};
+/* The list of supported debug flags. */
+static struct debug_flags_s debug_flags [] =
+ {
+ { DBG_X509_VALUE , "x509" },
+ { DBG_MPI_VALUE , "mpi" },
+ { DBG_CRYPTO_VALUE , "crypto" },
+ { DBG_MEMORY_VALUE , "memory" },
+ { DBG_CACHE_VALUE , "cache" },
+ { DBG_MEMSTAT_VALUE, "memstat" },
+ { DBG_HASHING_VALUE, "hashing" },
+ { DBG_IPC_VALUE , "ipc" },
+ { 0, NULL }
+ };
/* Global variable to keep an error count. */
gcry_control (GCRYCTL_SET_VERBOSITY, (int)opt.verbose);
if (opt.debug)
- log_info ("enabled debug flags:%s%s%s%s%s%s%s%s\n",
- (opt.debug & DBG_X509_VALUE )? " x509":"",
- (opt.debug & DBG_MPI_VALUE )? " mpi":"",
- (opt.debug & DBG_CRYPTO_VALUE )? " crypto":"",
- (opt.debug & DBG_MEMORY_VALUE )? " memory":"",
- (opt.debug & DBG_CACHE_VALUE )? " cache":"",
- (opt.debug & DBG_MEMSTAT_VALUE)? " memstat":"",
- (opt.debug & DBG_HASHING_VALUE)? " hashing":"",
- (opt.debug & DBG_IPC_VALUE )? " ipc":"" );
+ parse_debug_flag (NULL, &opt.debug, debug_flags);
}
case oKeyring: append_to_strlist (&nrings, pargs.r.ret_str); break;
- case oDebug: debug_value |= pargs.r.ret_ulong; break;
+ case oDebug:
+ if (parse_debug_flag (pargs.r.ret_str, &debug_value, debug_flags))
+ {
+ pargs.r_opt = ARGPARSE_INVALID_ARG;
+ pargs.err = ARGPARSE_PRINT_ERROR;
+ }
+ break;
case oDebugAll: debug_value = ~0; break;
case oDebugNone: debug_value = 0; break;
case oDebugLevel: debug_level = pargs.r.ret_str; break;
ctrl->include_certs = default_include_certs;
ctrl->use_ocsp = opt.enable_ocsp;
ctrl->validation_model = default_validation_model;
+ ctrl->offline = opt.disable_dirmngr;
}
int validation_model; /* 0 := standard model (shell),
1 := chain model,
2 := STEED model. */
+ int offline; /* If true gpgsm won't do any network access. */
};
return gpg_error (GPG_ERR_ENOMEM);;
}
- if (ephemeral)
- keydb_set_ephemeral (kh, 1);
+ /* Set the ephemeral flag so that the search looks at all
+ records. */
+ keydb_set_ephemeral (kh, 1);
rc = lock_all (kh);
if (rc)
{
if (existed)
*existed = 1;
+ if (!ephemeral)
+ {
+ /* Remove ephemeral flags from existing certificate to "store"
+ it permanently. */
+ rc = keydb_set_cert_flags (cert, 1, KEYBOX_FLAG_BLOB, 0,
+ KEYBOX_FLAG_BLOB_EPHEMERAL, 0);
+ if (rc)
+ {
+ log_error ("clearing ephemeral flag failed: %s\n",
+ gpg_strerror (rc));
+ return rc;
+ }
+ }
return 0; /* okay */
}
log_error (_("problem looking for existing certificate: %s\n"),
return rc;
}
+ /* Reset the ephemeral flag if not requested. */
+ if (!ephemeral)
+ keydb_set_ephemeral (kh, 0);
+
rc = keydb_locate_writable (kh, 0);
if (rc)
{
{
ctrl->server_local->no_encrypt_to = 1;
}
+ else if (!strcmp (key, "offline"))
+ {
+ /* We ignore this option if gpgsm has been started with
+ --disable-dirmngr (which also sets offline). */
+ if (!opt.disable_dirmngr)
+ {
+ int i = *value? !!atoi (value) : 1;
+ ctrl->offline = i;
+ }
+ }
else
err = gpg_error (GPG_ERR_UNKNOWN_OPTION);
" pid - Return the process id of the server.\n"
" agent-check - Return success if the agent is running.\n"
" cmd_has_option CMD OPT\n"
- " - Returns OK if the command CMD implements the option OPT.";
+ " - Returns OK if the command CMD implements the option OPT.\n"
+ " offline - Returns OK if the conenction is in offline mode.";
static gpg_error_t
cmd_getinfo (assuan_context_t ctx, char *line)
{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
int rc = 0;
if (!strcmp (line, "version"))
}
else if (!strcmp (line, "agent-check"))
{
- ctrl_t ctrl = assuan_get_pointer (ctx);
rc = gpgsm_agent_send_nop (ctrl);
}
else if (!strncmp (line, "cmd_has_option", 14)
}
}
}
+ else if (!strcmp (line, "offline"))
+ {
+ rc = ctrl->offline? 0 : gpg_error (GPG_ERR_GENERAL);
+ }
else
rc = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT");