\n"
+ "
ftp.gnupg.org:%s \n"
+ "
\n",
+ esc_title);
+
+ readme = fopen ("README", "r");
+ if (opt_readme && (readme = fopen ("README", "r")))
+ {
+ fputs ("
\n", stdout);
+ while (fgets (line, sizeof line, readme))
+ {
+ int no_lf = 0;
+ /* Eat up the rest of an incomplete line. */
+ if (!*line)
+ no_lf = 1;
+ else if (line[strlen (line)-1] != '\n')
+ {
+ no_lf = 1;
+ while ((c = getc (readme)) != EOF && c != '\n')
+ ;
+ }
+
+ /* Replace empty lines with a leading doc by an empty
+ * line. These lines are used on FTP servers to avoid
+ * problems with broken FTP cleints. */
+ if (*line == '.')
+ {
+ for (p=line+1; (*p == ' ' || *p == '\t' || *p == '\n'); p++)
+ ;
+ if (!*p)
+ {
+ putchar ('\n');
+ *line = 0;
+ }
+ }
+
+ if (*line)
+ fputs (html_escape_detect_link (line), stdout);
+ if (no_lf)
+ putchar ('\n');
+ }
+ fputs (" \n", stdout);
+ fclose (readme);
+ }
+ fputs ("
\n", stdout);
+
+ }
+ else
+ {
+ printf ("\n"
+ "\n"
+ "
Index of %s \n"
+ "\n"
+ "\n"
+ "
Index of %s \n"
+ "
\n",
+ esc_title, esc_title);
+ }
+}
+
+
+static void
+print_footer (void)
+{
+ if (!opt_html)
+ return;
+
+ if (opt_gpgweb)
+ {
+ fputs ("\n"
+ "\n"
+ "\n"
+ "\n"
+ "\n"
+ "\n", stdout);
+ }
+ else
+ {
+ printf ("
\n"
+ "\n"
+ "\n");
+ }
+}
+
+
+/* Print COUNT directories from the array SORTED.
+ * Note: This function assumes that the CWD is the listed directory. */
+static void
+print_dirs (finfo_t *sorted, int count, int at_root)
+{
+ int idx;
+ finfo_t fi;
+ int any = 0;
+ char *title = NULL;
+
+ for (idx=0; idx < count; idx++)
+ {
+ fi = sorted[idx];
+ if (!fi->is_dir)
+ continue;
+
+ if (!any && opt_html)
+ {
+ any = 1;
+
+ if (opt_gpgweb)
+ {
+ fputs ("
Directories \n"
+ "
\n"
+ "
\n", stdout);
+
+ if (!at_root)
+ fputs (" "
+ ""
+ "Parent Directory \n", stdout);
+ }
+ else
+ {
+ fputs ("  "
+ "Directories \n",
+ stdout);
+ if (!at_root)
+ fputs (""
+ "Parent Directory \n", stdout);
+ }
+ }
+
+ free (title);
+ title = NULL;
+ if (opt_gpgweb)
+ {
+ char *fname;
+ FILE *fp;
+
+ fname = xstrconcat (fi->name, "/", ".title", NULL);
+ fp = fopen (fname, "r");
+ free (fname);
+ if (fp)
+ {
+ char line[200];
+
+ if (fgets (line, sizeof line, fp) && *line)
+ {
+ if (line[strlen(line)-1] == '\n')
+ line[strlen(line)-1] = 0;
+ title = xstrdup (html_escape (line));
+ }
+ fclose (fp);
+ }
+ }
+
+ if (opt_html)
+ {
+ if (opt_gpgweb)
+ printf (" "
+ "%s ",
+ html_escape_href (fi->name), html_escape (fi->name));
+ else
+ printf ("%s ",
+ html_escape_href (fi->name), html_escape (fi->name));
+ if (title)
+ printf ("%s ", title);
+ fputs (" \n", stdout);
+ }
+ else
+ printf ("D %s\n", fi->name);
+ }
+
+ if (any && opt_gpgweb)
+ {
+ fputs ("
\n"
+ "
\n\n", stdout);
+ }
+ else if (opt_gpgweb && !at_root)
+ {
+ /* !any - need to print an UP link */
+ fputs ("
\n", stdout);
+
+
+ }
+
+ free (title);
+}
+
+
+/* Print COUNT files from the array SORTED. */
+static void
+print_files (finfo_t *sorted, int count)
+{
+ int idx;
+ finfo_t fi;
+ int any = 0;
+
+ for (idx=0; idx < count; idx++)
+ {
+ fi = sorted[idx];
+ if (!fi->is_reg)
+ continue;
+
+ if (!any && opt_html)
+ {
+ any = 1;
+ if (opt_gpgweb)
+ {
+ fputs ("
Files \n"
+ "
\n"
+ "
\n", stdout);
+ }
+ else
+ fputs ("Files \n",
+ stdout);
+
+ }
+
+ if (opt_gpgweb)
+ printf (" "
+ "%s "
+ "%s %s \n",
+ strstr (fi->name, ".sig")? "document":
+ strstr (fi->name, ".tar")? "tar" : "document",
+ html_escape_href (fi->name), html_escape (fi->name),
+ format_time (fi->mtime), format_size (fi->size));
+ else if (opt_html)
+ printf ("%s "
+ "%s %s \n",
+ html_escape_href (fi->name), html_escape (fi->name),
+ format_time (fi->mtime), format_size (fi->size));
+ else
+ printf ("F %s\n", fi->name);
+ }
+
+ if (any && opt_gpgweb)
+ {
+ fputs ("
\n"
+ "
\n\n", stdout);
+ }
+}
+
+
+/* Scan DIRECTORY and print an index.
+ * FIXME: This does a chdir and does not preserve the old PWD.
+ * The fix is to build the full filename beofre stat'ing.
+ */
+static void
+scan_directory (const char *directory, const char *title)
+{
+ DIR *dir;
+ struct dirent *dentry;
+ finfo_t fi;
+ finfo_t finfo = NULL;
+ finfo_t *sorted;
+ int count = 0;
+ int idx;
+ size_t len;
+ strlist_t sl;
+ int at_root = 0;
+
+ if (opt_gpgweb)
+ {
+ if (!strcmp (title, "/"))
+ at_root = 1;
+ }
+ else if (!strcmp (directory, "/"))
+ at_root = 1;
+
+ dir = opendir (directory);
+ if (!dir)
+ {
+ err ("can't open directory '%s': %s\n", directory, strerror (errno));
+ return;
+ }
+
+ while (errno=0,(dentry = readdir (dir)))
+ {
+ if (*dentry->d_name == '.')
+ continue; /* Skip self, parent, and hidden directories. */
+ len = strlen (dentry->d_name);
+ if (!len)
+ continue; /* Empty filenames should actually not exist. */
+ if (dentry->d_name[len-1] == '~')
+ continue; /* Skip backup files. */
+ for (sl = opt_exclude; sl; sl = sl->next)
+ if (!strcmp (sl->d, dentry->d_name))
+ break;
+ if (sl)
+ continue; /* Skip excluded names. */
+ fi = xcalloc (1, sizeof *fi + strlen (dentry->d_name));
+ strcpy (fi->name, dentry->d_name);
+ fi->next = finfo;
+ finfo = fi;
+ count++;
+ }
+ if (errno)
+ die ("error reading directory '%s': %s\n", directory, strerror (errno));
+ closedir (dir);
+
+ sorted = xcalloc (count, sizeof *sorted);
+ for (fi=finfo, idx=0; fi; fi = fi->next)
+ sorted[idx++] = fi;
+
+ inf ("directory '%s' has %d files\n", directory, count);
+ qsort (sorted, count, sizeof *sorted, sort_finfo);
+
+ if (chdir (directory))
+ die ("cannot chdir to '%s': %s\n", directory, strerror (errno));
+
+ for (idx=0; idx < count; idx++)
+ {
+ struct stat sb;
+
+ fi = sorted[idx];
+ if (stat (fi->name, &sb))
+ {
+ err ("cannot stat '%s': %s\n", fi->name, strerror (errno));
+ continue;
+ }
+
+ fi->is_dir = !!S_ISDIR(sb.st_mode);
+ fi->is_reg = !!S_ISREG(sb.st_mode);
+ fi->size = fi->is_reg? sb.st_size : 0;
+ fi->mtime = sb.st_mtime;
+ }
+
+ print_header (title);
+ if (opt_files_first)
+ {
+ print_files (sorted, count);
+ print_dirs (sorted, count, at_root);
+ }
+ else
+ {
+ print_dirs (sorted, count, at_root);
+ print_files (sorted, count);
+ }
+ print_footer ();
+
+ /* We create the index file in the current directory. */
+ if (opt_index)
+ {
+ FILE *indexfp = fopen (opt_index, "w");
+ if (!indexfp)
+ die ("error creating '%s' for '%s': %s\n",
+ opt_index, directory, strerror (errno));
+
+ for (idx=0; idx < count; idx++)
+ {
+ fi = sorted[idx];
+ fprintf (indexfp, "%s:%c:%llu:%lu:\n",
+ percent_escape (fi->name),
+ fi->is_dir? 'd':
+ fi->is_reg? 'r': '?',
+ fi->size,
+ (unsigned long)fi->mtime);
+ }
+ if (ferror (indexfp))
+ die ("error writing '%s' for '%s': %s\n",
+ opt_index, directory, strerror (errno));
+ /* Fixme: Check for close errors. */
+ fclose (indexfp);
+ }
+
+ free (sorted);
+ while ((fi = finfo))
+ {
+ fi = finfo->next;
+ free (finfo);
+ finfo = fi;
+ }
+}
+
+
+int
+main (int argc, char **argv)
+{
+ int last_argc = -1;
+ strlist_t sl;
+
+ if (argc < 1)
+ die ("Hey, read up on how to use exec(2)\n");
+ argv++; argc--;
+
+ while (argc && last_argc != argc )
+ {
+ last_argc = argc;
+ if (!strcmp (*argv, "--"))
+ {
+ argc--; argv++;
+ break;
+ }
+ else if (!strcmp (*argv, "--version"))
+ {
+ fputs (PGMNAME " " VERSION "\n"
+ "Copyright (C) 2017 g10 Code GmbH\n"
+ "License GPLv3+: GNU GPL version 3 or later"
+ "
\n"
+ "This is free software: you are free to change"
+ " and redistribute it.\n"
+ "There is NO WARRANTY, to the extent permitted by law.\n",
+ stdout);
+ exit (0);
+ }
+ else if (!strcmp (*argv, "--help"))
+ {
+ fputs ("usage: " PGMNAME " [options] directory [title]\n"
+ "Print an index for an FTP directory.\n\n"
+ "Options:\n"
+ " --version print program version\n"
+ " --verbose verbose diagnostics\n"
+ " --debug flyswatter\n"
+ " --reverse reverse sort order\n"
+ " --reverse-ver reverse only the version number order\n"
+ " --files-first print files before directories\n"
+ " --html output HTML\n"
+ " --gpgweb output HTML as used at gnupg.org\n"
+ " --readme include README file\n"
+ " --index FILE create index FILE\n"
+ " --exclude NAME ignore file NAME\n"
+ , stdout);
+ exit (0);
+ }
+ else if (!strcmp (*argv, "--verbose"))
+ {
+ opt_verbose++;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--debug"))
+ {
+ opt_debug++;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--reverse"))
+ {
+ opt_reverse = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--reverse-ver"))
+ {
+ opt_reverse_ver = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--files-first"))
+ {
+ opt_files_first = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--readme"))
+ {
+ opt_readme = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--html"))
+ {
+ opt_html = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--index"))
+ {
+ argc--; argv++;
+ if (!argc || !**argv)
+ die ("argument missing for option '%s'\n", argv[-1]);
+ opt_index = *argv;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--gpgweb"))
+ {
+ opt_gpgweb = opt_html = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--exclude"))
+ {
+ argc--; argv++;
+ if (!argc || !**argv)
+ die ("argument missing for option '%s'\n", argv[-1]);
+ sl = xmalloc (sizeof *sl + strlen (*argv));
+ strcpy (sl->d, *argv);
+ sl->next = opt_exclude;
+ opt_exclude = sl;
+ argc--; argv++;
+ }
+ else if (!strncmp (*argv, "--", 2))
+ die ("unknown option '%s' (use --help)\n", *argv);
+ }
+
+ if (argc < 1 || argc > 2)
+ die ("usage: " PGMNAME " [options] directory [title]\n");
+
+
+ scan_directory (argv[0], argv[1]? argv[1]:argv[0]);
+
+
+ return 0;
+}
+
+/*
+Local Variables:
+compile-command: "cc -Wall -g -o ftp-indexer ftp-indexer.c"
+End:
+*/
diff --git a/tools/mkkudos.sh b/tools/mkkudos.sh
index 63ab4b9..f88b48b 100755
--- a/tools/mkkudos.sh
+++ b/tools/mkkudos.sh
@@ -1,358 +1,370 @@
#!/bin/sh
# Update the list of donors and a few other things.
#
# ====================================================================
# This org-mode snippet is used to insert the progress bar into a HTML
# file:
#
# #+BEGIN_HTML
#
#
# #+END_HTML
#
# For the 2017 campaign new variables which work slightly different
# are introduced:
#
# #+BEGIN_HTML
#
#
# a month
#
#
#
# a month of
#
# needed
#
#
+
# in one-time donations
#
#
# Supporters
#
# #+END_HTML
#
# To use it the code at "Campaign data" below needs to be adjusted as
# well.
# ===================================================================
set -e
LD_LIBRARY_PATH=/usr/local/lib
export LD_LIBRARY_PATH
usage()
{
cat <
&2
;;
esac
shift
done
if [ $testmode = yes ]; then
htdocs="/var/www/www/preview.gnupg.org/htdocs"
else
htdocs="/var/www/www/www.gnupg.org/htdocs"
fi
donors="$htdocs/donate/donors.dat"
donations="$htdocs/donate/donations.dat"
blogheadlinefile="/var/www/www/blog.gnupg.org/htdocs/headlines.txt"
if [ ! -f "$donors" ]; then
echo "mkkudos.sh: '$donors' not found" >&2;
exit 1
fi
if [ ! -f "$donations" ]; then
echo "mkkudos.sh: '$donations' not found" >&2;
exit 1
fi
if [ ! -f "$blogheadlinefile" ]; then
echo "mkkudos.sh: '$blogheadlinefile' not found" >&2;
blogheadline=""
else
blogheadline=$(awk -F\| '
NR<=3 {printf "%s ", $1, $2}
' "$blogheadlinefile")
fi
tmp=$(head -1 "$donations")
monyear=$(echo "$tmp" | awk -F: 'BEGIN { m[1] = "January";
m[2] = "February"; m[3] = "March"; m[4] = "April"; m[5] = "May";
m[6] = "June"; m[7] = "July"; m[8] = "August"; m[9] = "September";
m[10] = "October"; m[11] = "November"; m[12] = "December"; }
{printf "%s %d", m[int($2)] , $1}')
thisyear=$(echo "$tmp" | awk -F: '{print $1}')
nyr=$(echo "$tmp" | awk -F: '{printf "%d", $9}')
euroyr=$(echo "$tmp" | awk -F: '{printf "%d", int($10 + 0.5)}')
recur_nyr=$(echo "$tmp" | awk -F: '{printf "%d", $13}')
recur_euroyr=$(echo "$tmp" | awk -F: '{printf "%d", int($14 + 0.5)/12}')
dontable=$(awk -F: <"$donations" -v thisyear="$thisyear" '
BEGIN { m[1] = "January";
m[2] = "February"; m[3] = "March"; m[4] = "April"; m[5] = "May";
m[6] = "June"; m[7] = "July"; m[8] = "August"; m[9] = "September";
m[10] = "October"; m[11] = "November"; m[12] = "December" ;
printf "\n";
printf "\n";
printf " \n";
printf " \n";
printf " \n";
printf " \n";
printf "\n";
printf "\n";
printf "Month \n";
printf "# \n";
printf "€ \n";
printf " \n";
printf " \n";
printf "\n";
}
NR==1 { nyear = $9; totalyear = int($10 + 0.5);
}
$1 != thisyear {
printf " \n";
printf "\n";
printf "%d \n", thisyear;
printf " %d \n", nyear;
printf " %d \n", totalyear;
printf " \n";
printf "
\n";
exit 0
}
{ printf "%s \n", m[int($2)];
printf " %d \n", $7;
printf " %d \n",
int($8 + 0.5);
}
')
# Campaign data
+# Watchout for the 9074 below which are the donations received before the
+# campaign start.
goal="120000"
recur_goal="15000"
percent=$(echo "$euroyr:$goal" | awk -F: '{ p = (int($1)*100)/int($2);
if(p > 100) { p = 100 };
printf "%d", p}')
recur_percent=$(echo "$recur_euroyr:$recur_goal" \
| awk -F: '{ p = (int($1)*100)/int($2);
if(p > 100) { p = 100 };
printf "%d", p}')
for file in "$htdocs/donate/"kudos-????.html "$htdocs/donate/"kudos.html \
"$htdocs/donate/"index.html "$htdocs/donate/"index.??.html \
"$htdocs/"index.html
do
[ -f "$file" ] || continue
if [ $force = no ]; then
[ "$file" -ot "$donors" ] || continue
fi
if [ "$file" = "$htdocs/donate/"kudos.html ]; then
year=$(date +%Y)
else
year=${file#$htdocs/donate/kudos-}
year=${year%.html}
fi
[ $verbose = yes ] && echo "processing $file" >&2
[ -f "$file.tmp" ] && rm "$file.tmp"
# We need gawk to use "%'d" in inprint
gawk -F: -v year=$year -v donors="$donors" -v dontable="$dontable" \
-v monyear="$monyear" -v thisyear="$thisyear" \
-v euro="$euro" -v euroyr="$euroyr" \
-v nyr="$nyr" -v goal="$goal" -v percent="$percent" \
-v recur_nyr="$recur_nyr" -v recur_euroyr="$recur_euroyr" \
-v recur_goal="$recur_goal" -v recur_percent="$recur_percent" \
-v blogheadline="$blogheadline" \
<"$file" >"$file.tmp" '
// {indon=1; print; insert("") }
// {indon=0}
// {indon=1; print; insertsome("") }
// {indon=0}
// {indon=1; print; insert("goteo13") }
// {indon=0}
// {indon=1; print; print dontable }
// {indon=0}
// {
printf " %s\n", monyear;
next
}
// {
printf " %d\n", thisyear;
next
}
// {
printf " %s €\n", euroyr;
next
}
// {
printf " %s\n", nyr;
next
}
// {
printf "%s €\n",
euro;
next
}
// {
printf "goal: %s €\n", goal;
next
}
// {
printf "style=\"width: %d%%\"\n",
percent;
next
}
// {
printf " %s\n", blogheadline;
next
}
/A-CMPGN-RECUR-EURO=""/ {
n = index($0,"\"");
printf "%s%s\" A-CMPGN-RECUR-EURO=\"\"\n",
substr($0,1,n), recur_euroyr;
next
}
/A-CMPGN-RECUR-EURO-GOAL=""/ {
n = index($0,"\"");
printf "%s%s\" A-CMPGN-RECUR-EURO-GOAL=\"\"\n",
substr($0,1,n), recur_goal;
next
}
/A-CMPGN-RECUR-PERCENT=""/ {
n = index($0,":");
printf "%s %s%\" A-CMPGN-RECUR-PERCENT=\"\"\n",
substr($0,1,n), recur_percent;
next
}
// {
n = index($0,"%s €\n",
substr($0,1,n), format_number(recur_euroyr);
next
}
// {
n = index($0,"%s €\n",
substr($0,1,n), format_number(recur_goal);
next
}
// {
n = index($0,"%s €\n",
- substr($0,1,n), format_number(euroyr);
+ substr($0,1,n), format_number( int(euroyr) - 9074 );
next
}
// {
n = index($0,"%s\n",
substr($0,1,n), format_number(recur_nyr);
next
}
+ // {
+ n = index($0,"%s USD\n",
+ substr($0,1,n), format_number( xflm );
+ next
+ }
!indon { print }
function format_number (n) {
buf = sprintf("%'"'"'d", int(n));
gsub(/,/, "\\ ", buf);
return buf;
}
function insert (tag) {
while (getline < donors) {
if ( $0 ~ /^(#.*)?$/ )
continue;
if ( $3 == "" )
continue;
if ($1==year && $4==tag) {
printf "%s \n", $3
}
else if ($1==year && $4=="S") {
printf "%s* \n", $3
}
}
close (donors)
}
function insertsome (tag) {
i = 0
while (getline < donors) {
if ( $0 ~ /^(#.*)?$/ )
continue;
if ( $3 == "" )
continue;
if ($4==tag) {
data[i++] = $3
}
else if ($4=="S") {
data[i++] = $3 "*"
}
}
close (donors)
j = i > 16 ? ( i - 16 ) : 0
while (j < i) {
printf "%s \n", data[j++]
}
}
'
mv "$file.tmp" "$file" || echo "mkkudos.sh: error updating $file" >&2
done
diff --git a/tools/txxmpp.c b/tools/txxmpp.c
new file mode 100644
index 0000000..2d7cdcc
--- /dev/null
+++ b/tools/txxmpp.c
@@ -0,0 +1,861 @@
+/* txxmpp.c - Transmit a message to an XMPP account
+ * Copyright (C) 2017 g10 Code GmbH
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see .
+ * SPDX-License-Identifier: GPL-3.0+
+ */
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include /* The low-level xmpp library. */
+
+#define PGMNAME "txxmpp"
+#define VERSION "0.9"
+
+#define DIM(v) (sizeof(v)/sizeof((v)[0]))
+#define DIMof(type,member) DIM(((type *)0)->member)
+#if __GNUC__ > 2 || (__GNUC__ == 2 && __GNUC_MINOR__ >= 5)
+#define ATTR_PRINTF(a,b) __attribute__ ((format (printf,a,b)))
+#define ATTR_NR_PRINTF(a,b) __attribute__ ((noreturn,format (printf,a,b)))
+#else
+#define ATTR_PRINTF(a,b)
+#define ATTR_NR_PRINTF(a,b)
+#endif
+#if __GNUC__ >= 4
+# define ATTR_SENTINEL(a) __attribute__ ((sentinel(a)))
+#else
+# define ATTR_SENTINEL(a)
+#endif
+
+
+static int opt_verbose;
+static int opt_debug;
+static const char *opt_user;
+static const char *opt_pass;
+static const char *opt_resource;
+static const char *opt_subject;
+static int opt_chat;
+static char **opt_recipients; /* NULL terminated array with recipients. */
+static char *the_message;
+
+static void die (const char *format, ...) ATTR_NR_PRINTF(1,2);
+static void err (const char *format, ...) ATTR_PRINTF(1,2);
+static void inf (const char *format, ...) ATTR_PRINTF(1,2);
+static void dbg (const char *format, ...) ATTR_PRINTF(1,2);
+static char *xstrconcat (const char *s1, ...) ATTR_SENTINEL(0);
+
+
+/*
+ * Utility functions
+ */
+
+static void
+die (const char *fmt, ...)
+{
+ va_list arg_ptr;
+
+ va_start (arg_ptr, fmt);
+ fputs (PGMNAME": fatal: ", stderr);
+ vfprintf (stderr, fmt, arg_ptr);
+ va_end (arg_ptr);
+ exit (1);
+}
+
+
+static void
+err (const char *fmt, ...)
+{
+ va_list arg_ptr;
+
+ va_start (arg_ptr, fmt);
+ fputs (PGMNAME": ", stderr);
+ vfprintf (stderr, fmt, arg_ptr);
+ va_end (arg_ptr);
+}
+
+
+static void
+inf (const char *fmt, ...)
+{
+ va_list arg_ptr;
+
+ if (!opt_verbose && !opt_debug)
+ return;
+
+ va_start (arg_ptr, fmt);
+ fputs (PGMNAME": ", stderr);
+ vfprintf (stderr, fmt, arg_ptr);
+ va_end (arg_ptr);
+}
+
+
+static void
+dbg (const char *fmt, ...)
+{
+ va_list arg_ptr;
+
+ if (!opt_debug)
+ return;
+
+ va_start (arg_ptr, fmt);
+ fputs (PGMNAME": DBG: ", stderr);
+ vfprintf (stderr, fmt, arg_ptr);
+ va_end (arg_ptr);
+}
+
+
+static void *
+xmalloc (size_t n)
+{
+ void *p = malloc (n);
+ if (!p)
+ die ("out of core\n");
+ return p;
+}
+
+
+static void *
+xrealloc (void *a, size_t newsize)
+{
+ void *p = realloc (a, newsize);
+ if (!p && newsize)
+ die ("out of core\n");
+ return p;
+}
+
+
+static char *
+xstrdup (const char *string)
+{
+ char *buf = xmalloc (strlen (string) + 1);
+ strcpy (buf, string);
+ return buf;
+}
+
+
+static inline char *
+my_stpcpy (char *a, const char *b)
+{
+ while (*b)
+ *a++ = *b++;
+ *a = 0;
+
+ return (char*)a;
+}
+
+
+/* Helper for xstrconcat. */
+static char *
+do_strconcat (const char *s1, va_list arg_ptr)
+{
+ const char *argv[48];
+ size_t argc;
+ size_t needed;
+ char *buffer, *p;
+
+ argc = 0;
+ argv[argc++] = s1;
+ needed = strlen (s1);
+ while (((argv[argc] = va_arg (arg_ptr, const char *))))
+ {
+ needed += strlen (argv[argc]);
+ if (argc >= DIM (argv)-1)
+ die ("too may args for strconcat\n");
+ argc++;
+ }
+ needed++;
+ buffer = xmalloc (needed);
+ for (p = buffer, argc=0; argv[argc]; argc++)
+ p = my_stpcpy (p, argv[argc]);
+
+ return buffer;
+}
+
+
+/* Concatenate the string S1 with all the following strings up to a
+ NULL. Returns a malloced buffer with the new string or NULL on a
+ malloc error or if too many arguments are given. */
+static char *
+xstrconcat (const char *s1, ...)
+{
+ va_list arg_ptr;
+ char *result;
+
+ if (!s1)
+ result = xstrdup ("");
+ else
+ {
+ va_start (arg_ptr, s1);
+ result = do_strconcat (s1, arg_ptr);
+ va_end (arg_ptr);
+ }
+ return result;
+}
+
+
+/* Remove leading and trailing white space from STR. */
+static char *
+trim_spaces (char *string)
+{
+ unsigned char *s, *p, *mark;
+
+ p = s = (unsigned char *)string;
+ for (; *p && isspace (*p); p++)
+ ;
+ for (mark=NULL; (*s = *p); s++, p++)
+ {
+ if (isspace (*p))
+ {
+ if (!mark)
+ mark = s;
+ }
+ else
+ mark = NULL;
+ }
+ if (mark)
+ *mark = 0;
+
+ return string;
+}
+
+
+/* Read up to MAXLENGTH bytes from FP into a buffer and return that
+ * buffer. Die on error. */
+static char *
+xreadfile (FILE *fp, size_t maxlength)
+{
+#define NCHUNK 8192
+ char *buf = NULL;
+ size_t buflen = 0;
+ size_t nread;
+ size_t bufsize = 0;
+
+ do
+ {
+ bufsize += NCHUNK;
+ buf = xrealloc (buf, bufsize + 1);
+
+ nread = fread (buf+buflen, 1, NCHUNK, fp);
+ if (nread < NCHUNK && ferror (fp))
+ {
+ err ("error reading input: %s\n", strerror (errno));
+ free (buf);
+ exit (1);
+ }
+ buflen += nread;
+ if (maxlength && buflen >= maxlength)
+ {
+ buflen = maxlength;
+ break;
+ }
+ }
+ while (nread == NCHUNK);
+
+ buf[buflen] = 0;
+ if (strlen (buf) != buflen)
+ err ("warning: Nul characters detected in the input\n");
+ return buf;
+#undef NCHUNK
+}
+
+
+
+/*
+ * txxmpp proper
+ */
+
+static xmpp_stanza_t *
+new_name_stanza (xmpp_ctx_t *ctx, const char *name)
+{
+ xmpp_stanza_t *stanza;
+ int rc;
+
+ stanza = xmpp_stanza_new (ctx);
+ if (!stanza)
+ die ("xmpp_stanza_new failed\n");
+ rc = xmpp_stanza_set_name (stanza, name);
+ if (rc)
+ die ("xmpp_stanza_set_name failed: rc=%d\n", rc);
+ return stanza;
+}
+
+static xmpp_stanza_t *
+new_text_stanza (xmpp_ctx_t *ctx, const char *text)
+{
+ xmpp_stanza_t *stanza;
+ int rc;
+
+ stanza = xmpp_stanza_new (ctx);
+ if (!stanza)
+ die ("xmpp_stanza_new failed\n");
+ rc = xmpp_stanza_set_text (stanza, text);
+ if (rc)
+ die ("xmpp_stanza_set_text failed: rc=%d\n", rc);
+ return stanza;
+}
+
+
+const char *
+get_bound_jid (const xmpp_conn_t * const conn)
+{
+ const char *s = xmpp_conn_get_bound_jid (conn);
+ if (!s)
+ die ("xmpp_conn_get_bound_jid failed\n");
+ return s;
+}
+
+
+/* Send a standard message to RECIPIENT which already has any desired
+ * resource attached. */
+static void
+send_message (xmpp_ctx_t *ctx, xmpp_conn_t * const conn,
+ const char *recipient)
+{
+ int rc;
+ xmpp_stanza_t *stanza;
+
+ inf ("sending message to '%s'\n", recipient);
+ stanza = xmpp_message_new (ctx, opt_chat? "chat":"normal", recipient, NULL);
+ if (!stanza)
+ err ("xmpp_message_new failed for '%s'\n", recipient);
+ else
+ {
+ rc = xmpp_message_set_body (stanza, the_message);
+ if (rc)
+ err ("xmpp_message_set_body failed: rc=%d\n", rc);
+ else
+ {
+ xmpp_send (conn, stanza);
+ }
+ xmpp_stanza_release (stanza);
+ }
+}
+
+
+/* Send a MUC message to RECIPIENT using NICK. A resource has already
+ * been stripped from RECIPIENT, NICK may be the empty string to
+ * indicate the use of a default. */
+static void
+send_muc_message (xmpp_ctx_t *ctx, xmpp_conn_t * const conn,
+ const char *recipient, const char *nick)
+{
+ int rc;
+ xmpp_stanza_t *stanza, *stanza2, *stanza3;
+ char *p;
+ const char *recp;
+ char *nickbuf = NULL;
+ char *recpbuf = NULL;
+
+ /* Make sure we have a NICK. FIXME: We should first ask the server
+ * whether it already has a reserved nick. */
+ if (!*nick)
+ {
+ nickbuf = xstrdup (get_bound_jid (conn));
+ p = strchr (nickbuf, '@');
+ if (!p)
+ die ("internal error at %d\n", __LINE__);
+ *p = 0;
+ nick = nickbuf;
+ }
+
+ inf ("sending MUC message to '%s' nick '%s'\n", recipient, nick);
+
+ recp = recpbuf = xstrconcat (recipient, "/", nick, NULL);
+
+ dbg ("sending presence to the room\n");
+ stanza = xmpp_presence_new (ctx);
+ if (!stanza)
+ die ("xmpp_presence_new failed\n");
+ rc = xmpp_stanza_set_from (stanza, get_bound_jid (conn));
+ if (rc)
+ die ("xmpp_stanza_set_from failed: rc=%d\n", rc);
+ rc = xmpp_stanza_set_to (stanza, recp);
+ if (rc)
+ die ("xmpp_stanza_set_from failed: rc=%d\n", rc);
+ rc = xmpp_stanza_set_id (stanza, "pres1");
+ if (rc)
+ die ("xmpp_stanza_set_id failed: rc=%d\n", rc);
+
+ /* Tell server that we support the Basic MUC protocol and that we
+ * don't want any history. */
+ stanza2 = new_name_stanza (ctx, "x");
+ rc = xmpp_stanza_set_ns (stanza2, "http://jabber.org/protocol/muc");
+ if (rc)
+ die ("xmpp_stanza_set_ns failed: rc=%d\n", rc);
+ stanza3 = new_name_stanza (ctx, "history");
+ rc = xmpp_stanza_set_attribute (stanza3, "maxchars", "0");
+ if (rc)
+ die ("xmpp_stanza_set_attribute failed: rc=%d\n", rc);
+ rc = xmpp_stanza_add_child (stanza2, stanza3);
+ if (rc)
+ die ("xmpp_stanza_add_child failed: rc=%d\n", rc);
+ xmpp_stanza_release (stanza3);
+ rc = xmpp_stanza_add_child (stanza, stanza2);
+ if (rc)
+ die ("xmpp_stanza_add_child failed: rc=%d\n", rc);
+ xmpp_stanza_release (stanza2);
+
+ xmpp_send (conn, stanza);
+ xmpp_stanza_release (stanza);
+
+ stanza = xmpp_message_new (ctx, "groupchat", recipient, "chat1");
+ if (!stanza)
+ err ("xmpp_message_new failed for '%s'\n", recipient);
+ else
+ {
+ rc = xmpp_message_set_body (stanza, the_message);
+ if (rc)
+ err ("xmpp_message_set_body failed: rc=%d\n", rc);
+ else
+ {
+ xmpp_send (conn, stanza);
+ }
+ xmpp_stanza_release (stanza);
+ }
+
+ free (nickbuf);
+ free (recpbuf);
+}
+
+
+/* Handle iq:version stanzas. */
+static int
+version_handler (xmpp_conn_t * const conn, xmpp_stanza_t * const stanza,
+ void * const opaque)
+{
+ xmpp_ctx_t *ctx = opaque;
+ int rc;
+ xmpp_stanza_t *reply, *query, *name, *version, *value;
+ const char *s;
+
+ inf ("received version request from %s\n", xmpp_stanza_get_from (stanza));
+
+ reply = xmpp_stanza_reply (stanza);
+ if (!reply)
+ die ("xmpp_stanza_reply failed\n");
+ xmpp_stanza_set_type (reply, "result");
+
+ query = new_name_stanza (ctx, "query");
+ s = xmpp_stanza_get_ns (xmpp_stanza_get_children (stanza));
+ if (s)
+ xmpp_stanza_set_ns (query, s);
+
+ name = new_name_stanza (ctx, "name");
+ rc = xmpp_stanza_add_child (query, name);
+ if (rc)
+ die ("xmpp_stanza_add_child failed: rc=%d\n", rc);
+ xmpp_stanza_release (name);
+ value = new_text_stanza (ctx, PGMNAME);
+ rc = xmpp_stanza_add_child (name, value);
+ if (rc)
+ die ("xmpp_stanza_add_child failed: rc=%d\n", rc);
+ xmpp_stanza_release (value);
+
+ version = new_name_stanza (ctx, "version");
+ rc = xmpp_stanza_add_child (query, version);
+ if (rc)
+ die ("xmpp_stanza_add_child failed: rc=%d\n", rc);
+ xmpp_stanza_release (version);
+ value = new_text_stanza (ctx, VERSION);
+ rc = xmpp_stanza_add_child (version, value);
+ if (rc)
+ die ("xmpp_stanza_add_child failed: rc=%d\n", rc);
+ xmpp_stanza_release (value);
+
+ rc = xmpp_stanza_add_child (reply, query);
+ if (rc)
+ die ("xmpp_stanza_add_child failed: rc=%d\n", rc);
+ xmpp_stanza_release (query);
+
+ xmpp_send (conn, reply);
+ xmpp_stanza_release (reply);
+
+ return 1; /* Keep this handler. */
+}
+
+
+/* Handle message stanzas. */
+static int
+message_handler (xmpp_conn_t * const conn, xmpp_stanza_t * const stanza,
+ void * const opaque)
+{
+ xmpp_ctx_t *ctx = opaque;
+ const char *type;
+ xmpp_stanza_t *child, *achild;
+ char *subject, *body;
+ const char *code, *errtype;
+
+ type = xmpp_stanza_get_type (stanza);
+ if (type && !strcmp (type, "error"))
+ {
+ child = xmpp_stanza_get_child_by_name (stanza, "error");
+ errtype = child? xmpp_stanza_get_attribute (child, "type") : NULL;
+ code = child? xmpp_stanza_get_attribute (child, "code") : NULL;
+ err ("received error from <%s>: %s=%s\n",
+ xmpp_stanza_get_from (stanza),
+ code? "code":"type",
+ code? code : errtype);
+ achild = xmpp_stanza_get_child_by_name (child, "text");
+ body = achild? xmpp_stanza_get_text (achild) : NULL;
+ if (body)
+ inf ("->%s<-\n", body);
+ xmpp_free (ctx, body);
+ }
+ else if (xmpp_stanza_get_child_by_name (stanza, "body"))
+ {
+ /* No type but has a body. */
+ child = xmpp_stanza_get_child_by_name (stanza, "subject");
+ subject = child? xmpp_stanza_get_text (child) : NULL;
+
+ child = xmpp_stanza_get_child_by_name (stanza, "body");
+ body = child? xmpp_stanza_get_text (child) : NULL;
+
+ inf ("received message from <%s> %s%s%s\n", xmpp_stanza_get_from (stanza),
+ subject? "(subject: ":"",
+ subject? subject:"",
+ subject? ")":"");
+ if (body)
+ inf ("->%s<-\n", body);
+
+ xmpp_free (ctx, body);
+ xmpp_free (ctx, subject);
+ }
+
+ return 1; /* Keep this handler. */
+}
+
+
+/* Handle connection events. */
+static void
+conn_handler (xmpp_conn_t * const conn, const xmpp_conn_event_t status,
+ const int error, xmpp_stream_error_t * const stream_error,
+ void * const userdata)
+{
+ xmpp_ctx_t *ctx = (xmpp_ctx_t *)userdata;
+ int rcpidx;
+ char *recpbuffer;
+ const char *recp, *nick, *s;
+
+ if (status == XMPP_CONN_CONNECT)
+ {
+ inf ("connected\n");
+
+ xmpp_handler_add (conn, version_handler,
+ "jabber:iq:version", "iq", NULL, ctx);
+
+ xmpp_handler_add (conn, message_handler,
+ NULL, "message", NULL, ctx);
+
+ /* Send the messages. */
+ for (rcpidx=0; (recp = opt_recipients[rcpidx]); rcpidx++)
+ {
+ s = strchr (recp, '/');
+ if (s && s[1] == '/') /* MUC */
+ {
+ nick = s + 2;
+ recp = recpbuffer = xstrdup (recp);
+ *strchr (recpbuffer, '/') = 0;
+ send_muc_message (ctx, conn, recp, nick);
+ free (recpbuffer);
+ }
+ else
+ send_message (ctx, conn, recp);
+ }
+
+ inf ("requesting disconnect\n");
+ xmpp_disconnect (conn);
+ }
+ else
+ {
+ inf ("disconnected\n");
+ xmpp_stop(ctx);
+ }
+}
+
+
+/* Read our config file. */
+static void
+read_config (void)
+{
+ char *fname;
+ const char *s;
+ FILE *fp;
+ char line[512];
+ int c;
+ char *user, *pass;
+
+ s = getenv ("HOME");
+ if (!s)
+ s = "";
+ fname = xstrconcat (s, "/." PGMNAME "rc", NULL);
+ fp = fopen (fname, "r");
+ if (!fp)
+ {
+ free (fname);
+ return;
+ }
+
+ user = pass = NULL;
+ while (fgets (line, sizeof line, fp))
+ {
+ if (line[strlen (line)-1] != '\n')
+ {
+ while ((c = getc (fp)) != EOF && c != '\n')
+ ;
+ err ("warning: ignoring rest of overlong line in '%s'\n", fname);
+ }
+ if (*line == '#')
+ continue;
+ trim_spaces (line);
+ if (!*line)
+ continue;
+ user = strtok (line, " \t");
+ if (user)
+ pass = strtok (NULL, " \t");
+ else
+ pass = NULL;
+
+ if (!opt_user) /* Take the first line and we are done. */
+ {
+ opt_user = xstrdup (user);
+ if (!opt_pass && pass)
+ opt_pass = xstrdup (pass);
+ break;
+ }
+
+ if (!strcmp (opt_user, user) && !opt_pass) /* Password found. */
+ {
+ opt_pass = xstrdup (pass);
+ break;
+ }
+ }
+
+ fclose (fp);
+ free (fname);
+}
+
+
+int
+main (int argc, char **argv)
+{
+ int last_argc = -1;
+ int rc, idx, anyerr;
+ int opt_me = 0;
+ unsigned long opt_limit = 0;
+ const char *recp;
+ xmpp_ctx_t *ctx;
+ xmpp_conn_t *conn;
+
+ if (argc < 1)
+ die ("Hey, read up on how to use exec(2)\n");
+ argv++; argc--;
+
+ while (argc && last_argc != argc )
+ {
+ last_argc = argc;
+ if (!strcmp (*argv, "--"))
+ {
+ argc--; argv++;
+ break;
+ }
+ else if (!strcmp (*argv, "--version"))
+ {
+ fputs (PGMNAME " " VERSION "\n"
+ "Copyright (C) 2017 g10 Code GmbH\n"
+ "License GPLv3+: GNU GPL version 3 or later"
+ " \n"
+ "This is free software: you are free to change"
+ " and redistribute it.\n"
+ "There is NO WARRANTY, to the extent permitted by law.\n",
+ stdout);
+ exit (0);
+ }
+ else if (!strcmp (*argv, "--help"))
+ {
+ fputs ("usage: " PGMNAME " [options] recipients\n"
+ "Send XMPP message taken from stdin to the recipients.\n\n"
+ "Options:\n"
+ " --version print program version\n"
+ " --verbose verbose diagnostics\n"
+ " --debug flyswatter\n"
+ " --subject STRING use STRING as subject\n"
+ " --chat Use \"chat\" as message type\n"
+ " --me Prepend \"/me \" to the message\n"
+ " --user JID connect as JID\n"
+ " --pass PASS override password with PASS\n"
+ " --resource RES override default resource with RES\n"
+ " --limit N read not more than N bytes\n"
+ "\n"
+ "The password is taken from the ~/.txmpprc file where the\n"
+ "first non-comment line specifies the default user:\n"
+ " ----- 8< ----- 8< ----- 8< -----\n"
+ " # Example config for txxmppp\n"
+ " foo@jabber.example.org PASSWORD\n"
+ " bar@example.net PASSWORD\n"
+ " ----- >8 ----- >8 ----- >8 -----\n"
+ "To send to a MUC use resource with a leading slash followed\n"
+ "by the nick (e.g. \"juliet@capulet.lit.org//Giulietta\").\n"
+ "\n", stdout);
+ exit (0);
+ }
+ else if (!strcmp (*argv, "--verbose"))
+ {
+ opt_verbose++;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--debug"))
+ {
+ opt_debug++;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--user"))
+ {
+ argc--; argv++;
+ if (!argc || !**argv || !strcmp (*argv, "--"))
+ die ("argument missing for option '%s'\n", argv[-1]);
+ opt_user = *argv;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--pass"))
+ {
+ argc--; argv++;
+ if (!argc || !**argv || !strcmp (*argv, "--"))
+ die ("argument missing for option '%s'\n", argv[-1]);
+ opt_pass = *argv;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--resource"))
+ {
+ argc--; argv++;
+ if (!argc || !**argv || !strcmp (*argv, "--"))
+ die ("argument missing for option '%s'\n", argv[-1]);
+ opt_resource = *argv;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--subject"))
+ {
+ argc--; argv++;
+ if (!argc || !**argv || !strcmp (*argv, "--"))
+ die ("argument missing for option '%s'\n", argv[-1]);
+ opt_subject = *argv;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--chat"))
+ {
+ opt_chat = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--me"))
+ {
+ opt_me = 1;
+ argc--; argv++;
+ }
+ else if (!strcmp (*argv, "--limit"))
+ {
+ argc--; argv++;
+ if (!argc || !**argv || !strcmp (*argv, "--"))
+ die ("argument missing for option '%s'\n", argv[-1]);
+ opt_limit = strtoul (*argv, NULL, 0);
+ argc--; argv++;
+ }
+ else if (!strncmp (*argv, "--", 2))
+ die ("unknown option '%s' (use --help)\n", *argv);
+ }
+
+ if (!argc)
+ die ("usage: " PGMNAME " [options] recipients (try --help)\n");
+
+ opt_recipients = argv;
+
+ read_config ();
+
+ anyerr = 0;
+ if (!opt_user || !*opt_user || !opt_pass || !*opt_pass)
+ {
+ if (!opt_user || !*opt_user)
+ err ("error: no user given\n");
+ if (!opt_pass || !*opt_pass)
+ err ("error: no password given\n");
+ inf ("hint: use config file \"~/.txxmpprc\" or option \"--user\"\n");
+ anyerr = 1;
+ }
+
+ for (idx = 0; (recp = opt_recipients[idx]); idx++)
+ {
+ const char *at, *slash;
+ at = strchr (recp, '@');
+ slash = strchr (recp, '/');
+ if (!at || at == recp || !at[1]
+ || (slash && (slash < at || at + 1 == slash)))
+ {
+ err ("error: invalid recipient '%s'\n", recp);
+ anyerr = 1;;
+ }
+ }
+
+ if (anyerr)
+ exit (1);
+
+ the_message = xreadfile (stdin, opt_limit);
+ if (opt_me)
+ {
+ char *newbuf = xstrconcat ("/me ", the_message, NULL);
+ free (the_message);
+ the_message = newbuf;
+ }
+
+ xmpp_initialize ();
+
+ ctx = xmpp_ctx_new (NULL,
+ (opt_debug? xmpp_get_default_logger (XMPP_LEVEL_DEBUG)
+ /* */ : NULL));
+ if (!ctx)
+ die ("xmpp_ctx_new failed\n");
+
+ conn = xmpp_conn_new (ctx);
+ if (!conn)
+ die ("xmpp_conn_new failed\n");
+
+ xmpp_conn_set_jid (conn, opt_user);
+ xmpp_conn_set_pass (conn, opt_pass);
+
+ rc = xmpp_connect_client (conn, NULL, 0, conn_handler, ctx);
+ if (rc)
+ err ("xmpp_connect_client failed: rc=%d\n", rc);
+ else
+ {
+ xmpp_run (ctx);
+ }
+
+ xmpp_conn_release (conn);
+ xmpp_ctx_free (ctx);
+
+ xmpp_shutdown ();
+
+ free (the_message);
+ the_message = NULL;
+
+ return 0;
+}
+
+
+/*
+Local Variables:
+compile-command: "gcc -Wall -g -lstrophe -o txxmpp txxmpp.c"
+End:
+*/
diff --git a/web/copying.org b/web/copying.org
index 3e83d1a..cb556c1 100644
--- a/web/copying.org
+++ b/web/copying.org
@@ -1,54 +1,54 @@
#+TITLE: GnuPG - Copying
#+STARTUP: showall
#+SETUPFILE: "share/setup.inc"
* Copying
#+index: Copying
Except when noted otherwise, these web pages are copyrighted by /The
GnuPG Project/. Given that such a legal entity does not exist, that
name should be considered a placeholder for the list of the actual
authors:
#+begin_verse
\copy 1998--2013 Werner Koch
\copy 2000--2002 Nils Ellmenreich
\copy 2001--2002 Mike Ashley
\copy 2002--2005 Lorenzo Cappelletti
\copy 2006--2006 David Shaw
#+end_verse
# The Aegypten pages are under a different license - there authors are
# \copy 2001--2004 Bernhard Reiter
# \copy 2001--2005 Jan-Oliver Wagner
You can redistribute these pages and/or modify them under the terms
of the
[[http://creativecommons.org/licenses/by-sa/3.0/][Creative Commons Attribution-ShareAlike 3.0 Unported License]]
or alternatively under the terms of the
[[http://www.gnu.org/licenses/][GNU General Public License]] as published by the Free Software
Foundation; either version 3 of the License, or (at your option)
any later version.
- If you wish to allow the use of your version of theses pages only
+ If you wish to allow the use of your version of these pages only
under the terms of one of these licenses, indicate your decision by
deleting the respective above paragraph.
** Remarks
For many years we maintained translation of these pages to French,
German, Italian, and Spanish. A big thank you to the translators:
Jean-Francois Paris, Walter Koch, Cristian Rigamonti, and Noel
David Torres Taño. Because we didn’t always managed to keep those
translation up to date, we decided in 2013 to abandon them. In
case translations are again demanded by users and sufficient
resources are available, the tentative plan is to setup individual
sites per language with language or country specific information.
Former version of these web pages have been marked as copyrighted
by the /Free Software Foundation/. However, a formal act to
transfer the copyright to them has never been conducted. Thus in
2013 these notices have been replaced by a reference to the list of
individual copyright holders.
diff --git a/web/documentation/howtos.org b/web/documentation/howtos.org
index f79425c..5be52f8 100644
--- a/web/documentation/howtos.org
+++ b/web/documentation/howtos.org
@@ -1,105 +1,105 @@
#+TITLE: GnuPG - HOWTOs
#+STARTUP: showall
#+SETUPFILE: "../share/setup.inc"
* HOWTOs
There are several HOWTOs available.
** GnuPG MiniHOWTO
You may get the best overview about the GnuPG system by reading the
mini HOWTO available in several formats:
- as on-line browsable HTML files (
[[../howtos/ca/GPGMiniHowto.html][ca]] ·
[[../howtos/de/index.html][de]] ·
[[http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.html][en]] ·
[[http://www.dewinter.com/gnupg_howto/spanish/index.html][es]] ·
[[../howtos/fr/index.html][fr]] ·
[[../howtos/it/GPGMiniHowto.html][it]] ·
[[../howtos/tr/GPGMinikNasil.html][tr]] ·
- [[../howtos/vn/index.html][vn]] .
+ [[../howtos/vn/index.htm][vn]] ·
[[../howtos/zh/index.html][zh]] )
- as one big HTML file (
[[../howtos/ca/GPGMiniHowto_big.html][ca]] ·
[[../howtos/it/GPGMiniHowto_big.html][it]] )
- as PDF (
[[../howtos/ca/GPGMiniHowto.pdf][ca]] ·
[[../howtos/de/GPGMiniHowto.pdf][de]] ·
[[../howtos/it/GPGMiniHowto.pdf][it]] ·
[[../howtos/vn/GPGMiniHowto.pdf][vn]] )
- in postscript format (
[[../howtos/ca/GPGMiniHowto.ps][ca]] ·
[[http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.ps][en]] ·
[[../howtos/de/GPGMiniHowto.ps][de]] )
- as DVI file ( [[../howtos/ca/GPGMiniHowto.dvi][ca]] )
- in RTF format ( [[../howtos/ca/GPGMiniHowto.rtf][ca]] )
- as plain text (
[[../howtos/ca/GPGMiniHowto.txt][ca]] ·
[[http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.txt][en]] ·
[[../howtos/it/GPGMiniHowto.txt][it]] )
- as SGML (
[[../howtos/ca/GPGMiniHowto.sgml][ca]] ·
[[../howtos/de/GPGMiniHowto.sgml][de]] ·
[[http://www.dewinter.com/gnupg_howto/english/GPGMiniHowto.sgml][en]] ·
[[../howtos/it/GPGMiniHowto.sgml][it]] ·
[[../howtos/tr/GPGMinikNasil.sgml.gz][tr]] )
- as gzipped tarball of them all ( [[../howtos/ca/GPGMiniHowto.tar.gz][ca]] )
** GnuPG SmartcardHOWTO
GnuPG supports the use of smartcards. This HOWTO explains how to
install and work with these cards.
- as on-line browsable HTML files ( [[../howtos/card-howto/en/smartcard-howto.html][en]] )
- as one big HTML file ( [[../howtos/card-howto/en/smartcard-howto-single.html][en]] )
- as plain text ( [[../howtos/card-howto/en/smartcard-howto.txt][en]] )
This smartcard howto is also available in the [[../download/git.org][source repository]].
** GnuPG Keysigning Party HOWTO
Once you get familiar with GnuPG's mechanisms, you surely wouldn't
miss one of its funnest (and useful) aspects: to meet your Internet
buddies and get your key signed by as many of them as possible.
But having to check tens or even hundreds of keys at a meeting may
become quite frustrating. Here it is where this HOWTO by V. Alex
Brennen comes in handy. It is a guide to understanding and
organizing a PGP keysigning party. Keysigning parties help build
and strengthen the web of trust which serves to make the use of
GnuPG more secure.
This HOWTO is available:
- as an on-line browsable set of HTML files (
[[http://www.cryptnet.net/fdp/crypto/gpg-party/gpg-party.de.html][de]] ·
[[http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html][en]] ·
[[../howtos/es/gpg-party.html][es]] ·
[[../howtos/it/keysigning_party.html][it]] ·
[[http://www.cypherpunks.ru/KSP.html][ru]] ·
[[http://www.cryptnet.net/fdp/crypto/gpg-party/gpg-party.si.html][si]] ·
[[http://www.cryptnet.net/fdp/crypto/gpg-party/gpg-party.zh-TW.html.big5][zh-TW.big5]] ·
[[http://www.cryptnet.net/fdp/crypto/gpg-party/gpg-party.zh-TW.html.euc-tw][zh-TW.euc-tw]] )
** Mutt-GnuPG HOWTO
Firstly, because everyone should be using encryption and signatures
in their email. Secondly, because there are absolutely no reason
for you not to be using PGP-compatible software. Thirdly, because
documentation is mostly geared toward someone who is already
familiar with PGP. Fourtly, because we like to promote both GnuPG
and Mutt as free software project, for use in everyday
communications. Lastly, because Justin R. Miller likes writing
tutorials.
For all these reasons, you can find below a link to Justin's HOWTO
on how to send and receive cryptographically signed and/or
encrypted email with GnuPG and the [[http://www.mutt.org/][Mutt mail reader]].
This HOWTO is available:
- as plain text ( [[http://codesorcery.net/old/mutt/][en]] )
diff --git a/web/documentation/index.org b/web/documentation/index.org
index 92194a4..07a5f9f 100644
--- a/web/documentation/index.org
+++ b/web/documentation/index.org
@@ -1,40 +1,40 @@
#+TITLE: GnuPG - Support
#+STARTUP: showall
#+SETUPFILE: "../share/setup.inc"
* Documentation
- [[file:howtos.org][HOWTOs]] :: Includes links to some HOWTOs available in several
languages to get out the best from GnuPG.
- [[file:manuals.org][Manuals]] :: A list of online available manuals which are also
provided with the software.
- [[file:guides.org][User Guides]] :: Draft versions of the user manual are available,
and there is also documentation covering
- interoperation with PGP 2.x. In addition we have a
- [[file:manpage.org][man page online]] and John Michael Ashley's /The GNU
+ interoperation with PGP 2.x. In addition, the software comes with man
+ pages, and we have John Michael Ashley's /The GNU
Privacy Handbook/ (GPH).
- [[file:faqs.org][FAQs]] :: Online version of the FAQs is now available. Please
consult these FAQs before you ask on one of the mailing
lists or report a bug.
- [[file:security.org][Security]] :: How to report security problems.
You may also notice that OpenPGP is a proposed Internet standard,
described by [[https://www.rfc-editor.org/rfc/rfc4880.txt][RFC-4880]].
* Community support
- [[file:mailing-lists.org][Mailing lists]] :: Describes the purposes of each mailing list
hosted on this server and gives instruction on
how to subscribe. Links to other GnuPG-related
discussion groups are also available.
- [[https://wiki.gnupg.org][Wiki]] :: The official GnuPG Wiki contains community-maintained
documentation for GnuPG and related software.
- [[file:bts.org][BTS]] :: Before you report a bug, please consult the list of bugs.
* Other types of support
- [[../service.org][Commercial support]] :: Listing of companies offering commercial
support for GnuPG
- [[http://twitter.com/gnupg][@gnupg]] :: We sometimes post short messages to Twitter.
diff --git a/web/documentation/manpage.org b/web/documentation/manpage.org
index f50db6b..de5dcab 100644
--- a/web/documentation/manpage.org
+++ b/web/documentation/manpage.org
@@ -1,789 +1,795 @@
#+TITLE: GnuPG - gpg man page
#+STARTUP: showall
#+SETUPFILE: "../share/setup.inc"
#+OPTIONS: -:nil
+* Old Man Page
+
+This is a very old version of the gpg man page. Please see the latest
+release or software package for your operating system to find an up to
+date version ("man gpg2").
+
* gpg
** Name
gpg -- encryption and signing tool
** Synopsis
#+BEGIN_EXAMPLE
gpg
[--homedir name]
[--options file]
[options]
command
[args]
#+END_EXAMPLE
** DESCRIPTION
*gpg* is the main program for the GnuPG system.
This man page does only list the commands and options available. For a
more verbose documentation get the GNU Privacy Handbook (GPH), which is
available at https://www.gnupg.org/gph/ . You will find a list of HOWTO
documents at https://www.gnupg.org/docs.html .
** COMMANDS
*gpg* recognizes these commands:
- -s, --sign :: Make a signature. This command may be combined with
--encrypt.
- --clearsign :: Make a clear text signature.
- -b, --detach-sign :: Make a detached signature.
- -e, --encrypt :: Encrypt data. This option may be combined with
--sign.
- -c, --symmetric :: Encrypt with symmetric cipher only This command
asks for a passphrase.
- --store :: Store only (make a simple RFC1991 packet).
- --decrypt [ =file= ] :: Decrypt =file= (or stdin if no file is
specified) and write it to stdout (or the file specified with
--output). If the decrypted file is signed, the signature is also
verified. This command differs from the default operation, as it
never writes to the filename which is included in the file and it
rejects files which don't begin with an encrypted message.
- --verify [[ =sigfile= ] [ =signed-files= ]] :: Assume that =sigfile= is a
signature and verify it without generating any output. With no
arguments, the signature packet is read from stdin (it may be a
detached signature when not used in batch mode). If only a sigfile is
given, it may be a complete signature or a detached signature, in
which case the signed stuff is expected in a file without the ".sig"
or ".asc" extension (if such a file does not exist it is expected at
stdin; use a single dash ("-") as filename to force a read from
stdin). With more than 1 argument, the first should be a detached
signature and the remaining files are the signed stuff.
- --verify-files [ =files= ] :: This is a special version of the --verify
command which does not work with detached signatures. The command
expects the files to bee verified either on the commandline or reads
the filenames from stdin; each anem muts be on separate line. The
command is intended for quick checking of many files.
- --list-keys [ =names= ], --list-public-keys [ =names= ] :: List all keys
from the public keyrings, or just the ones given on the command line.
- --list-secret-keys [ =names= ] :: List all keys from the secret
keyrings, or just the ones given on the command line.
- --list-sigs [ =names= ] :: Same as --list-keys, but the signatures are
listed too.
- --check-sigs [ =names= ] :: Same as --list-sigs, but the signatures are
verified.
- --fingerprint [ =names= ] :: List all keys with their fingerprints.
This is the same output as --list-keys but with the additional output
of a line with the fingerprint. May also be combined with --list-sigs
or --check-sigs. If this command is given twice, the fingerprints of
all secondary keys are listed too.
- --list-packets :: List only the sequence of packets. This is mainly
useful for debugging.
- --gen-key :: Generate a new key pair. This command is normally only
used interactive.
There is an experimental feature which allows to create keys in batch
mode. See the file =doc/DETAILS= in the source distribution on how to
use this.
- --edit-key =name= :: Present a menu which enables you to do all key
related tasks:
- sign :: Make a signature on key of user =name= If the key is not
yet signed by the default user (or the users given with -u), the
program displays the information of the key again, together with
its fingerprint and asks whether it should be signed. This
question is repeated for all users specified with -u.
- lsign :: Same as --sign but the signature is marked as
non-exportable and will therefore never be used by others. This
may be used to make keys valid only in the local environment.
- revsig :: Revoke a signature. GnuPG asks for every signature which
has been done by one of the secret keys, whether a revocation
certificate should be generated.
- trust :: Change the owner trust value. This updates the trust-db
immediately and no save is required.
- disable, enable :: Disable or enable an entire key. A disabled key
can normally not be used for encryption.
- adduid :: Create an alternate user id.
- deluid :: Delete an user id.
- addkey :: Add a subkey to this key.
- delkey :: Remove a subkey.
- revkey :: Revoke a subkey.
- expire :: Change the key expiration time. If a key is selected,
the time of this key will be changed. With no selection the key
expiration of the primary key is changed.
- passwd :: Change the passphrase of the secret key.
- uid =n= :: Toggle selection of user id with index =n=. Use 0 to
deselect all.
- key =n= :: Toggle selection of subkey with index =n=. Use 0 to
deselect all.
- check :: Check all selected user ids.
- pref :: List preferences.
- toggle :: Toggle between public and secret key listing.
- save :: Save all changes to the key rings and quit.
- quit :: Quit the program without updating the key rings.
The listing shows you the key with its secondary keys and all user
ids. Selected keys or user ids are indicated by an asterisk. The
trust value is displayed with the primary key: the first is the
assigned owner trust and the second is the calculated trust value.
Letters are used for the values:
- - :: No ownertrust assigned / not yet calculated.
- e :: Trust calculation has failed.
- q :: Not enough information for calculation.
- n :: Never trust this key.
- m :: Marginally trusted.
- f :: Fully trusted.
- u :: Ultimately trusted.
- --sign-key =name= :: Sign a public key with you secret key. This is a
shortcut version of the subcommand "sign" from --edit.
- --lsign-key =name= :: Sign a public key with you secret key but mark
it as non-exportable. This is a shortcut version of the subcommand
"lsign" from --edit.
- --trusted-key =long key ID= :: Assume that the specified key (which
must be given as a full 8 byte key ID) is as trustworthy as one of
your own secret keys. This option is useful if you don't want to keep
your secret keys (or one of them) online but still be able to check
the validity of a given recipient's or signator's key.
- --delete-key =name= :: Remove key from the public keyring
- --delete-secret-key =name= :: Remove key from the secret and public
keyring
- --gen-revoke :: Generate a revocation certificate for the complete
key. To revoke a subkey or a signature, use the --edit command.
- --export [ =names= ] :: Either export all keys from all keyrings
(default keyrings and those registered via option --keyring), or if
at least one name is given, those of the given name. The new keyring
is written to stdout or to the file given with option "output". Use
together with --armor to mail those keys.
- --send-keys [ =names= ] :: Same as --export but sends the keys to a
keyserver. Option --keyserver must be used to give the name of this
keyserver. Don't send your complete keyring to a keyserver - select
only those keys which are new or changed by you.
- --export-all [ =names= ] :: Same as --export, but does also export keys
which are not compatible to OpenPGP.
- --export-secret-keys [ =names= ], --export-secret-subkeys
[ =names= ] :: Same as --export, but does export the secret keys. This
is normally not very useful and a security risk. the second form of
the command has the special property to render the secret part of the
primary key useless; this is a GNU extension to OpenPGP and other
implementations can not be expected to successful import such a key.
- --import [ =files= ], --fast-import [ =files= ] :: Import/merge keys.
This adds the given keys to the keyring. The fast version does not
build the trustdb; this can be done at any time with the command
--update-trustdb.
There are a few other options which control how this command works.
Most notable here is the --merge-only options which does not insert
new keys but does only the merging of new signatures, user-IDs and
subkeys.
- --recv-keys =key IDs= :: Import the keys with the given key IDs from
a HKP keyserver. Option --keyserver must be used to give the name of
this keyserver.
- --export-ownertrust :: List the assigned ownertrust values in ASCII
format for backup purposes
- --import-ownertrust [ =files= ] :: Update the trustdb with the
ownertrust values stored in =files= (or stdin if not given); existing
values will be overwritten.
- --print-md =algo= [ =files= ] :: Print message digest of algorithm ALGO
for all given files of stdin. If "*" is used for the algorithm,
digests for all available algorithms are printed.
- --gen-random =0|1|2= [ =count= ] :: Emit COUNT random bytes of the
given quality level. If count is not given or zero, an endless
sequence of random bytes will be emitted. PLEASE, don't use this
command unless you know what you are doing, it may remove precious
entropy from the system!
- --gen-prime =mode= =bits= [ =qbits= ] :: Use the source, Luke :-). The
output format is still subject to change.
- --version :: Print version information along with a list of supported
algorithms.
- --warranty :: Print warranty information.
- -h, --help :: Print usage information. This is a really long list
even it does list not all options.
** OPTIONS
Long options can be put in an options file (default "~/.gnupg/options").
Do not write the 2 dashes, but simply the name of the option and any
required arguments. Lines with a hash as the first non-white-space
character are ignored. Commands may be put in this file too, but that
does not make sense.
*gpg* recognizes these options:
- -a, --armor :: Create ASCII armored output.
- -o, --output =file= :: Write output to =file=.
- -u, --local-user =name= :: Use =name= as the user ID to sign. This
option is silently ignored for the list commands, so that it can be
used in an options file.
- --default-key =name= :: Use =name= as default user ID for signatures.
If this is not used the default user ID is the first user ID found in
the secret keyring.
- -r, --recipient =name=, :: Encrypt for user id =name=. If this
option is not specified, GnuPG asks for the user-id unless
--default-recipient is given
- --default-recipient =name= :: Use =name= as default recipient if
option --recipient is not used and don't ask if this is a valid one.
=name= must be a non empty.
- --default-recipient-self :: Use the default key as default recipient
if option --recipient is not used and don't ask if this is a valid
one. The default key is the first one from the secret keyring or the
one set with --default-key.
- --no-default-recipient :: Reset --default-recipient and
--default-recipient-self.
- --encrypt-to =name= :: Same as --recipient but this one is intended
for in the options file and may be used together with an own user-id
as an "encrypt-to-self". These keys are only used when there are
other recipients given either by use of --recipient or by the asked
user id. No trust checking is performed for these user ids and even
disabled keys can be used.
- --no-encrypt-to :: Disable the use of all --encrypt-to keys.
- -v, --verbose :: Give more information during processing. If used
twice, the input data is listed in detail.
- -q, --quiet :: Try to be as quiet as possible.
- -z =n= :: Set compression level to =n=. A value of 0 for =n= disables
compression. Default is to use the default compression level of zlib
(normally 6).
- -t, --textmode :: Use canonical text mode. If -t (but not --textmode)
is used together with armoring and signing, this enables clearsigned
messages. This kludge is needed for PGP compatibility; normally you
would use --sign or --clearsign to selected the type of the
signature.
- -n, --dry-run :: Don't make any changes (this is not completely
implemented).
- -i, --interactive :: Prompt before overwriting any files.
- --batch :: Use batch mode. Never ask, do not allow interactive
commands.
- --no-tty :: Make sure that the TTY (terminal) is never used for any
output. This option is needed in some cases because GnuPG sometimes
prints warnings to the TTY if if --batch is used.
- --no-batch :: Disable batch mode. This may be of use if --batch is
enabled from an options file.
- --yes :: Assume "yes" on most questions.
- --no :: Assume "no" on most questions.
- --always-trust :: Skip key validation and assume that used keys are
always fully trusted. You won't use this unless you have installed
some external validation scheme.
- --keyserver =name= :: Use =name= to lookup keys which are not yet in
your keyring. This is only done while verifying messages with
signatures. The option is also required for the command --send-keys
to specify the keyserver to where the keys should be send. All
keyservers synchronize with each other - so there is no need to send
keys to more than one server. Using the command "host -l pgp.net |
grep wwwkeys" gives you a list of keyservers. Because there is load
balancing using round-robin DNS you may notice that you get different
key servers.
- --no-auto-key-retrieve :: This option disables the automatic
retrieving of keys from a keyserver while verifying signatures. This
option allows to keep a keyserver in the options file or the
--send-keys and --recv-keys commands.
- --honor-http-proxy :: Try to access the keyserver over the proxy set
with the variable "http\_proxy".
- --keyring =file= :: Add =file= to the list of keyrings. If =file=
begins with a tilde and a slash, these are replaced by the HOME
directory. If the filename does not contain a slash, it is assumed to
be in the home-directory ("~/.gnupg" if --homedir is not used). The
filename may be prefixed with a scheme:
"gnupg-ring:" is the default one.
"gnupg-gdbm:" may be used for a GDBM ring. Note that GDBM is
experimental and likely to be removed in future versions.
It might make sense to use it together with --no-default-keyring.
- --secret-keyring =file= :: Same as --keyring but for the secret
keyrings.
- --homedir =directory= :: Set the name of the home directory to
=directory= If this option is not used it defaults to "~/.gnupg". It
does not make sense to use this in a options file. This also
overrides the environment variable "GNUPGHOME".
- --charset =name= :: Set the name of the native character set. This is
used to convert some strings to proper UTF-8 encoding. Valid values
for =name= are:
- iso-8859-1 :: This is the default Latin 1 set.
- iso-8859-2 :: The Latin 2 set.
- koi8-r :: The usual Russian set (rfc1489).
- --utf8-strings, --no-utf8-strings :: Assume that the arguments are
already given as UTF8 strings. The default (--no-utf8-strings) is to
assume that arguments are encoded in the character set as specified
by --charset. These options effects all following arguments. Both
options may used multiple times.
- --options =file= :: Read options from =file= and do not try to read
them from the default options file in the homedir (see --homedir).
This option is ignored if used in an options file.
- --no-options :: Shortcut for "--options /dev/null". This option is
detected before an attempt to open an option file.
- --load-extension =name= :: Load an extension module. If =name= does
not contain a slash it is searched in "/usr/local/lib/gnupg" See the
manual for more information about extensions.
- --debug =flags= :: Set debugging flags. All flags are or-ed and
=flags= may be given in C syntax (e.g. 0x0042).
- --debug-all :: Set all useful debugging flags.
- --status-fd =n= :: Write special status strings to the file
descriptor =n=. See the file DETAILS in the documentation for a
listing of them.
- --logger-fd =n= :: Write log output to file descriptor =n= and not to
stderr.
- --no-comment :: Do not write comment packets. This option affects
only the generation of secret keys. Please note, that this has
nothing to do with the comments in clear text signatures.
- --comment =string= :: Use =string= as comment string in clear text
signatures. To suppress those comment strings entirely, use an empty
string here.
- --default-comment :: Force to write the standard comment string in
clear text signatures. Use this to overwrite a --comment from a
config file.
- --no-version :: Omit the version string in clear text signatures.
- --emit-version :: Force to write the version string in clear text
signatures. Use this to overwrite a previous --no-version from a
config file.
- -N, --notation-data =name=value= :: Put the name value pair into the
signature as notation data. =name= must consists only of alphanumeric
characters, digits or the underscore; the first character must not be
a digit. =value= may be any printable string; it will encoded in
UTF8, so sou should have check that your --charset is set right. If
you prefix =name= with an exclamation mark, the notation data will be
flagged as critical (rfc2440:5.2.3.15).
- --set-policy-url =string= :: Use =string= as Policy URL for
signatures (rfc2440:5.2.3.19). If you prefix it with an exclamation
mark, the policy URL packet will be flagged as critical.
- --set-filename =string= :: Use =string= as the name of file which is
stored in messages.
- --use-embedded-filename :: Try to create a file with a name as
embedded in the data. This can be a dangerous option as it allows to
overwrite files.
- --completes-needed =n= :: Number of completely trusted users to
introduce a new key signer (defaults to 1).
- --marginals-needed =n= :: Number of marginally trusted users to
introduce a new key signer (defaults to 3)
- --max-cert-depth =n= :: Maximum depth of a certification chain
(default is 5).
- --cipher-algo =name= :: Use =name= as cipher algorithm. Running the
program with the command --version yields a list of supported
algorithms. If this is not used the cipher algorithm is selected from
the preferences stored with the key.
- --digest-algo =name= :: Use =name= as message digest algorithm.
Running the program with the command --version yields a list of
supported algorithms. Please note that using this option may violate
the OpenPGP requirement, that a 160 bit hash is to be used for DSA.
- --s2k-cipher-algo =name= :: Use =name= as the cipher algorithm used
to protect secret keys. The default cipher is BLOWFISH. This cipher
is also used for conventional encryption if --cipher-algo is not
given.
- --s2k-digest-algo =name= :: Use =name= as the digest algorithm used
to mangle the passphrases. The default algorithm is RIPE-MD-160. This
digest algorithm is also used for conventional encryption if
--digest-algo is not given.
- --s2k-mode =n= :: Selects how passphrases are mangled. If =n= is 0 a
plain passphrase (which is not recommended) will be used, a 1
(default) adds a salt to the passphrase and a 3 iterates the whole
process a couple of times. Unless --rfc1991 is used, this mode is
also used for conventional encryption.
- --compress-algo =n= :: Use compress algorithm =n=. Default is 2 which
is RFC1950 compression. You may use 1 to use the old zlib version
(RFC1951) which is used by PGP. The default algorithm may give better
results because the window size is not limited to 8K. If this is not
used the OpenPGP behavior is used, i.e. the compression algorithm is
selected from the preferences; note, that this can't be done if you
do not encrypt the data.
- --disable-cipher-algo =name= :: Never allow the use of =name= as
cipher algorithm. The given name will not be checked so that a later
loaded algorithm will still get disabled.
- --disable-pubkey-algo =name= :: Never allow the use of =name= as
public key algorithm. The given name will not be checked so that a
later loaded algorithm will still get disabled.
- --throw-keyid :: Do not put the keyid into encrypted packets. This
option hides the receiver of the message and is a countermeasure
against traffic analysis. It may slow down the decryption process
because all available secret keys are tried.
- --not-dash-escaped :: This option changes the behavior of cleartext
signatures so that they can be used for patch files. You should not
send such an armored file via email because all spaces and line
endings are hashed too. You can not use this option for data which
has 5 dashes at the beginning of a line, patch files don't have this.
A special armor header line tells GnuPG about this cleartext
signature option.
- --escape-from-lines :: Because some mailers change lines starting
with "From " to " :: Using an exact to
match string. The equal sign indicates this.
- :: Using the email address part which
must match exactly. The left angle bracket indicates this email
address mode.
- +Heinrich Heine duesseldorf :: All words must match exactly (not case
sensitive) but can appear in any order in the user ID. Words are any
sequences of letters, digits, the underscore and all characters with
bit 7 set.
- #34 :: Using the Local ID. This is a very low level method and should
only be used by applications which really need it. The hash character
indicates this method. An application should not assume that this is
only a number.
- Heine, *Heine :: By case insensitive substring matching. This is the
default mode but applications may want to explicitely indicate this
by putting the asterisk in front.
** RETURN VALUE
The program returns 0 if everything was fine, 1 if at least a signature
was bad, and other error codes for fatal errors.
** EXAMPLES
- gpg -se -r =Bob= =file= :: sign and encrypt for user Bob
- gpg --clearsign =file= :: make a clear text signature
- gpg -sb =file= :: make a detached signature
- gpg --list-keys =user_ID= :: show keys
- gpg --fingerprint =user_ID= :: show fingerprint
- gpg --verify =pgpfile=, gpg --verify =sigfile= [ =files= ] :: Verify
the signature of the file but do not output the data. The second form
is used for detached signatures, where =sigfile= is the detached
signature (either ASCII armored of binary) and [ =files= ] are the
signed data; if this is not given the name of the file holding the
signed data is constructed by cutting off the extension (".asc" or
".sig") of =sigfile= or by asking the user for the filename.
** ENVIRONMENT
- HOME :: Used to locate the default home directory.
- GNUPGHOME :: If set directory used instead of "~/.gnupg".
- http\_proxy :: Only honored when the option --honor-http-proxy is
set.
** FILES
- ~/.gnupg/secring.gpg :: The secret keyring
- ~/.gnupg/secring.gpg.lock :: and the lock file
- ~/.gnupg/pubring.gpg :: The public keyring
- ~/.gnupg/pubring.gpg.lock :: and the lock file
- ~/.gnupg/trustdb.gpg :: The trust database
- ~/.gnupg/trustdb.gpg.lock :: and the lock file
- ~/.gnupg/random\_seed :: used to preserve the internal random pool
- ~/.gnupg/options :: May contain options
- /usr[/local]/share/gnupg/options.skel :: Skeleton options file
- /usr[/local]/lib/gnupg/ :: Default location for extensions
** WARNINGS
Use a *good* password for your user account and a *good* passphrase to
protect your secret key. This passphrase is the weakest part of the
whole system. Programs to do dictionary attacks on your secret keyring
are very easy to write and so you should protect your "~/.gnupg/"
directory very well.
Keep in mind that, if this program is used over a network (telnet), it
is *very* easy to spy out your passphrase!
** BUGS
On many systems this program should be installed as setuid(root). This
is necessary to lock memory pages. Locking memory pages prevents the
operating system from writing memory pages to disk. If you get no
warning message about insecure memory 3our operating system supports
locking without being root. The program drops root privileges as soon as
locked memory is allocated.
diff --git a/web/documentation/pressreview.org b/web/documentation/pressreview.org
index 7ed99ea..612f5b5 100644
--- a/web/documentation/pressreview.org
+++ b/web/documentation/pressreview.org
@@ -1,207 +1,237 @@
#+TITLE: GnuPG - Press Review
#+STARTUP: showall
#+SETUPFILE: "../share/setup.inc"
* Press Review
GnuPG is sometimes mentioned in the press and other media. This page
lists articles related to GnuPG we are aware of.
+ - [[International][English]] articles
+ - [[French]] articles
+ - [[German]] articles
+
* International
Here are articles originally published in English.
** ArsTechnica UK 2016-12-20
[[http://arstechnica.co.uk/information-technology/2016/12/signal-does-not-replace-pgp/][Op-ed: Why I’m not giving up on PGP]]
** ProPublica 2015-02-05
The World’s Email Encryption Software Relies on One Guy, Who is Going Broke\\
Julia Angwin
[[http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke][Article]]
The article was followed up at many sites, for example:
English:
- [[http://arstechnica.com/security/2015/02/once-starving-gnupg-crypto-project-gets-a-windfall-but-can-it-be-saved/][Ars Technica]]
- [[http://www.computerworlduk.com/blogs/open-enterprise/gnupg-3597056/][Computerworld]]
- [[https://gigaom.com/2015/02/06/funds-flow-in-for-gnupg-author-after-article-reveals-his-plight/][GigaOm]]
- [[http://www.itwire.com/business-it-news/open-source/66886-facebook-stripe-pledge-funds-for-gnupg-development][IT Wire]]
- [[http://www.thegamersdrop.com/2015/02/05/facebook-stripe-pledge-100000year-broke-developer/][The Gamersdrop]]
- [[http://www.theregister.co.uk/2015/02/05/gnupg_funding/][The Register]]
French:
- [[http://www.01net.com/editorial/644468/le-chiffrement-open-source-gnupg-sauve-in-extremis-par-les-dons-des-internautes/][01net]]
German:
- [[http://www.admin-magazin.de/content/view/full/15613][Admin Magazin]]
- [[http://derstandard.at/2000011366952/Finanzierung-des-Mail-Verschluesselungsprojekts-GnuPG-gesichert][Der Standard]]
- [[http://www.handelsblatt.com/technik/it-internet/it-internet/verschluesselungsprojekt-gnupg-hat-wieder-geld/11338196.html][Handelsblatt]]
- [[http://www.heise.de/newsticker/meldung/Crowdfunding-GnuPG-Entwicklung-ist-gesichert-2542745.html][Heise]]
- [[http://www.focus.de/finanzen/news/wirtschaftsticker/unternehmen-finanzierung-von-mail-verschluesselungsprojekt-gnupg-vorerst-gesichert_id_4457801.html][Focus (dpa)]]
- [[http://www.nordbayern.de/finanzierung-von-mail-verschlusselungsprojekt-gnupg-vorerst-gesichert-1.4174524][Nürnberger Nachrichten / Nordbayern]] FIX URL!
- [[http://www.nzz.ch/mehr/digital/verschluesselte-e-mails-gnupg-spenden-1.18477365][NZZ]]
- [[http://www.spiegel.de/netzwelt/web/e-mail-verschluesselungsprojekt-gnupg-finanzierung-gesichert-a-1017120.html][Spiegel]]
- [[http://www.sueddeutsche.de/news/wirtschaft/internet-finanzierung-von-mail-verschluesselungsprojekt-gnupg-vorerst-gesichert-dpa.urn-newsml-dpa-com-20090101-150206-99-04523][Süddeutsche (dpa)]]
- [[http://www.wz-newsline.de/home/multimedia/finanzierung-von-mail-verschluesselungsprojekt-gnupg-vorerst-gesichert-1.1855606][Westdeutsche Zeitung]]
** LWN 2014-12-04
The GnuPG 2.1 release\\
Nathan Willis
[[https://lwn.net/Articles/624146/][Article]]
** Daily Mail, 2013-02-13
MI5-install-black-box-spy-devices\\
(mentioned in a sidebox)
[[http://www.dailymail.co.uk/sciencetech/article-2274388/MI5-install-black-box-spy-devices-monitor-UK-internet-traffic.html][Article]]
** NYT/IHT, 2012-11-16
Trying to Keep Your E-Mails Secret When the C.I.A. Chief Couldn’t\\
By Nicole Perlroth
[[http://www.nytimes.com/2012/11/17/technology/trying-to-keep-your-e-mails-secret-when-the-cia-chief-couldnt.html][Article]] (registration required)
** LWN 2007-12-27:
GnuPG Celebrates 10 Years\\
(Werner’s mail with comments)
[[http://lwn.net/Articles/263256/][Article]]
** Linux Journal, March 2006, pp. 52--56:
GnuPG Hacks\\
Tony Stieber
[[http://www.linuxjournal.com/article/8732][Article]]
** Salon, 2002-03-27
Pretty geeky privacy\\
Bill Lamb
[[http://www.salon.com/technology/feature/2002/03/27/gnupg][Article]]
** NYT, 1999-11-19
Germany Awards Grant for Encryption\\
Peter Wayner
[[http://partners.nytimes.com/library/tech/99/11/cyber/articles/19encrypt.html][Article]]
# [[file:~/privat/archive/nyt-1999-11-19.txt]]
+* French
+
+** Linuxfr, 2017-06-08
+ Journal GnuPG lance une nouvelle campagne de financement\\
+ gouttegd
+
+ [[https://linuxfr.org/users/gouttegd/journaux/gnupg-lance-une-nouvelle-campagne-de-financement][Article]]
* German
Here are articles originally published in German.
+** Heise, 2017-06-06
+ Neue Crowdfunding-Runde für GnuPG-Entwicklung\\
+ Christiane Schulzki-Haddouti
+
+ [[https://www.heise.de/newsticker/meldung/Neue-Crowdfunding-Runde-fuer-GnuPG-Entwicklung-3735804.html][Artikel]]
+
+** Netzpolitik.org, 2016-01-26
+ Die Person hinter GnuPG: Werner Koch\\
+ Simon Rebiger
+
+ [[https://netzpolitik.org/2016/die-person-hinter-gnupg-werner-koch/][Artikel]]
+
+** WDR 5, 2016-01-18
+ GnuPG und der bescheidene Herr Koch\\
+ 'Pain in the ass' der NSA\\
+ Mirjam Wlodawer.
+
+ [[http://www1.wdr.de/radio/wdr5/gnupg-koch-100.html][Artikel]] [[http://podcast-ww.wdr.de/medstdp/fsk0/91/910864/wdr5neugiergenuegtdasfeature_2016-01-18_wernerkochdermanndermitgnupgdiensaherausfordertwdr5neugiergenuegtdasfeature18012016_wdr5.mp3][Podcast]]
+
+
** DR Wissen, 2015-06-12
Schlüssel für Snowden\\
(in Einhundert, "Candystorm")\\
Monika Ahrens
[[http://dradiowissen.de/beitrag/kryptografie-werner-kochs-software-f%25C3%25BCr-edward-snowden][Artikel]]
-
** DW, 2015-02-19
Verschlüsselung made in Deutschland\\
Matthias Von-Hein
[[http://dw.de/p/1Eebj][Artikel]]
** SZ, 2015-02-18
Wie ein Mann das E-Mail-Geheimniss verteidigt\\
Hakan Tanriverdi
[[http://www.sueddeutsche.de/digital/verschluesselungssoftware-gnu-pg-wie-ein-mann-das-e-mail-geheimnis-verteidigt-1.2355155][Artikel]]
** FAZ, 2015-02-13
- Finger Weg von meine Daten!
+ Finger Weg von meinen Daten!\\
Constanze Kurz
[[http://www.faz.net/aktuell/feuilleton/aus-dem-maschinenraum/verschluesselungssoftware-finger-weg-von-meinen-daten-13416853.html][Artikel]]
** taz, 2015-02-13
Der bescheidene Herr Koch\\
Kai Schlieter
[[http://www.taz.de/Verschluesselung-mit-GnuPG/!154635/][Artikel]]
** Rheinische Post, Lokalteil 2015-02-13
400000 Euro Spende für Programmierer\\
Dag Brückner
[[http://www.rp-online.de/nrw/staedte/erkrath/400-000-euro-spende-fuer-programmierer-aid-1.4869922][Artikel]]
** netzpolitik, 2014-11-13
Verschlüsselung im Bundestag: Fördern Bundesregierung
oder BSI die freie Software GnuPG?\\
Markus Beckedahl
[[https://netzpolitik.org/2014/verschluesselung-im-bundestag-foerdern-bundesregierung-oder-bsi-die-freie-software-gnupg/][Artikel]]
** Heise Ticker 2014-11-07
GnuPG unterstützt Krypto auf Elliptischen Kurven\\
Jürgen Schmidt
http://www.heise.de/newsticker/meldung/GnuPG-unterstuetzt-Krypto-auf-Elliptischen-Kurven-2444337.html
** Linux-Magazin 2014-08
Wer bezahlt die freien Krypto-Entwickler?\\
Chronisch klamm\\
Tim Schürmann
http://www.linux-magazin.de/Ausgaben/2014/08/Finanzierung/%28language%29/ger-DE
** Saarbrücker Zeitung, 2013-10-02, Seite E6
Sicherheit mit einem Klick\\
Von Martin Schäfer
# Attachment: Saar20131002.pdf
** Spiegel Online, 2013-07-04
Schutz gegen Internet-Spione: So verschlüsseln Sie Ihre E-Mails\\
Von Friedrich Lindenberg und Christian Stöcker
[[http://www.spiegel.de/netzwelt/netzpolitik/so-verschluesseln-sie-ihre-e-mails-mit-openpgp-a-909316.html][Artikel]]
** c't, 22/2013, Seite 136
Privatsache E-Mail\\
Nachrichten verschlüsseln und signieren mit PGP
** c't 20/2012, Seite 190
Vertrauen auf den ersten Blick\\
Automatische E-Mail-Verschlüsselung mit Steed\\
Autor: Holger Bleich, Bernhard Münkel
[[http://www.heise.de/artikel-archiv/ct/2012/20/190_Vertrauen-auf-den-ersten-Blick][Artikel]] (Paywall)
** FAS, 2010-08-15
So schützen Sie Ihre Mails\\
Nils Handler
/Die Bundesregierung hat Blackberry und iPhone verbannt, weil die
Geräte zu unsicher sind. Privatleute müssen sich ebenfalls wappnen./
[[http://fazarchiv.faz.net/document/showSingleDoc/FAS__SD1201008152800208?DT_from%3D&KO%3D&timeFilter%3D&timePeriod%3DtimeFilter&dosearch%3Dy&crxdefs%3D&sext%3D0&NN%3D&BC%3D&q%3DGnuPG&search_in%3Dq&sorting%3D&DT_to%3D&CO%3D&submitSearch%3DSuchen&maxHits%3D&CN%3D&toggleFilter%3D&annr%3D186182&highlight%3D%255C%2525eAEBEQDu%252F0IqOmdudXBnLEJFR1JJRkYsL3QFFQ%253D%253D][Artikel]] (Paywall)
# Telefonat am 2010-08-12 und 2010-08-14 für
** i'X 3/2009, Seite 161
Vor 10 Jahren:\\
Verschlüsseln mit GnuPG.
** i'X 3/1999, Seite 94
Schlüsselkind\\
Freie PGP-Implementierung GnuPG
[[http://www.heise.de/kiosk/archiv/ix/1999/3/94_Freie-PGP-Implementierung-GnuPG][Artikel]] (Paywall)
diff --git a/web/documentation/sites.org b/web/documentation/sites.org
index 2434e20..8d730ac 100644
--- a/web/documentation/sites.org
+++ b/web/documentation/sites.org
@@ -1,18 +1,22 @@
#+TITLE: GnuPG - Other web sites and cards
#+STARTUP: showall
#+SETUPFILE: "../share/setup.inc"
+* Press review
+
+ [[file:pressreview.org][Articles on GnuPG]]
+
* Other web sites
This page shows a list of web sites which are somehow related to GnuPG.
- [[http://pgp.iijlab.net/][Japanese PGP page]] :: A site in Japanese dedicated to PGP.
- [[http://pt.gnupg.org.][Portuguese GnuPG site]] :: A site in Portuguese dedicated to GnuPG.
- [[http://pgpru.com/][Russian OpenPGP site]] :: A site in Russian with a forum dedicated to
OpenPGP.
* OpenPGP card implementations
OpenPGP cards can be purchased from:
- [[https://www.floss-shop.de/en/security-privacy/][FLOSS-Shop]] (formerly kernelconcepts)
diff --git a/web/donate/index.de.org b/web/donate/camp2017.de.org
similarity index 92%
rename from web/donate/index.de.org
rename to web/donate/camp2017.de.org
index 7c3fd32..3f2f41a 100644
--- a/web/donate/index.de.org
+++ b/web/donate/camp2017.de.org
@@ -1,1818 +1,1844 @@
# -*- html -*-
#+TITLE: GnuPG - Spenden
#+STARTUP: showall
#+SETUPFILE: "../share/setup.inc"
#
# Note: Do not use relative links because this page is also used as a
# template from cgi-bin/. Using https://www.gnupg.org/... is
# fine as it is stripped before publishing.
#+BEGIN_HTML
GnuPG Spendenkampagne
Klicken um das Video zu starten
(erfordert JavaScript von YouTube).
GnuPG Spendenkampagne
+
[This is a snaphot of the page at the end of the
+ campaign on 2017-09-05. ]
+
pro Monat von benötigten
+
- in einmaligen Spenden
+ an einmaligen Spenden
Unterstützer
GnuPG braucht Ihre Unterstützung um Ihre Privatsphäre im
Internet zu schützen.
Aktivisten, Journalisten, Anwälte
und viele andere verlassen sich auf
GnuPG um ihre
Korrespondenz zu beschützen. Weiterhin verlassen sich
beinahe alle auf Freier Software basierenden
Betriebsysteme (die auf zwei drittel der Server des
Internets genutzt werden) auf GnuPG um die Integrität
ihrer Softwareaktualisierungen sicherzustellen.
Um Support und Weiterentwicklung von GnuPG zu
ermöglichen bitten wir, die Hauptentwickler von GnuPG,
um Spenden von der Allgemeinheit.
Unser Hauptziel
ist 15 000 Euro pro Monat um
drei Entwickler zu finanzieren;
unser erweitertes Ziel ist doppelt so
viel, 30 000 Euro pro Monat.
Bitte denken Sie darüber nach zu Spenden um
sicherzustellen, dass diese kritische Software auch
weiterhin für jeden funktioniert.
-
-
-
-
Video of the Day: Andre Meister
- netzpolitik.org
-
-
-
-
-
-
-
Klicken um das Video zu starten
-
- (erfordert JavaScript von YouTube).
-
-
-
-
-
-
-
- Jeden Tag gibt es ein neues Video! Im Menü
-
- können weitere Videos ausgewählt werden.
-
-
-
-
-
GnuPG Braucht Ihre Hilfe!
Seit 20 Jahren hilft GnuPG elektronische Kommunikation zu
schützen.
Cindy
Cohn , Geschäftsführerin der
Electronic Frontier
Foundation (EFF), beschreibt GnuPG als “das Werkzeug, mit dem ich am
häufigsten mit Menschen in Not [..] kommuniziere.”
Sheera
Frenkel ,
Auslandskorrespondentin für BuzzFeed News, fügt
hinzu: "Als eine Nachrichtenorganisation sind
wir ausgebildet GPG zu benutzen. Es geht um die
Quellen und was mit ihnen passiert wenn man ihr Land
verlässt, die brisante Story veröffentlicht und die
Regierung nach dem Informant sucht, der einem die
Schlüsselinformation verriet." Und GnuPG war
bekanntermaßen Edward Snowden's Werkzeug der Wahl um
- sicher Journalisten über die Massenüberwachund der NSA zu
+ sicher Journalisten über die Massenüberwachung der NSA zu
unterrichten.
Aber GnuPG wird nicht nur zum Verschlüsseln von E-Mails
benutzt. GnuPG schützt
Softwareaktualisierungen auf fast allen freien
Betriebsystemen, die
auf zwei
drittel aller Server im Internet eingesetzt werden .
Weiterhin wird GnuPG von einer breiten Masse an
Organisationen und Firmen verwendet. Arthur
Jordan , Vizepräsident der IT
von 2U, hat uns beispielsweise erzählt:
"als wir Universitäten kontaktierten um zu fragen, wie
sie sicher Dateien übertragen, stellten wir fest, dass sie
bereits mit GPG verschlüsselten."
Trotz der kritischen Rolle die GnuPG insbesondere für
Journalisten, Aktivisten und Anwälte, aber auch für jede
Nutzerin des Internets spielt, hatte GnuPG im Jahr 2012
Finanzierungsprobleme . Aufgrund von
ausbleibenden Aufträgen musste Werner Koch, GnuPG's
Hauptentwickler, seinen einzigen Mitarbeiter entlassen,
- der vollzeit an GnuPG gearbeitet hat. Und im Jahr 2014
+ der Vollzeit an GnuPG gearbeitet hat. Und im Jahr 2014
musste Werner andere Jobs annehmen um seine Arbeit an
GnuPG zu finanzieren.
Die Situation war so hoffnungslos, dass Werner
kurz davor stand aufzugeben. Aber Freunde haben ihn
überzeugt, es mit einer Spendenkampagne zu
versuchen. Die Reaktion war überwältigend.
Nicht nur hat er genug Geld erhalten um seinen
Lebensunterhalt zu finanzieren, er bekam
250 000 Euro in kleinen Spenden , und
Stripe, Facebook und die Linux Foundation haben
zugesagt, je etwa 50 000 Euro pro Jahr zu
spenden.
Das GnuPG Team auf der OpenPGP.conf 2016
Ermutigt von der überwältigenden Hilfsbereitschaft
hat Werner entschieden sein Team zu vergrößern.
Bis zum heutigen Tag hat er fünf Entwickler eingestellt,
und über die letzten zwei Jahre hat sich GnuPG und das
dazugehörende Ökosystem in einer Reihe von Punkten
weiterentwickelt. Zum Beispiel haben wir
- das finden von Schlüssel vereinfacht , ein System zur
+ das Finden von Schlüssel vereinfacht , ein System zur
Anbindung von GPG an Python adoptiert, an
Enigmail
mitgearbeitet,
und das
Gnuk Projekt unterstützt—einem Sicherheits-Token
bestehend aus Freier Software und Freier Hardware.
Wir möchten diese Arbeit auf lange Zeit
fortsetzen. Aber wir wollen, dass unsere
Loyalität in erster Linie der Allgemeinheit gehört.
Deshalb wollen wir sicherstellen, dass der Großteil der
Finanzierung von Individuen und nicht von Firmen kommt.
Weiterhin setzen wir um das Bestehen des Projektes auf
lange Sicht zu gewähren auf regelmäßige Spenden und nicht
auf einmalige Spenden wie letztes mal.
Unser Hauptziel ist es, Spenden in
Höhe von 15 000 Euro monatlich zu bekommen—genug
um drei Entwickler zu finanzieren . Wir können
dieses Ziel erreichen wenn nur 2000 Menschen
zwischen 5 und 10 Euro monatlich spenden, dass
entspricht etwa zwei oder drei Tassen Kaffee.
Das Gnuk Token
Das Geld erlaubt uns zunächst GnuPG zu pflegen.
Weiterhin werden wir unsere Arbeit an dem Gnuk
Sicherheitstoken finanzieren. Ein neues Projekt, welches
uns das Geld ermöglichen soll, ist ein Buch mit dem Titel
"An Advanced Introduction to GnuPG" — "Eine
Fortgeschrittene Einführung in GnuPG" — mit drei
Zielgruppen: Entwickler, die GnuPG in ihre Programme
integrieren wollen und die verschiedenen Konzepte,
Sicherheitsabwägungen und übliche Stolperfallen verstehen
- müssen; Trainer die Fortbildungen in Digitaler Sicherheit
+ müssen; Trainer, die Fortbildungen in digitaler Sicherheit
anbieten, um Endbenutzern handfeste Ratschläge geben zu
können; und natürlich Enthusiasten.
Unser erweitertes Ziel ist die doppelte Menge an
Spenden . Wenn 4000 Menschen nur fünf oder
zehn Euro jeden Monat spenden, werden wir unser Team
vergrößern und mit ihnen Projekte im GnuPG Ökosystem
unterstützten. Ein Projekt, an dem wir wirklich gerne
mitarbeiten möchten, ist GPGTools, auf das sich viele
Aktivisten und Journalisten verlassen um ihre
Onlinekommunikation zu schützen. Wir wollen
sicherstellen, dass die GPG-Integration für das
Mailprogramm von Apple unterstützt ist sobald eine neue
Version von macOS erscheint.
Vielleicht benutzen Sie nicht GnuPG um Ihre E-Mails zu
verschlüsseln. Nichtsdestotrotz verlassen sich
Journalisten deren Arbeit Sie schätzen auf GnuPG um ihre
Quellen zu schützen, verlassen sich Aktivisten die für
eine Sache kämpfen die Sie unterstützenswert finden auf
GnuPG um ihre Kommunikation zu schützen, und verlassen
sich Anwälte die mit ihren Klienten verkehren auf GnuPG um
ihrer Verschwiegenheitspflicht in unserer digitalen Welt
nachzukommen. Weiterhin verlassen sich Betriebsysteme
basierend auf Freier Software auf GnuPG um ihre
Softwareaktualisierungen zu verifizieren.
Falls Sie
—wie wir— überzeugt sind, dass diese Arbeit
essenziell ist um Demokratie und Privatsphäre zu schützen,
dann helfen Sie uns bitte unsere Arbeit fortzusetzen
und unabhängig zu bleiben .
Wartung
Unsere höchste Priorität ist sicherzustellen,
dass GnuPG auch in Zukunft gewartet wird. Dazu
gehört das Reagieren auf Fehlerberichte,
Sicherheitsprobleme zu beheben und mit dem
neuesten Stand der Kryptographie mitzuhalten.
Gnuk
Das Gnuk Sicherheitstoken besteht komplett aus
Freier Software. Auch das Hardwaredesign, entwickelt
von Niibe, ist frei verfügbar. Wir planen, mehr
- in seine Produktion und Vertrieb zu investieren.
+ in seine Produktion und seinen Vertrieb zu investieren.
Buch
Wir möchten die Dokumentation verbessern.
Insbesondere arbeiten wir an einem Buch mit dem
Titel An Advanced Introduction to GnuPG
— Eine Fortgeschrittene Einführung in
GnuPG — das erläutert wie GnuPG
funktioniert und wie man es am besten einsetzt.
- Die Zielgruppen sind Trainer die Fortbildungen in
- Digitaler Sicherheit anbieten, Programmierer die
+ Die Zielgruppen sind Trainer, die Fortbildungen in
+ digitaler Sicherheit anbieten, Programmierer, die
GnuPG in ihre Anwendungen einbetten und
Enthusiasten.
Größeres Ökosystem
Die meisten Leute nutzen GnuPG nicht direkt,
sondern durch Werkzeuge und Plugins.
Wir wollen die Entwickler solcher Programme
- unterstützen, um Integration von GnuPG zu
+ unterstützen, um die Integration von GnuPG zu
verbessern. Insbesondere möchten wir
sicherstellen, dass das GPG-Plugin für
Apple's Mailprogramm (GPGTools) mit jeder neuen
Version von macOS funktioniert.
Was andere über GnuPG sagen
“GPG ist das Werkzeug, mit dem ich am
häufigsten mit Menschen in Not auf der
ganzen Welt kommuniziere.”
“Letztendlich sind wir Anwälte, wir
tauschen Dokumente und E-Mails aus und im
Herzen davon ist—die Sicherheit von
GPG.”
“Ich sprach mit einer
Quelle in
Russland. Ich habe ihm erklärt wie GPG
funktioniert, und er hat mir kürzlich
seine erste verschlüsselte E-Mail gesendet
und gesagt:
‘Vielen Dank, es hat mich wirklich
beruhigt, dass sie sich um meine Sicherheit
sorgen.’ ”
“Ob Sie einen GPG-Schlüssel haben oder
nicht, ob Sie je verschlüsselt E-Mails
versenden, Sie verlassen sich auf GPG um
sicherzustellen, dass
Softwareaktualisierungen wie erwartet
funktionieren.”
“GPG ist der Schlüssel um die
Verschwiegenheitspflicht von Anwälten in
unserer digitalen Welt umzusetzen.”
“GPG ist Teil der
ausgewogenen Ernährung eines jeden
Reporters, besonders wenn sie ihre Quellen
schützen wollen und von Whistleblowern
angesprochen werden möchten.”
“Die Journalisten für die wir Arbeiten
vertrauen darauf, dass wir wissen, wie man
sie am besten beschützt. Und die Art und
Weise wie wir die sichersten und
praktikablesten Werkzeuge — wie GPG
— einsetzen erfüllt diese
Anforderung.”
“Wir fühlen uns sehr sicher wenn wir GPG
einsetzen, um die Daten von Studenten zu
schützen beim Austausch von Akten zwischen
Universitäten. Es beruhigt uns wirklich
sehr.”
“Für mich ist GPG eines der
Schlüsselwerkzeuge das wir benötigen, um
selbstbestimmt in den Vereinigten Staaten
und auf jedem Fleck der Erde in dem
Digitalen Zeitalter leben zu können.”
“Als eine Nachrichtenorganisation sind wir
ausgebildet GPG zu benutzen. Es geht um
die Quellen und was mit ihnen passiert
wenn man ihr Land verlässt, die brisante
Story veröffentlicht und die Regierung
nach dem Informant sucht, der einem die
Schlüsselinformation verriet.”
“Wir [bei SecureDrop] haben uns für GPG
statt anderer Alternativen entschieden,
überwiegend da GPG das bekannteste und am
meisten genutzte Werkzeug zur
asymmetrischen Verschlüsselung ist.”
“Als wir Universitäten kontaktierten um zu
fragen, wie sie sicher Dateien übertragen,
stellten wir fest, dass sie bereits mit
GPG verschlüsselten”
“Für mich persönlich ist der entscheidende
Vorteil von GPG, dass es mir ermöglicht
mit Menschen zu kommunizieren, die ich
sonst nicht erreichen könnte, um ihnen
entweder zu helfen oder ihre Geschichte zu
erzählen.”
“Aber auch wenn Sie ganz sicher sind, dass
Sie nichts zu verbergen haben, wenn Sie
denken, dass andere Menschen etwas
rechtmäßig und notwendig zu verbergen
haben, sind wir der Meinung, dass Sie GPG nutzen sollten, denn das
hilft diejenigen zu schützen, die wirklich
GPG nutzen müssen.”
“GPG hat uns noch nicht den Hintern
gerettet, aber die Tatsache, dass es da
ist—es lässt uns nachts ruhig
schlafen.”
“GPG ist das Werkzeug, mit dem ich am
häufigsten mit Menschen in Not auf der
ganzen Welt kommuniziere.”
“Letztendlich sind wir Anwälte, wir
tauschen Dokumente und E-Mails aus und im
Herzen davon ist—die Sicherheit von
GPG.”
“Ich sprach mit einer
Quelle in
Russland. Ich habe ihm erklärt wie GPG
funktioniert, und er hat mir kürzlich
seine erste verschlüsselte E-Mail gesendet
und gesagt:
‘Vielen Dank, es hat mich wirklich
beruhigt, dass sie sich um meine Sicherheit
sorgen.’ ”
“Ob Sie einen GPG-Schlüssel haben oder
nicht, ob Sie je verschlüsselt E-Mails
versenden, Sie verlassen sich auf GPG um
sicherzustellen, dass
Softwareaktualisierungen wie erwartet
funktionieren.”
“GPG ist der Schlüssel um die
Verschwiegenheitspflicht von Anwälten in
unserer digitalen Welt umzusetzen.”
“GPG ist Teil der
ausgewogenen Ernährung eines jeden
Reporters, besonders wenn sie ihre Quellen
schützen wollen und von Whistleblowern
angesprochen werden möchten.”
“Die Journalisten für die wir Arbeiten
vertrauen darauf, dass wir wissen, wie man
sie am besten beschützt. Und die Art und
Weise wie wir die sichersten und
praktikablesten Werkzeuge — wie GPG
— einsetzen erfüllt diese
Anforderung.”
“Wir fühlen uns sehr sicher wenn wir GPG
einsetzen um die Daten von Studenten zu
schützen beim Austausch von Akten zwischen
Universitäten. Es beruhigt uns wirklich
sehr.”
“Für mich ist GPG eines der
Schlüsselwerkzeuge das wir benötigen, um
selbstbestimmt in den Vereinigten Staaten
und auf jedem Fleck der Erde in dem
Digitalen Zeitalter leben zu können.”
“Als eine Nachrichtenorganisation sind wir
ausgebildet GPG zu benutzen. Es geht um
die Quellen und was mit ihnen passiert
wenn man ihr Land verlässt, die brisante
Story veröffentlicht und die Regierung
nach dem Informant sucht, der einem die
Schlüsselinformation verriet.”
“Wir [bei SecureDrop] haben uns für GPG
statt anderer Alternativen entschieden,
überwiegend da GPG das bekannteste und am
meisten genutzte Werkzeug zur
asymmetrischen Verschlüsselung ist.”
“Als wir Universitäten kontaktierten um zu
fragen, wie sie sicher Dateien übertragen,
stellten wir fest, dass sie bereits mit
GPG verschlüsselten”
“Für mich persönlich ist der entscheidende
Vorteil von GPG, dass es mir ermöglicht
mit Menschen zu kommunizieren, die ich
sonst nicht erreichen könnte, um ihnen
entweder zu helfen oder ihre Geschichte zu
erzählen.”
“Aber auch wenn Sie ganz sicher sind, dass
Sie nichts zu verbergen haben, wenn Sie
denken, dass andere Menschen etwas
rechtmäßig und notwendig zu verbergen
haben, sind wir der Meinung, dass Sie GPG nutzen sollten, denn das
hilft diejenigen zu schützen, die wirklich
GPG nutzen müssen.”
“GPG ist das Werkzeug, mit dem ich am
häufigsten mit Menschen in Not auf der
ganzen Welt kommuniziere.”
“Letztendlich sind wir Anwälte, wir
tauschen Dokumente und E-Mails aus und im
Herzen davon ist—die Sicherheit von
GPG.”
“Ich sprach mit einer
Quelle in
Russland. Ich habe ihm erklärt wie GPG
funktioniert, und er hat mir kürzlich
seine erste verschlüsselte E-Mail gesendet
und gesagt:
‘Vielen Dank, es hat mich wirklich
beruhigt, dass sie sich um meine Sicherheit
sorgen.’ ”
“Ob Sie einen GPG-Schlüssel haben oder
nicht, ob Sie je verschlüsselt E-Mails
versenden, Sie verlassen sich auf GPG um
sicherzustellen, dass
Softwareaktualisierungen wie erwartet
funktionieren.”
“GPG ist der Schlüssel um die
Verschwiegenheitspflicht von Anwälten in
unserer digitalen Welt umzusetzen.”
“GPG ist Teil der
ausgewogenen Ernährung eines jeden
Reporters, besonders wenn sie ihre Quellen
schützen wollen und von Whistleblowern
angesprochen werden möchten.”
“Die Journalisten für die wir Arbeiten
vertrauen darauf, dass wir wissen, wie man
sie am besten beschützt. Und die Art und
Weise wie wir die sichersten und
praktikablesten Werkzeuge — wie GPG
— einsetzen erfüllt diese
Anforderung.”
“Wir fühlen uns sehr sicher wenn wir GPG
einsetzen um die Daten von Studenten zu
schützen beim Austausch von Akten zwischen
Universitäten. Es beruhigt uns wirklich
sehr.”
“Für mich ist GPG eines der
Schlüsselwerkzeuge das wir benötigen, um
selbstbestimmt in den Vereinigten Staaten
und auf jedem Fleck der Erde in dem
Digitalen Zeitalter leben zu können.”
“Als eine Nachrichtenorganisation sind wir
ausgebildet GPG zu benutzen. Es geht um
die Quellen und was mit ihnen passiert
wenn man ihr Land verlässt, die brisante
Story veröffentlicht und die Regierung
nach dem Informant sucht, der einem die
Schlüsselinformation verriet.”
“Wir [bei SecureDrop] haben uns für GPG
statt anderer Alternativen entschieden,
überwiegend da GPG das bekannteste und am
meisten genutzte Werkzeug zur
asymmetrischen Verschlüsselung ist.”
“Als wir Universitäten kontaktierten um zu
fragen, wie sie sicher Dateien übertragen,
stellten wir fest, dass sie bereits mit
GPG verschlüsselten”
“Für mich persönlich ist der entscheidende
Vorteil von GPG, dass es mir ermöglicht
mit Menschen zu kommunizieren, die ich
sonst nicht erreichen könnte, um ihnen
entweder zu helfen oder ihre Geschichte zu
erzählen.”
“Aber auch wenn Sie ganz sicher sind, dass
Sie nichts zu verbergen haben, wenn Sie
denken, dass andere Menschen etwas
rechtmäßig und notwendig zu verbergen
haben, sind wir der Meinung, dass Sie GPG nutzen sollten, denn das
hilft diejenigen zu schützen, die wirklich
GPG nutzen müssen.”
“GPG hat uns noch nicht den Hintern
gerettet, aber die Tatsache, dass es da
ist—es lässt uns nachts ruhig
schlafen.”
+
+
-
+
+
+