diff options
| -rw-r--r-- | THANKS | 1 | ||||
| -rw-r--r-- | TODO | 2 | ||||
| -rw-r--r-- | g10/ChangeLog | 10 | ||||
| -rw-r--r-- | g10/cipher.c | 2 | ||||
| -rw-r--r-- | g10/encr-data.c | 3 | ||||
| -rw-r--r-- | g10/status.c | 64 | ||||
| -rw-r--r-- | po/ChangeLog | 4 | ||||
| -rw-r--r-- | po/de.glo | 8 | ||||
| -rw-r--r-- | po/de.po | 31 |
9 files changed, 92 insertions, 33 deletions
@@ -28,6 +28,7 @@ Detlef Lannert [email protected] Dave Dykstra [email protected] David Ellement [email protected] David Hallinan [email protected] +Dimitri [email protected] Dirk Lattermann [email protected] Ed Boraas [email protected] Edmund GRIMLEY EVANS [email protected] @@ -1,4 +1,6 @@ + * check that --allow0non-selfsigned does really work + * g10/trustdb.c (make_sig_records): fix the fixme. * at least an option to prefer DSA keys over RSA when selecting the key to diff --git a/g10/ChangeLog b/g10/ChangeLog index f684a2075..0a538b4f6 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,3 +1,13 @@ +Wed Jun 14 12:27:09 CEST 2000 Werner Koch <[email protected]> + + * status.c (init_shm_coprocessing): Changed the sequence of the get,attach + to cope with the changes in newer Linux kernels. This bug has been found + by <[email protected]> who also proposed this solution. Hopefully + this does not break gpg on to many systems. + + * cipher.c (write_header): Protect the IV with the MDC too. + * encr-data.c (decrypt_data): Likewise. + Fri Jun 9 10:09:52 CEST 2000 Werner Koch <[email protected]> * g10.c: New options --no-auto-key-retrieve diff --git a/g10/cipher.c b/g10/cipher.c index 344e2b7b6..e2972297d 100644 --- a/g10/cipher.c +++ b/g10/cipher.c @@ -82,6 +82,8 @@ write_header( cipher_filter_context_t *cfx, IOBUF a ) cipher_setkey( cfx->cipher_hd, cfx->dek->key, cfx->dek->keylen ); cipher_setiv( cfx->cipher_hd, NULL, 0 ); /* log_hexdump( "prefix", temp, nprefix+2 ); */ + if( cfx->mdc_hash ) /* hash the "IV" */ + md_write( cfx->mdc_hash, temp, nprefix+2 ); cipher_encrypt( cfx->cipher_hd, temp, temp, nprefix+2); cipher_sync( cfx->cipher_hd ); iobuf_write(a, temp, nprefix+2); diff --git a/g10/encr-data.c b/g10/encr-data.c index 3d43c5752..1ee2bbed8 100644 --- a/g10/encr-data.c +++ b/g10/encr-data.c @@ -119,6 +119,9 @@ decrypt_data( void *procctx, PKT_encrypted *ed, DEK *dek ) goto leave; } + if( dfx.mdc_hash ) + md_write( dfx.mdc_hash, temp, nprefix+2 ); + if( ed->mdc_method ) iobuf_push_filter( ed->buf, mdc_decode_filter, &dfx ); else diff --git a/g10/status.c b/g10/status.c index 38f2c145f..b42265961 100644 --- a/g10/status.c +++ b/g10/status.c @@ -196,6 +196,10 @@ init_shm_coprocessing ( ulong requested_shm_size, int lock_mem ) if ( shm_id == -1 ) log_fatal("can't get %uk of shared memory: %s\n", (unsigned)shm_size/1024, strerror(errno)); + + #if !defined(IPC_HAVE_SHM_LOCK) \ + && defined(HAVE_MLOCK) && !defined(HAVE_BROKEN_MLOCK) + /* part of the old code which uses mlock */ shm_area = shmat( shm_id, 0, 0 ); if ( shm_area == (char*)-1 ) log_fatal("can't attach %uk shared memory: %s\n", @@ -206,29 +210,17 @@ init_shm_coprocessing ( ulong requested_shm_size, int lock_mem ) #ifdef USE_CAPABILITIES cap_set_proc( cap_from_text("cap_ipc_lock+ep") ); #endif - #ifdef IPC_HAVE_SHM_LOCK - if ( shmctl (shm_id, SHM_LOCK, 0) ) - log_info("locking shared memory %d failed: %s\n", - shm_id, strerror(errno)); - else - shm_is_locked = 1; - #elif defined(HAVE_MLOCK) && !defined(HAVE_BROKEN_MLOCK) /* (need the cast for Solaris with Sun's workshop compilers) */ if ( mlock ( (char*)shm_area, shm_size) ) log_info("locking shared memory %d failed: %s\n", shm_id, strerror(errno)); else shm_is_locked = 1; - #else - log_info("Locking shared memory %d failed: No way to do it\n", shm_id ); - #endif #ifdef USE_CAPABILITIES cap_set_proc( cap_from_text("cap_ipc_lock+p") ); #endif } - - #ifdef IPC_RMID_DEFERRED_RELEASE if( shmctl( shm_id, IPC_RMID, 0) ) log_fatal("shmctl IPC_RMDID of %d failed: %s\n", @@ -245,13 +237,59 @@ init_shm_coprocessing ( ulong requested_shm_size, int lock_mem ) shm_id, strerror(errno)); } + #else /* this is the new code which handles the changes in the SHM semantics + * introduced with Linux 2.4. The changes is that we now change the + * permissions and then attach to the memory. + */ + + if( lock_mem ) { + #ifdef USE_CAPABILITIES + cap_set_proc( cap_from_text("cap_ipc_lock+ep") ); + #endif + #ifdef IPC_HAVE_SHM_LOCK + if ( shmctl (shm_id, SHM_LOCK, 0) ) + log_info("locking shared memory %d failed: %s\n", + shm_id, strerror(errno)); + else + shm_is_locked = 1; + #else + log_info("Locking shared memory %d failed: No way to do it\n", shm_id ); + #endif + #ifdef USE_CAPABILITIES + cap_set_proc( cap_from_text("cap_ipc_lock+p") ); + #endif + } + + if( shmctl( shm_id, IPC_STAT, &shmds ) ) + log_fatal("shmctl IPC_STAT of %d failed: %s\n", + shm_id, strerror(errno)); + if( shmds.shm_perm.uid != getuid() ) { + shmds.shm_perm.uid = getuid(); + if( shmctl( shm_id, IPC_SET, &shmds ) ) + log_fatal("shmctl IPC_SET of %d failed: %s\n", + shm_id, strerror(errno)); + } + + shm_area = shmat( shm_id, 0, 0 ); + if ( shm_area == (char*)-1 ) + log_fatal("can't attach %uk shared memory: %s\n", + (unsigned)shm_size/1024, strerror(errno)); + log_debug("mapped %uk shared memory at %p, id=%d\n", + (unsigned)shm_size/1024, shm_area, shm_id ); + + #ifdef IPC_RMID_DEFERRED_RELEASE + if( shmctl( shm_id, IPC_RMID, 0) ) + log_fatal("shmctl IPC_RMDID of %d failed: %s\n", + shm_id, strerror(errno)); + #endif + + #endif /* write info; Protocol version, id, size, locked size */ sprintf( buf, "pv=1 pid=%d shmid=%d sz=%u lz=%u", (int)getpid(), shm_id, (unsigned)shm_size, shm_is_locked? (unsigned)shm_size:0 ); write_status_text( STATUS_SHM_INFO, buf ); } - /**************** * Request a string from client * If bool, returns static string on true (do not free) or NULL for false diff --git a/po/ChangeLog b/po/ChangeLog index 4fd1983fb..2b596d90f 100644 --- a/po/ChangeLog +++ b/po/ChangeLog @@ -1,3 +1,7 @@ +Wed Jun 14 12:27:09 CEST 2000 Werner Koch <[email protected]> + + * de.po, de.glo: Updated. + 2000-06-07 18:26:58 Werner Koch ([email protected]) * fr.po: New version from Ga�l @@ -20,7 +20,6 @@ # 7. Die erste genannte �bersetzung ist die in de.po verwendete - aka alias algorithm Verfahren anonymous ungenannter @@ -37,17 +36,20 @@ cache Lager *Zwischenspeicher can't read nicht lesbar casual >zuf�llig, >gelegentlich >unregelm��ig certificate Zertifikat +, (Urkunde) character set Zeichensatz check (verb) pr|fen, gepr|ft checksum Pr�fsumme cipher algorithm Verschl�sselungsverfahren clearsig header Klartextsignatur-Einleitung command Befehl +comment Bemerkung compress algorithm Komprimierverfahren,*Komprimierungsverfahren ? compromised nicht mehr sicher core dump core-dump-Datei , (Speicherauszug?) core function <wesentliche Funktion +correct beseitigen (please correct the error first) corrupted besch�digter cover >behandeln, <erl�utern creation <Erzeugung @@ -96,6 +98,7 @@ making signatures >Unterschreiben <Unterzeichnen, <Leisten von malformed ung�nstig aufgebaute, *fehlerhaft aufgebaute master key >Universalschl�ssel , Generalschl�ssel +match Treffer MDC Manipulation detection code (Siegel ?) merge (to) >zusammenf�hren, >vermischen ?? message Botschaft @@ -126,6 +129,7 @@ quit *(Programm) verlassen, beenden radix64 radix64 random Zufall random bytes Zufallswerte +reason Grund (f�r revocation) regular file normale Datei retry ???? (Wiederholung?, Wiederaufnahme?) reveal auch: <jemandem zeigen, >anderen zeigen @@ -164,6 +168,8 @@ user ID User-ID user IDs User-IDs user interface >Benutzer-Schnittstelle username Username, *<Benutzername, +used benutzt (no loger used) +valid g�ltig validate -- authentifizieren (>besser authentisieren ?? So im W�rterbuch der neuen Rechtschreibung) validation -- >Authentisierung @@ -1,11 +1,11 @@ # GnuPG german translation -# Copyright (C) 1998 Free Software Foundation, Inc. -# Walter Koch <[email protected]>, 1998 +# Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc. +# Walter Koch <[email protected]>, 1998, 1999, 2000 msgid "" msgstr "" "Project-Id-Version: gnupg 1.0.0h\n" -"POT-Creation-Date: 2000-06-08 23:11+0200\n" -"PO-Revision-Date: 2000-04-22 21:50+0200\n" +"POT-Creation-Date: 2000-06-12 01:30+0000\n" +"PO-Revision-Date: 2000-06-12 12:50+0200\n" "Last-Translator: Walter Koch <[email protected]>\n" "Language-Team: German <[email protected]>\n" "MIME-Version: 1.0\n" @@ -969,7 +969,7 @@ msgstr "" #. * data is properly aligned with the user ID #: g10/pkclist.c:53 msgid " Fingerprint:" -msgstr " Fingerabdruck:" +msgstr " Fingerabdruck:" #: g10/pkclist.c:80 msgid "Fingerprint:" @@ -980,7 +980,6 @@ msgid "No reason specified" msgstr "Kein Grund angegeben" #: g10/pkclist.c:118 -#, fuzzy msgid "Key is superseeded" msgstr "Schl�ssel ist �berholt" @@ -993,7 +992,6 @@ msgid "Key is no longer used" msgstr "Schl�ssel wird nicht mehr benutzt" #: g10/pkclist.c:124 -#, fuzzy msgid "User ID is no longer valid" msgstr "User-ID ist nicht mehr g�ltig" @@ -1563,7 +1561,7 @@ msgstr "" #: g10/keygen.c:1325 msgid "DSA keypair will have 1024 bits.\n" -msgstr "Der DSA Schl�ssel wird 1024 Bits haben.\n" +msgstr "Der DSA Schl�ssel wird 1024 Bit haben.\n" #: g10/keygen.c:1368 msgid "Key generation canceled.\n" @@ -1694,9 +1692,8 @@ msgstr "" "der Zweitschl�ssel %08lX wird anstelle des Hauptschl�ssels %08lX verwendet\n" #: g10/getkey.c:2017 -#, fuzzy msgid "[User id not found]" -msgstr "%s: Benutzer nicht gefunden\n" +msgstr "[User-ID nicht gefunden]" #: g10/import.c:181 #, c-format @@ -2501,7 +2498,7 @@ msgstr "Sie haben folgende User-IDs beglaubigt:\n" #: g10/keyedit.c:1785 g10/keyedit.c:1820 #, c-format msgid " signed by %08lX at %s\n" -msgstr " beglaubiigt durch %08lX um %s\n" +msgstr " beglaubigt durch %08lX um %s\n" #: g10/keyedit.c:1790 #, c-format @@ -2581,8 +2578,7 @@ msgstr "Urspr�nglicher Dateiname='%.*s'\n" #: g10/mainproc.c:525 msgid "standalone revocation - use \"gpg --import\" to apply\n" -msgstr "" -"Einzelner Widerruf - verwenden Sie \"gpg --import\" um ihn anzuwenden\n" +msgstr "Einzelner Widerruf - verwenden Sie \"gpg --import\" um ihn anzuwenden\n" #: g10/mainproc.c:612 g10/mainproc.c:621 msgid "WARNING: invalid notation data found\n" @@ -2759,7 +2755,7 @@ msgstr "Hinweis: geheimer Schl�ssel %08lX verf�llt am %s\n" #: g10/hkp.c:62 #, c-format msgid "requesting key %08lX from %s ...\n" -msgstr "Schl�ssels %08lX von %s wird angefordert ...\n" +msgstr "Schl�ssel %08lX von %s wird angefordert ...\n" #: g10/hkp.c:75 #, c-format @@ -3700,7 +3696,6 @@ msgstr "" "verwendet." #: g10/helptext.c:229 -#, fuzzy msgid "" "You should specify a reason for the certification. Depending on the\n" "context you have the ability to choose from this list:\n" @@ -3719,16 +3714,14 @@ msgstr "" "Zusammenhang k�nnen Sie aus dieser Liste ausw�hlen:\n" " \"Schl�ssel wurde kompromitiert\"\n" " Falls Sie Grund zu der Annahme haben, da� nicht berechtigte Personen\n" -" Zugriff zu Ihrem geheimen Schl�ssel hatten, so w�hlen sie diesen " -"Punkt\n" +" Zugriff zu Ihrem geheimen Schl�ssel hatten\n" " \"Schl�ssel ist �berholt\"\n" " Falls Sie diesen Schl�ssel durch einem neuen ersetzt haben.\n" " \"Schl�ssel wird nicht mehr benutzt\"\n" " Falls Sie diesen Schl�ssel zur�ckgezogen haben.\n" " \"User-ID ist nicht mehr g�ltig\"\n" " Um bekanntzugeben, da� die User-ID nicht mehr benutzt werden soll.\n" -" �blicherweise zeigt man so an, da� eine E-Mailadresse nicht mehr " -"gilt.\n" +" So weist man normalerweise auf eine ung�ltige E-Mailadresse hin.\n" #: g10/helptext.c:245 msgid "" |