diff --git a/install.sh b/install.sh index 45c1eed..a96cc11 100755 --- a/install.sh +++ b/install.sh @@ -1,9 +1,15 @@ #!/bin/bash +rm -rf locale + mkdir -p locale/de/LC_MESSAGES mkdir -p locale/es/LC_MESSAGES mkdir -p locale/cs/LC_MESSAGES +mkdir -p locale/fr/LC_MESSAGES +mkdir -p locale/sv/LC_MESSAGES msgfmt po/de.po -o locale/de/LC_MESSAGES/tinyca2.mo msgfmt po/es.po -o locale/es/LC_MESSAGES/tinyca2.mo msgfmt po/cs.po -o locale/cs/LC_MESSAGES/tinyca2.mo +msgfmt po/fr.po -o locale/fr/LC_MESSAGES/tinyca2.mo +msgfmt po/sv.po -o locale/sv/LC_MESSAGES/tinyca2.mo diff --git a/lib/CA.pm b/lib/CA.pm index 7e7fba6..f1f2407 100644 --- a/lib/CA.pm +++ b/lib/CA.pm @@ -349,7 +349,7 @@ sub get_ca_create { $opts = {}; $opts->{'days'} = 3650; # set default to 10 years $opts->{'bits'} = 4096; - $opts->{'digest'} = 'sha1'; + $opts->{'digest'} = 'sha256'; if(defined($mode) && $mode eq "sub") { # create SubCA, use defaults $opts->{'parentca'} = $main->{'CA'}->{'actca'}; @@ -453,7 +453,7 @@ sub get_ca_import { $opts = {}; $opts->{'days'} = 3650; # set default to 10 years $opts->{'bits'} = 4096; - $opts->{'digest'} = 'sha1'; + $opts->{'digest'} = 'sha256'; $main->show_ca_import_dialog($opts); return; @@ -1062,6 +1062,7 @@ sub create_ca { 'outdir' => $self->{$ca}->{'dir'}."/newcerts/", 'keyfile' => $self->{$ca}->{'dir'}."/cacert.key", 'cacertfile' => $self->{$ca}->{'dir'}."/cacert.pem", + 'digest' => $opts->{'digest'}, 'pass' => $opts->{'passwd'}, 'days' => $opts->{'days'}, 'parentpw' => $opts->{'parentpw'}, diff --git a/lib/CERT.pm b/lib/CERT.pm index 0bd4267..588b421 100644 --- a/lib/CERT.pm +++ b/lib/CERT.pm @@ -480,6 +480,9 @@ sub export_cert { $out = ''; $out .= "Fingerprint (MD5): $opts->{'parsed'}->{'FINGERPRINTMD5'}\n"; $out .= "Fingerprint (SHA1): $opts->{'parsed'}->{'FINGERPRINTSHA1'}\n\n"; + $out .= "Fingerprint (SHA256): $opts->{'parsed'}->{'FINGERPRINTSHA256'}\n\n"; + $out .= "Fingerprint (SHA384): $opts->{'parsed'}->{'FINGERPRINTSHA384'}\n\n"; + $out .= "Fingerprint (SHA512): $opts->{'parsed'}->{'FINGERPRINTSHA512'}\n\n"; } else { $out = ''; } diff --git a/lib/GUI.pm b/lib/GUI.pm index 3ed2eec..b7c86c7 100644 --- a/lib/GUI.pm +++ b/lib/GUI.pm @@ -29,14 +29,16 @@ my $true=1; # This hash maps our internal MD names to the displayed digest names. # Maybe it should live in a crypto-related file instead of a UI-related file? my %md_algorithms = ( - 'md5' => 'MD5', - 'sha1' => 'SHA1', - 'md2' => 'MD2', - 'mdc2' => 'MDC2', - 'md4' => 'MD4', + 'sha256' => 'SHA-256', + 'md5' => 'ins.MD5', +# n/a 'md2' => 'MD2', +# n/a 'mdc2' => 'MDC2', + 'md4' => 'ins.MD4', 'ripemd160' => 'RIPEMD-160', # 'sha' => 'SHA', - 'sha1' => 'SHA-1', + 'sha1' => 'ins.SHA-1', + 'sha384' => 'SHA-384', + 'sha512' => 'SHA-512', ); my %bit_lengths = ( @@ -58,7 +60,7 @@ sub new { bless($self, $class); - $self->{'version'} = '0.7.5'; + $self->{'version'} = '0.7.6'; $self->{'words'} = GUI::WORDS->new(); @@ -573,6 +575,12 @@ sub create_toolbar { } elsif($mode eq 'key') { + $button = Gtk2::ToolButton->new_from_stock('gtk-revert-to-saved'); + $self->{'toolbar'}->insert($button, -1); + $button->set_label(_("Import")); + $button->signal_connect('clicked', sub { + $self->{'KEY'}->get_import_key($self) }); + $button = Gtk2::ToolButton->new_from_stock('gtk-save'); $self->{'toolbar'}->insert($button, -1); $button->set_label(_("Export")); @@ -978,7 +986,7 @@ sub create_detail_tree { $piter = $store->append($root); $store->set($piter, 0 => $t); - for my $l qw(CN EMAIL O OU C ST L) { + for my $l (qw(CN EMAIL O OU C ST L)) { if(defined($parsed->{$l})) { if($l eq "OU") { foreach my $ou (@{$parsed->{'OU'}}) { @@ -1003,7 +1011,7 @@ sub create_detail_tree { $piter = $store->append($root); $store->set($piter, 0 => $t); - for my $l qw(CN EMAIL O OU C ST L) { + for my $l (qw(CN EMAIL O OU C ST L)) { if(defined($parsed->{'ISSUERDN'}->{$l})) { if($l eq "OU") { foreach my $ou (@{$parsed->{'ISSUERDN'}->{'OU'}}) { @@ -1029,7 +1037,7 @@ sub create_detail_tree { $piter = $store->append($root); $store->set($piter, 0 => $t); - for my $l qw(STATUS NOTBEFORE NOTAFTER) { + for my $l (qw(STATUS NOTBEFORE NOTAFTER)) { if(defined($parsed->{$l})) { $citer = $store->append($piter); $store->set($citer, @@ -1045,7 +1053,7 @@ sub create_detail_tree { $store->set($piter, 0 => $t); - for my $l qw(STATUS SERIAL KEYSIZE PK_ALGORITHM SIG_ALGORITHM TYPE) { + for my $l (qw(STATUS SERIAL KEYSIZE PK_ALGORITHM SIG_ALGORITHM TYPE)) { if(defined($parsed->{$l})) { $citer = $store->append($piter); $store->set($citer, @@ -1060,7 +1068,7 @@ sub create_detail_tree { $piter = $store->append($root); $store->set($piter, 0 => $t); - for my $l qw(FINGERPRINTMD5 FINGERPRINTSHA1) { + for my $l (qw(FINGERPRINTMD5 FINGERPRINTSHA1 FINGERPRINTSHA256 FINGERPRINTSHA384 FINGERPRINTSHA512)) { if(defined($parsed->{$l})) { $citer = $store->append($piter); $store->set($citer, @@ -1171,6 +1179,7 @@ sub show_select_ca_dialog { ); $box = GUI::HELPERS::dialog_box($t, $t, $button_ok, $button_cancel); + $box->set_default_size(240,320); $button_ok->grab_default(); @@ -1249,7 +1258,7 @@ sub show_req_dialog { # table for request data my $cc=0; my $ous = 1; - if(defined($opts->{'OU'})) { + if(defined($opts->{'OU'}) and ref($opts->{'OU'}) eq 'ARRAY') { $ous = @{$opts->{'OU'}} - 1; } $reqtable = Gtk2::Table->new(1, 13 + $ous, 0); @@ -1297,7 +1306,7 @@ sub show_req_dialog { _("Organization Name (eg. company):"), \$opts->{'O'}, $reqtable, 10, 1); - if(defined($opts->{'OU'})) { + if(defined($opts->{'OU'}) and ref($opts->{'OU'}) eq 'ARRAY') { foreach my $ou (@{$opts->{'OU'}}) { $entry = GUI::HELPERS::entry_to_table( _("Organizational Unit Name (eg. section):"), @@ -1616,6 +1625,17 @@ sub show_ca_export_dialog { return; } +# +# get filename for importing keys +# +sub show_key_import_dialog { + my ($self, $opts) = @_; + + # my $opts = {}; + my($box, $button_ok, $button_cancel, $button, $entry, $table, $label); + +} + # # get password for exporting keys # @@ -1746,6 +1766,7 @@ sub show_export_dialog { } $box = GUI::HELPERS::dialog_box($title, $text, $button_ok, $button_cancel); + $box->set_default_size(640, -1); # small table for file selection $table = Gtk2::Table->new(1, 3, 0); @@ -1753,7 +1774,7 @@ sub show_export_dialog { $box->vbox->add($table); $label = GUI::HELPERS::create_label(_("File:"), 'left', 0, 0); - $table->attach_defaults($label, 0, 1, 0, 1); + $table->attach($label, 0, 1, 0, 1, 'fill', 'fill', 0, 0); if($mode eq 'cert') { $t = _("Export Certificate"); @@ -1773,7 +1794,7 @@ sub show_export_dialog { $button->signal_connect('clicked' => sub{GUI::HELPERS::browse_file( $t, $fileentry, 'save')}); - $table->attach_defaults($button, 2, 3, 0, 1); + $table->attach($button, 2, 3, 0, 1, 'fill', 'fill', 0, 0); $label = GUI::HELPERS::create_label( _("Export Format:"), 'center', 0, 0); @@ -2521,12 +2542,14 @@ sub about { my ($aboutdialog, $href, $label); $aboutdialog = Gtk2::AboutDialog->new(); - $aboutdialog->set_name("TinyCA2"); + $aboutdialog->set_program_name("TinyCA2"); $aboutdialog->set_version($main->{'version'}); $aboutdialog->set_copyright("2002-2006 Stephan Martin"); $aboutdialog->set_license("GNU Public License (GPL)"); $aboutdialog->set_website("http://tinyca.sm-zone.net/"); - $aboutdialog->set_authors("Stephan Martin "); + $aboutdialog->set_authors( + "Stephan Martin "."\n". + "Thomas Hooge "); $aboutdialog->set_translator_credits( _("Czech: Robert Wolf ")."\n". _("Swedish: Daniel Nylander ")."\n". @@ -2534,6 +2557,8 @@ sub about { _("French: Thibault Le Meur ")); $aboutdialog->show_all(); + $aboutdialog->run; + $aboutdialog->destroy; return; } @@ -2634,7 +2659,7 @@ sub show_req_date_warning { my ($box, $button_ok, $button_cancel, $t); - $t = _("The Certificate will be longer valid than your CA!"); + $t = _("The certificate will be valid longer than its CA!"); $t .= "\n"; $t .= _("This may cause problems with some software!!"); @@ -3088,18 +3113,21 @@ sub _create_req_menu { sub _fill_radiobox { my($radiobox, $var, %values) = @_; - my($previous_key, $value); + my($active_key, $previous_key, $value); + $active_key = undef; $previous_key = undef; - for $value (keys %values) { + for $value (sort keys %values) { my $display_name = $values{$value}; my $key = Gtk2::RadioButton->new($previous_key, $display_name); - $key->set_active(1) if(defined($$var) && $$var eq $value); + #$key->set_active(1) if(defined($$var) && $$var eq $value); + $active_key = $key if(defined($$var) && $$var eq $value); $key->signal_connect('toggled' => sub{GUI::CALLBACK::toggle_to_var($key, $var, $value)}); $radiobox->add($key); $previous_key = $key; } + $active_key->set_active(1) if ($active_key); } 1 diff --git a/lib/GUI/WORDS.pm b/lib/GUI/WORDS.pm index efd64d6..9cb1d35 100644 --- a/lib/GUI/WORDS.pm +++ b/lib/GUI/WORDS.pm @@ -70,6 +70,9 @@ sub new { 'STATUS' => _("Status"), 'FINGERPRINTMD5' => _("Fingerprint (MD5)"), 'FINGERPRINTSHA1' => _("Fingerprint (SHA1)"), + 'FINGERPRINTSHA256' => _("Fingerprint (SHA256)"), + 'FINGERPRINTSHA384' => _("Fingerprint (SHA384)"), + 'FINGERPRINTSHA512' => _("Fingerprint (SHA512)"), _("Not set") => 'none', _("Ask User") => 'user', _("critical") => 'critical', diff --git a/lib/GUI/X509_browser.pm b/lib/GUI/X509_browser.pm index 4fb6cec..8cb1a71 100644 --- a/lib/GUI/X509_browser.pm +++ b/lib/GUI/X509_browser.pm @@ -624,7 +624,7 @@ sub selection_cadir { $dir = $self->{'actdir'}; # cut off the last directory name to provide the ca-directory - $dir =~ s/\/certs|\/req|\/keys$//; + $dir =~ s/(\/certs|\/req|\/keys)$//; return($dir); } diff --git a/lib/GUI/X509_infobox.pm b/lib/GUI/X509_infobox.pm index 97f6280..ca201f3 100644 --- a/lib/GUI/X509_infobox.pm +++ b/lib/GUI/X509_infobox.pm @@ -90,6 +90,15 @@ sub display { 'center', 0, 0); $self->{'x509textbox'}->pack_start($self->{'certfingerprintsha1'}, 0, 0, 0); + + if(defined($self->{'certfingerprintsha256'})) { + $self->{'certfingerprintsha256'}->destroy(); + } + $self->{'certfingerprintsha256'} = GUI::HELPERS::create_label( + _("Fingerprint (SHA256)").": ".$parsed->{'FINGERPRINTSHA256'}, + 'center', 0, 0); + $self->{'x509textbox'}->pack_start($self->{'certfingerprintsha256'}, + 0, 0, 0); } if (($mode eq 'cert') || ($mode eq 'cacert')) { diff --git a/lib/KEY.pm b/lib/KEY.pm index ad37527..fa928be 100644 --- a/lib/KEY.pm +++ b/lib/KEY.pm @@ -30,6 +30,23 @@ sub new { bless($self, $class); } +# +# get informations to import key from file +# +sub get_import_key { + my ($self, $main, $opts, $box) = @_; + + $box->destroy() if(defined($box)); + + GUI::HELPERS::print_warning(_("Import Key: Function does not yet exist.")); + +# if(not defined($opts)) { +# $main->show_key_import_dialog(); +# return; +# } + +} + # # get name of keyfile to delete # diff --git a/lib/OpenSSL.pm b/lib/OpenSSL.pm index 3422bcf..f388b92 100644 --- a/lib/OpenSSL.pm +++ b/lib/OpenSSL.pm @@ -22,6 +22,7 @@ package OpenSSL; use POSIX; use IPC::Open3; +use IO::Select; use Time::Local; sub new { @@ -41,7 +42,7 @@ sub new { close(TEST); # set version (format: e.g. 0.9.7 or 0.9.7a) - if($v =~ /\b(0\.9\.[678][a-z]?)\b/) { + if($v =~ /\b(0\.9\.[6-9][a-z]?)\b/ || $v =~ /\b(1\.0\.[01][a-z]?)\b/) { $self->{'version'} = $1; } @@ -142,7 +143,13 @@ sub signreq { $cmd .= " -in \"$opts->{'reqfile'}\""; $cmd .= " -days $opts->{'days'}"; $cmd .= " -preserveDN"; - $cmd .= " -md $opts->{'digest'}" if($opts->{'digest'}); + if($opts->{'digest'}){ + if (lc $opts->{'digest'} eq 'sha1') { + # force sha256 instead of deprecated sha1 + $opts->{'digest'} = "sha256"; + } + $cmd .= " -md $opts->{'digest'}"; + }; if(defined($opts->{'mode'}) && $opts->{'mode'} eq "sub") { $cmd .= " -keyfile \"$opts->{'keyfile'}\""; @@ -673,6 +680,47 @@ sub parsecert { GUI::HELPERS::print_warning($t, $ext); } + $cmd = "$self->{'bin'} x509 -noout -fingerprint -sha256 -in $file"; + $ext = "$cmd\n\n"; + $pid = open3($wtfh, $rdfh, $rdfh, $cmd); + while(<$rdfh>){ + $ext .= $_; + ($k, $v) = split(/=/); + $tmp->{'FINGERPRINTSHA256'} = $v if($k =~ /SHA256 Fingerprint/i); + chomp($tmp->{'FINGERPRINTSHA256'}); + } + waitpid($pid, 0); + $ret = $? >> 8; + + $cmd = "$self->{'bin'} x509 -noout -fingerprint -sha384 -in $file"; + $ext = "$cmd\n\n"; + $pid = open3($wtfh, $rdfh, $rdfh, $cmd); + while(<$rdfh>){ + $ext .= $_; + ($k, $v) = split(/=/); + $tmp->{'FINGERPRINTSHA384'} = $v if($k =~ /SHA384 Fingerprint/i); + chomp($tmp->{'FINGERPRINTSHA384'}); + } + waitpid($pid, 0); + $ret = $? >> 8; + + $cmd = "$self->{'bin'} x509 -noout -fingerprint -sha512 -in $file"; + $ext = "$cmd\n\n"; + $pid = open3($wtfh, $rdfh, $rdfh, $cmd); + while(<$rdfh>){ + $ext .= $_; + ($k, $v) = split(/=/); + $tmp->{'FINGERPRINTSHA512'} = $v if($k =~ /SHA512 Fingerprint/i); + chomp($tmp->{'FINGERPRINTSHA512'}); + } + waitpid($pid, 0); + $ret = $? >> 8; + + if($ret) { + $t = _("Error reading fingerprint from Certificate"); + GUI::HELPERS::print_warning($t, $ext); + } + # get subject in openssl format $cmd = "$self->{'bin'} x509 -noout -subject -in $file"; $ext = "$cmd\n\n"; @@ -817,7 +865,7 @@ sub convdata { my $self = shift; my $opts = { @_ }; - my ($tmp, $ext, $ret, $file, $pid, $cmd); + my ($tmp, $ext, $ret, $file, $pid, $cmd, $cmdout, $cmderr); $file = HELPERS::mktmp($self->{'tmp'}."/data"); $cmd = "$self->{'bin'} $opts->{'cmd'}"; @@ -830,16 +878,7 @@ sub convdata { $cmd .= " -outform $opts->{'outform'}"; } - my($rdfh, $wtfh); - $ext = "$cmd\n\n"; - $pid = open3($wtfh, $rdfh, $rdfh, $cmd); - print $wtfh "$opts->{'data'}\n"; - while(<$rdfh>){ - $ext .= $_; - # print STDERR "DEBUG: cmd ret: $_"; - }; - waitpid($pid, 0); - $ret = $?>>8; + ($ret, $tmp, $ext) = _run_with_fixed_input($cmd, $opts->{'data'}); if($self->{'broken'}) { if(($ret != 0 && $opts->{'cmd'} ne 'crl') || @@ -859,14 +898,15 @@ sub convdata { } } - open(IN, $file) || do { - my $t = sprintf(_("Can't open file %s: %s"), $file, $!); - GUI::HELPERS::print_warning($t); - return; - }; - $tmp .= $_ while(); - close(IN); - + if (-s $file) { # If the file is empty, the payload is in $tmp (via STDOUT of the called process). + open(IN, $file) || do { + my $t = sprintf(_("Can't open file %s: %s"), $file, $!); + GUI::HELPERS::print_warning($t); + return; + }; + $tmp .= $_ while(); + close(IN); + } unlink($file); return($ret, $tmp, $ext); @@ -1076,4 +1116,72 @@ sub _get_index { } } + +=over + +=item _run_with_fixed_input($cmd, $input) + +This function runs C<$cmd> and writes the C<$input> to STDIN of the +new process (all at once). + +While the command runs, all of its output to STDOUT and STDERR is +collected. + +After the command terminates (closes both STDOUT and STDIN) the +function returns the command's return value as well as everything it +wrote to its STDOUT and STDERR in a list. + +=back + +=cut + +sub _run_with_fixed_input { + my $cmd = shift; + my $input = shift; + + my ($wtfh, $rdfh, $erfh, $pid, $sel, $ret, $stdout, $stderr); + $erfh = Symbol::gensym; # Must not be false, otherwise it is lumped together with rdfh + + # Run the command + $pid = open3($wtfh, $rdfh, $erfh, $cmd); + print $wtfh $input, "\n"; + + $stdout = ''; + $stderr = ''; + $sel = new IO::Select($rdfh, $erfh); + while (my @fhs = $sel->can_read()) { + foreach my $fh (@fhs) { + if ($fh == $rdfh) { # STDOUT + my $bytes_read = sysread($fh, my $buf='', 1024); + if ($bytes_read == -1) { + warn("Error reading from child's STDOUT: $!\n"); + $sel->remove($fh); + } elsif ($bytes_read == 0) { + # print("Child's STDOUT closed.\n"); + $sel->remove($fh); + } else { + $stdout .= $buf; + } + } + elsif ($fh == $erfh) { # STDERR + my $bytes_read = sysread($fh, my $buf='', 1024); + if ($bytes_read == -1) { + warn("Error reading from child's STDERR: $!\n"); + $sel->remove($fh); + } elsif ($bytes_read == 0) { + # print("Child's STDERR closed.\n"); + $sel->remove($fh); + } else { + $stderr .= $buf; + } + } + } + } + + waitpid($pid, 0); + $ret = $?>>8; + + return ($ret, $stdout, $stderr) + } + 1 diff --git a/lib/REQ.pm b/lib/REQ.pm index a3b6138..86e693e 100644 --- a/lib/REQ.pm +++ b/lib/REQ.pm @@ -59,7 +59,7 @@ sub get_req_create { GUI::HELPERS::print_error($t); } $opts->{'bits'} = 4096; - $opts->{'digest'} = 'sha1'; + $opts->{'digest'} = 'sha256'; $opts->{'algo'} = 'rsa'; if(defined($opts) && $opts eq "sign") { $opts->{'sign'} = 1; @@ -426,6 +426,12 @@ sub get_sign_req { $opts->{'digest'} = "md5"; } elsif ($opts->{'digest'} =~ /^sha1/) { $opts->{'digest'} = "sha1"; + } elsif ($opts->{'digest'} =~ /^sha256/) { + $opts->{'digest'} = "sha256"; + } elsif ($opts->{'digest'} =~ /^sha384/) { + $opts->{'digest'} = "sha384"; + } elsif ($opts->{'digest'} =~ /^sha512/) { + $opts->{'digest'} = "sha512"; } elsif ($opts->{'digest'} =~ /^ripemd160/) { $opts->{'digest'} = "ripemd160"; } else { diff --git a/po/cs.po b/po/cs.po index b8f03c4..4271819 100644 --- a/po/cs.po +++ b/po/cs.po @@ -1257,7 +1257,7 @@ msgid "if the corresponding certificate is still valid" msgstr "pokud odpovídající certifikát je stále platný" #: ../lib/GUI.pm:2636 -msgid "The Certificate will be longer valid than your CA!" +msgid "The certificate will be valid longer than its CA!" msgstr "Certifikát bude platný déle než VaÅ¡e CA!" #: ../lib/GUI.pm:2638 diff --git a/po/de.po b/po/de.po index 82b0cdb..7b4ba94 100644 --- a/po/de.po +++ b/po/de.po @@ -1245,7 +1245,7 @@ msgid "if the corresponding certificate is still valid" msgstr "falls das Zertifikat noch gültig ist" #: ../lib/GUI.pm:2636 -msgid "The Certificate will be longer valid than your CA!" +msgid "The certificate will be valid longer than its CA!" msgstr "Das Zertifikat wird länger gültig sein als die CA!" #: ../lib/GUI.pm:2638 diff --git a/po/es.po b/po/es.po index 55f70c2..f5355ad 100644 --- a/po/es.po +++ b/po/es.po @@ -1260,7 +1260,7 @@ msgid "if the corresponding certificate is still valid" msgstr "¡Si el Certificado correspondiente no ha caducado o ha sido revocado " #: ../lib/GUI.pm:2636 -msgid "The Certificate will be longer valid than your CA!" +msgid "The certificate will be valid longer than its CA!" msgstr "¡El Certificado tendrá mayor duración que la CA!" #: ../lib/GUI.pm:2638 diff --git a/po/fr.po b/po/fr.po index 59f27e3..54f5a6a 100644 --- a/po/fr.po +++ b/po/fr.po @@ -1257,7 +1257,7 @@ msgid "if the corresponding certificate is still valid" msgstr "Si le Certificat correspondant est tjours valide" #: ../lib/GUI.pm:2636 -msgid "The Certificate will be longer valid than your CA!" +msgid "The certificate will be valid longer than its CA!" msgstr "" "La date de validité du Certificat dépasse la date de validité de la CA!" diff --git a/po/sv.po b/po/sv.po index feb1801..c813017 100644 --- a/po/sv.po +++ b/po/sv.po @@ -1,19 +1,23 @@ # Swedish translation of tinyca. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the tinyca package. +# # Daniel Nylander , 2006. +# Marcus Better , 2009. # msgid "" msgstr "" "Project-Id-Version: tinyca\n" "Report-Msgid-Bugs-To: \n" "POT-Creation-Date: 2005-06-05 18:44+0200\n" -"PO-Revision-Date: 2006-07-10 16:23+0100\n" -"Last-Translator: Daniel Nylander \n" +"PO-Revision-Date: 2009-10-19 12:02+0200\n" +"Last-Translator: Marcus Better \n" "Language-Team: Swedish \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=utf-8\n" "Content-Transfer-Encoding: 8bit\n" +"X-Generator: Lokalize 1.0\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" #: ../lib/CA.pm:45 msgid "error: can't open basedir: " @@ -253,7 +257,7 @@ msgstr "Kan inte skriva certifikatfil: %s" #: ../lib/CA.pm:766 #: ../lib/CA.pm:912 msgid "Can't open Index file: " -msgstr "Kan inte öppna Index-fil: " +msgstr "Kan inte öppna indexfil: " #: ../lib/CA.pm:774 #: ../lib/CA.pm:919 @@ -652,7 +656,7 @@ msgstr "Typ" #: ../lib/GUI.pm:246 msgid "Keys" -msgstr "Tangenter" +msgstr "Nycklar" #: ../lib/GUI.pm:289 msgid "Requests" @@ -1383,7 +1387,7 @@ msgid "if the corresponding certificate is still valid" msgstr "om det korresponderande certifikatet är giltigt fortfarande" #: ../lib/GUI.pm:2675 -msgid "The Certificate will be longer valid than your CA!" +msgid "The certificate will be valid longer than its CA!" msgstr "Certifikatet kommer vara giltigt längre än ditt CA!" #: ../lib/GUI.pm:2677 diff --git a/templates/openssl.cnf b/templates/openssl.cnf index 8bc7e57..2074078 100644 --- a/templates/openssl.cnf +++ b/templates/openssl.cnf @@ -15,7 +15,7 @@ RANDFILE = $dir/.rand x509_extensions = client_cert default_days = 365 default_crl_days= 30 -default_md = sha1 +default_md = sha256 preserve = no policy = policy_client @@ -33,7 +33,7 @@ RANDFILE = $dir/.rand x509_extensions = server_cert default_days = 365 default_crl_days= 30 -default_md = sha1 +default_md = sha256 preserve = no policy = policy_server @@ -51,7 +51,7 @@ RANDFILE = $dir/.rand x509_extensions = v3_ca default_days = 365 default_crl_days= 30 -default_md = sha1 +default_md = sha256 preserve = no policy = policy_ca diff --git a/tinyca2 b/tinyca2 index 7a7998c..29308a2 100755 --- a/tinyca2 +++ b/tinyca2 @@ -85,8 +85,17 @@ if(not -d $init->{'templatedir'}) { } # location for CA files -$init->{'basedir'} = $ENV{HOME}."/.TinyCA"; -$init->{'exportdir'} = $ENV{HOME}; +if( exists $ENV{'TINYCA_BASEDIR'}) { + $init->{'basedir'} = $ENV{'TINYCA_BASEDIR'} +} else { + $init->{'basedir'} = $ENV{HOME}."/.TinyCA"; +} + +if( exists $ENV{'TINYCA_EXPORTDIR'}) { + $init->{'exportdir'} = $ENV{'TINYCA_EXPORTDIR'}; +} else { + $init->{'exportdir'} = $ENV{HOME}; +} umask(0077);