Hello community,

here is the log from the commit of package gwenhywfar for openSUSE:Factory 
checked in at 2016-10-18 10:43:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/gwenhywfar (Old)
 and      /work/SRC/openSUSE:Factory/.gwenhywfar.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "gwenhywfar"

Changes:
--------
--- /work/SRC/openSUSE:Factory/gwenhywfar/gwenhywfar.changes    2016-09-12 
13:27:42.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.gwenhywfar.new/gwenhywfar.changes       
2016-10-18 10:43:08.000000000 +0200
@@ -1,0 +2,6 @@
+Fri Oct 14 19:02:52 UTC 2016 - jcnen...@gmail.com
+
+- Update to 4.16.0
+  + Fix issues handling certificates
+
+-------------------------------------------------------------------

Old:
----
  gwenhywfar-4.15.5beta.tar.gz

New:
----
  gwenhywfar-4.16.0beta.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ gwenhywfar.spec ++++++
--- /var/tmp/diff_new_pack.phjBUM/_old  2016-10-18 10:43:10.000000000 +0200
+++ /var/tmp/diff_new_pack.phjBUM/_new  2016-10-18 10:43:10.000000000 +0200
@@ -17,9 +17,9 @@
 
 
 %define        libversion      60
-%define devversion 4.15
+%define devversion 4.16
 Name:           gwenhywfar
-Version:        4.15.5beta
+Version:        4.16.0beta
 Release:        0
 Summary:        Multiplatform helper library for other libraries
 License:        GPL-2.0+ and LGPL-2.1+
@@ -33,6 +33,7 @@
 BuildRequires:  libgcrypt-devel >= 1.2.0
 BuildRequires:  libopenssl-devel
 BuildRequires:  libqt4-devel
+#BuildRequires:  qt-devel
 %if 0%{?fedora} == 15
 BuildRequires:  fox-devel >= 1.6
 %else

++++++ gwenhywfar-4.15.5beta.tar.gz -> gwenhywfar-4.16.0beta.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/ChangeLog 
new/gwenhywfar-4.16.0beta/ChangeLog
--- old/gwenhywfar-4.15.5beta/ChangeLog 2016-07-14 22:48:20.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/ChangeLog 2016-10-12 18:57:44.000000000 +0200
@@ -1,4 +1,64 @@
 ------------------------------------------------------------------
+2016-10-12 18:55:46 +0200 Martin Preuss
+Prepared release 4.16.0beta.
+
+------------------------------------------------------------------
+2016-10-12 18:51:33 +0200 Martin Preuss
+gct-tool: Added command "showpasswords"
+This command lists the passwords stored in a GWEN_PASSWD_STORE (which is used
+by AqFinance to store passwords).
+
+------------------------------------------------------------------
+2016-10-12 18:50:32 +0200 Martin Preuss
+Added function GWEN_PasswordStore_GetTokenList().
+This functions returns a list of tokens stored in a GWEN_PASSWD_STORE.
+
+------------------------------------------------------------------
+2016-10-07 21:03:35 +0200 Martin Preuss
+Prepared 4.15.6beta.
+
+------------------------------------------------------------------
+2016-10-07 21:03:17 +0200 Martin Preuss
+Improved readability slightly.
+
+------------------------------------------------------------------
+2016-08-27 21:13:19 +0200 Martin Preuss
+Test...
+
+------------------------------------------------------------------
+2016-08-27 00:34:20 +0200 Martin Preuss
+Test...
+
+------------------------------------------------------------------
+2016-07-28 00:05:46 +0200 Martin Preuss
+Fixed a typo.
+
+------------------------------------------------------------------
+2016-07-27 23:36:23 +0200 Martin Preuss
+Work on certificate handling for GNUTLS.
+- we no longer maintain our own certificate files
+- we now optionally try to find system-wide installed certificate
+  files in /etc/ssl/certs and in /usr/share/ca-certificates on non-win32
+  systems. There is currently no solution for the case when both approaches
+  fail. There is of course gnutls_certificate_set_x509_system_trust(), but
+  that is only available since 3.0.20 and doesn not always work as expected
+  (according to 
https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/)
+  Also, this doesn't work for precompiled and packaged binaries like those
+  of AqFinance, since the function uses those certificate files/dirs set at
+  compile-time of gnutls, and since the build system isn't necessarily the
+  target system, this approach might not always work.
+- removed configure option --enable-builtin-certs
+- added configure option --enable-system-certs
+
+------------------------------------------------------------------
+2016-07-27 23:30:00 +0200 Martin Preuss
+Added some stuff to TOD file to remember later...
+
+------------------------------------------------------------------
+2016-07-26 17:02:45 +0200 Martin Preuss
+Fixed a problem in as-scrub-include.m4 (patch by Thomas Baumgart from 
KMyMoney).
+
+------------------------------------------------------------------
 2016-07-14 22:01:52 +0200 Martin Preuss
 Prepared release 4.15.5beta.
 
@@ -488,83 +548,3 @@
 2014-07-08 12:43:31 +0000 martin
 Fixed version string creation.
 git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2336 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-08 12:43:27 +0000 martin
-Added .gitignore entries.
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2335 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-08 12:32:53 +0000 martin
-Added CMake package configuration files
-May not work on Mac OSX or Windows because library extensision .so is
-hard coded.
-
-From: Christian Dávid <christian-da...@web.de>
-
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2334 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-04 12:33:12 +0000 martin
-Export a function which I need in AqRadBase.
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2333 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:40:36 +0000 martin
-Fixed my latest changes.
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2332 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:40:29 +0000 martin
-Removed work-in-progress from normal compiling.
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2331 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:40:23 +0000 martin
-Added built files to EXTRA_DIST.
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2330 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:32:47 +0000 martin
-Fix 3rsa test.
-From: Elias Oltmanns <e...@nebensachen.de>
-
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2329 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:32:40 +0000 martin
-Only generate RSA keys whose modulus length in bits is a multiple of 8
-According to the documentation of Libgcrypt, the length in bits
-specified when generating key pairs should always be a multiple of 8.
-Hence, the usage of GWEN_Crypt_KeyRsa_GeneratePair2() is deprecated.
-
-From: Elias Oltmanns <e...@nebensachen.de>
-
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2328 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:32:32 +0000 martin
-Be careful about sign issues when cropping buffers.
-From: Elias Oltmanns <e...@nebensachen.de>
-
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2327 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:32:25 +0000 martin
-Fix potential overrun in GWEN_Buffer_RemoveRoom()
-Also reported and a similar patch provided by
-G. Paul Ziemba <pz-aqbanking-u...@ziemba.us>.
-
-From: Elias Oltmanns <e...@nebensachen.de>
-
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2326 
70169cfe-8b10-0410-8925-dcb4b91034d8
-
-------------------------------------------------------------------
-2014-07-03 11:32:19 +0000 martin
-Rely on GWEN_Buffer_AllocRoom() to get things right
-Checks for overflow and provision for an extra null character are
-taken care of in one place and the caller should rely on that.
-
-From: Elias Oltmanns <e...@nebensachen.de>
-
-git-svn-id: https://devel.aqbanking.de/svn/gwenhywfar/trunk@2325 
70169cfe-8b10-0410-8925-dcb4b91034d8
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/TODO 
new/gwenhywfar-4.16.0beta/TODO
--- old/gwenhywfar-4.15.5beta/TODO      2014-07-23 22:28:23.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/TODO      2016-10-07 20:46:38.000000000 +0200
@@ -17,3 +17,20 @@
   C++: genfull -g cppdepn
 - Show callgraph for s specific function:
   gengraph -f FUNCTION_NAME -o OUTFILENAME --output-type=png
+
+
+
+
+# read openssl certs
+d = opendir("/etc/ssl/certs");
+gnutls_certificate_allocate_credentials(&ca_list);
+while ((dent = readdir(d)) != NULL) {
+  sprintf(ca_file, "/etc/ssl/certs/%s", dent->d_name);
+  stat(ca_file, &s);
+  if (!S_ISREG(s.st_mode)) continue;
+  gnutls_certificate_set_x509_trust_file(ca_list, ca_file,
+       GNUTLS_X509_FMT_PEM);
+}
+closedir(d);
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/config.h.in 
new/gwenhywfar-4.16.0beta/config.h.in
--- old/gwenhywfar-4.15.5beta/config.h.in       2016-07-14 22:00:17.000000000 
+0200
+++ new/gwenhywfar-4.16.0beta/config.h.in       2016-10-12 18:56:11.000000000 
+0200
@@ -75,8 +75,8 @@
 /* if memory debugging is wanted */
 #undef GWEN_MEMORY_DEBUG
 
-/* whether builtin trusted certificates should be set */
-#undef GWEN_TLS_USE_BUILTIN_CERTIFICATES
+/* whether system-wide trusted certificates should be set */
+#undef GWEN_TLS_USE_SYSTEM_CERTIFICATES
 
 /* Define to 1 if you have the `alarm' function. */
 #undef HAVE_ALARM
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/configure 
new/gwenhywfar-4.16.0beta/configure
--- old/gwenhywfar-4.15.5beta/configure 2016-07-14 21:59:53.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/configure 2016-10-12 18:55:46.000000000 +0200
@@ -925,7 +925,7 @@
 enable_binreloc
 enable_binreloc_threads
 enable_gwen_subproject
-enable_builtin_certs
+enable_system_certs
 enable_network_checks
 enable_local_install
 with_plugin_searchdir
@@ -1638,7 +1638,7 @@
   --enable-binreloc-threads      compile binary relocation with threads support
                                 (default=yes)
   --enable-gwen-subproject       make gwen only a subproject (default=no)
-  --enable-builtin-certs         use built-in certificates (default=no)
+  --enable-system-certs         use system-wide certificates (default=no)
   --disable-network-checks       disables checks that assume available network 
during build (default=enabled)
   --enable-local-install         allow local installation mode (default=no)
   --enable-variadic-macros         enable variadic macros (default=yes)
@@ -2888,8 +2888,8 @@
 # versions
 #
 GWENHYWFAR_VERSION_MAJOR=4
-GWENHYWFAR_VERSION_MINOR=15
-GWENHYWFAR_VERSION_PATCHLEVEL=5
+GWENHYWFAR_VERSION_MINOR=16
+GWENHYWFAR_VERSION_PATCHLEVEL=0
 GWENHYWFAR_VERSION_BUILD=0
 GWENHYWFAR_VERSION_TAG="beta"
 
@@ -2899,9 +2899,9 @@
 #
 # SO version for Gwenhywfar
 #
-GWENHYWFAR_SO_CURRENT="75"
-GWENHYWFAR_SO_AGE="15"
-GWENHYWFAR_SO_REVISION="5"
+GWENHYWFAR_SO_CURRENT="76"
+GWENHYWFAR_SO_AGE="16"
+GWENHYWFAR_SO_REVISION="0"
 GWENHYWFAR_SO_EFFECTIVE="`echo 
\$(($GWENHYWFAR_SO_CURRENT-$GWENHYWFAR_SO_AGE))`"
 
 
@@ -19844,21 +19844,21 @@
 # check whether accompanying certificates should be used
 #
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether builtin trusted 
certificates should be set" >&5
-$as_echo_n "checking whether builtin trusted certificates should be set... " 
>&6; }
-# Check whether --enable-builtin-certs was given.
-if test "${enable_builtin_certs+set}" = set; then :
-  enableval=$enable_builtin_certs; enable_builtin_certs="$enableval"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether system-wide trusted 
certificates should be set" >&5
+$as_echo_n "checking whether system-wide trusted certificates should be set... 
" >&6; }
+# Check whether --enable-system-certs was given.
+if test "${enable_system_certs+set}" = set; then :
+  enableval=$enable_system_certs; enable_system_certs="$enableval"
 else
-  enable_builtin_certs="no"
+  enable_system_certs="no"
 fi
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_builtin_certs" >&5
-$as_echo "$enable_builtin_certs" >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_system_certs" >&5
+$as_echo "$enable_system_certs" >&6; }
 
-if test "$enable_builtin_certs" != "no"; then
+if test "$enable_system_certs" != "no"; then
 
-$as_echo "#define GWEN_TLS_USE_BUILTIN_CERTIFICATES 1" >>confdefs.h
+$as_echo "#define GWEN_TLS_USE_SYSTEM_CERTIFICATES 1" >>confdefs.h
 
 fi
 
@@ -21806,7 +21806,7 @@
 
       INCLUDE_DIRS=`echo $INCLUDE_DIRS | sed -e 's/.*<...> search starts 
here://' | sed -e 's/End of search list.*//'`
   for dir in $INCLUDE_DIRS; do
-    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e "s;-I$dir ;;" | sed -e 
"s;-I$dir$;;")
+    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e 's;-I$dir ;;' | sed -e 
's;-I$dir$;;')
   done
   fox_includes=$GIVEN_CFLAGS
 
@@ -22247,7 +22247,7 @@
 
       INCLUDE_DIRS=`echo $INCLUDE_DIRS | sed -e 's/.*<...> search starts 
here://' | sed -e 's/End of search list.*//'`
   for dir in $INCLUDE_DIRS; do
-    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e "s;-I$dir ;;" | sed -e 
"s;-I$dir$;;")
+    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e 's;-I$dir ;;' | sed -e 
's;-I$dir$;;')
   done
   qt4_includes=$GIVEN_CFLAGS
 
@@ -23580,7 +23580,7 @@
 
       INCLUDE_DIRS=`echo $INCLUDE_DIRS | sed -e 's/.*<...> search starts 
here://' | sed -e 's/End of search list.*//'`
   for dir in $INCLUDE_DIRS; do
-    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e "s;-I$dir ;;" | sed -e 
"s;-I$dir$;;")
+    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e 's;-I$dir ;;' | sed -e 
's;-I$dir$;;')
   done
   ssl_includes=$GIVEN_CFLAGS
 
@@ -23590,7 +23590,7 @@
 
       INCLUDE_DIRS=`echo $INCLUDE_DIRS | sed -e 's/.*<...> search starts 
here://' | sed -e 's/End of search list.*//'`
   for dir in $INCLUDE_DIRS; do
-    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e "s;-I$dir ;;" | sed -e 
"s;-I$dir$;;")
+    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e 's;-I$dir ;;' | sed -e 
's;-I$dir$;;')
   done
   gwenhywfar_includes=$GIVEN_CFLAGS
 
@@ -23600,7 +23600,7 @@
 
       INCLUDE_DIRS=`echo $INCLUDE_DIRS | sed -e 's/.*<...> search starts 
here://' | sed -e 's/End of search list.*//'`
   for dir in $INCLUDE_DIRS; do
-    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e "s;-I$dir ;;" | sed -e 
"s;-I$dir$;;")
+    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e 's;-I$dir ;;' | sed -e 
's;-I$dir$;;')
   done
   all_includes=$GIVEN_CFLAGS
 
@@ -26954,6 +26954,7 @@
 echo "Symbol Visibility             : $visibility_supported"
 echo "OpenSSL Support for gct-tool  : $ssl_available"
 echo "GUI Support                   : $gwenhywfar_guis"
+echo "Use system-wide certificates  : $enable_system_certs"
 
 if test "$HAVE_GNUTLS_TRANSPORT_SET_ERRNO" = "yes"; then
   echo "GNUTLS                        : 1.6.1 or higher"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/configure.ac 
new/gwenhywfar-4.16.0beta/configure.ac
--- old/gwenhywfar-4.15.5beta/configure.ac      2016-07-14 21:59:33.000000000 
+0200
+++ new/gwenhywfar-4.16.0beta/configure.ac      2016-10-12 18:55:27.000000000 
+0200
@@ -28,8 +28,8 @@
 # versions
 #
 GWENHYWFAR_VERSION_MAJOR=4
-GWENHYWFAR_VERSION_MINOR=15
-GWENHYWFAR_VERSION_PATCHLEVEL=5
+GWENHYWFAR_VERSION_MINOR=16
+GWENHYWFAR_VERSION_PATCHLEVEL=0
 GWENHYWFAR_VERSION_BUILD=0
 dnl "stable", "rcX", "betaX", "cvs"
 GWENHYWFAR_VERSION_TAG="beta"
@@ -40,9 +40,9 @@
 #
 # SO version for Gwenhywfar
 #
-GWENHYWFAR_SO_CURRENT="75"
-GWENHYWFAR_SO_AGE="15"
-GWENHYWFAR_SO_REVISION="5"
+GWENHYWFAR_SO_CURRENT="76"
+GWENHYWFAR_SO_AGE="16"
+GWENHYWFAR_SO_REVISION="0"
 GWENHYWFAR_SO_EFFECTIVE="`echo 
\$(($GWENHYWFAR_SO_CURRENT-$GWENHYWFAR_SO_AGE))`"
 
 
@@ -320,15 +320,15 @@
 # check whether accompanying certificates should be used
 #
 
-AC_MSG_CHECKING(whether builtin trusted certificates should be set)
-AC_ARG_ENABLE(builtin-certs,
-  [  --enable-builtin-certs         use built-in certificates (default=no)],
-  enable_builtin_certs="$enableval",
-  enable_builtin_certs="no")
-AC_MSG_RESULT($enable_builtin_certs)
+AC_MSG_CHECKING(whether system-wide trusted certificates should be set)
+AC_ARG_ENABLE(system-certs,
+  [  --enable-system-certs         use system-wide certificates (default=no)],
+  enable_system_certs="$enableval",
+  enable_system_certs="no")
+AC_MSG_RESULT($enable_system_certs)
 
-if test "$enable_builtin_certs" != "no"; then
-  AC_DEFINE(GWEN_TLS_USE_BUILTIN_CERTIFICATES, 1, [whether builtin trusted 
certificates should be set])
+if test "$enable_system_certs" != "no"; then
+  AC_DEFINE(GWEN_TLS_USE_SYSTEM_CERTIFICATES, 1, [whether system-wide trusted 
certificates should be set])
 fi
 
 
@@ -1515,6 +1515,7 @@
 echo "Symbol Visibility             : $visibility_supported"
 echo "OpenSSL Support for gct-tool  : $ssl_available"
 echo "GUI Support                   : $gwenhywfar_guis"
+echo "Use system-wide certificates  : $enable_system_certs"
 
 if test "$HAVE_GNUTLS_TRANSPORT_SET_ERRNO" = "yes"; then
   echo "GNUTLS                        : 1.6.1 or higher"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/gwenhywfar.spec 
new/gwenhywfar-4.16.0beta/gwenhywfar.spec
--- old/gwenhywfar-4.15.5beta/gwenhywfar.spec   2016-07-14 22:00:10.000000000 
+0200
+++ new/gwenhywfar-4.16.0beta/gwenhywfar.spec   2016-10-12 18:56:05.000000000 
+0200
@@ -3,7 +3,7 @@
 
 
 %define name gwenhywfar
-%define version 4.15.5beta
+%define version 4.16.0beta
 %define rpm_cxxflags \"-O2 -march=i486 -mcpu=i586\"
 %define rpm_cflags \"-O2 -march=i486 -mcpu=i586\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/m4/as-scrub-include.m4 
new/gwenhywfar-4.16.0beta/m4/as-scrub-include.m4
--- old/gwenhywfar-4.15.5beta/m4/as-scrub-include.m4    2016-05-23 
22:32:58.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/m4/as-scrub-include.m4    2016-07-26 
16:57:21.000000000 +0200
@@ -26,7 +26,7 @@
   dnl line
   INCLUDE_DIRS=`echo $INCLUDE_DIRS | sed -e 's/.*<...> search starts here://' 
| sed -e 's/End of search list.*//'`
   for dir in $INCLUDE_DIRS; do
-    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e "s;-I$dir ;;" | sed -e 
"s;-I$dir$;;")
+    GIVEN_CFLAGS=$(echo $GIVEN_CFLAGS | sed -e 's;-I$dir ;;' | sed -e 
's;-I$dir$;;')
   done
   [$1]=$GIVEN_CFLAGS
 ])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/src/gui/passwdstore.c 
new/gwenhywfar-4.16.0beta/src/gui/passwdstore.c
--- old/gwenhywfar-4.15.5beta/src/gui/passwdstore.c     2014-10-12 
15:12:22.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/src/gui/passwdstore.c     2016-10-10 
19:40:42.000000000 +0200
@@ -723,4 +723,81 @@
 
 
 
+int GWEN_PasswordStore_GetTokenList(GWEN_PASSWD_STORE *sto, GWEN_STRINGLIST 
*sl) {
+  int rv;
+  GWEN_FSLOCK *lck;
+  GWEN_FSLOCK_RESULT rs;
+  int pwErrors;
+  GWEN_DB_NODE *dbVar;
+
+  /* make sure path exists */
+  rv=GWEN_Directory_GetPath(sto->fileName, GWEN_PATH_FLAGS_VARIABLE);
+  if (rv<0) {
+    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
+    return rv;
+  }
+
+  /* lock file */
+  lck=GWEN_FSLock_new(sto->fileName, GWEN_FSLock_TypeFile);
+  rs=GWEN_FSLock_Lock(lck, 60*1000, 0);
+  if (rs!=GWEN_FSLock_ResultOk) {
+    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rs);
+    return GWEN_ERROR_IO;
+  }
+
+  /* read and decode file */
+  rv=GWEN_PasswordStore_ReadFile(sto);
+  if (rv<0) {
+    DBG_INFO(GWEN_LOGDOMAIN, "here (%d)", rv);
+    GWEN_FSLock_Unlock(lck);
+    GWEN_FSLock_free(lck);
+    return rv;
+  }
+
+  /* unlock file */
+  GWEN_FSLock_Unlock(lck);
+  GWEN_FSLock_free(lck);
+
+
+  /* read list of tokens from the file */
+  pwErrors=0;
+  dbVar=GWEN_DB_GetFirstVar(sto->dbPasswords);
+  while(dbVar) {
+    const char *s;
+
+    s=GWEN_DB_VariableName(dbVar);
+    if (s && *s) {
+      GWEN_BUFFER *buf;
+      int rv;
+
+      buf=GWEN_Buffer_new(0, 256, 0, 1);
+      rv=GWEN_Text_UnescapeToBufferTolerant(s, buf);
+      if (rv<0) {
+       DBG_ERROR(GWEN_LOGDOMAIN, "Error unescaping token name (%d), ignoring", 
rv);
+       pwErrors++;
+      }
+      else {
+       GWEN_StringList_AppendString(sl, GWEN_Buffer_GetStart(buf), 0, 0);
+      }
+      GWEN_Buffer_free(buf);
+    }
+    else
+      pwErrors++;
+
+    dbVar=GWEN_DB_GetNextVar(dbVar);
+  }
+
+  /* release passwords */
+  GWEN_PasswordStore_SafeFreeDb(sto);
+
+  if (pwErrors) {
+    DBG_ERROR(GWEN_LOGDOMAIN, "Got %d errors.", pwErrors);
+    return GWEN_ERROR_GENERIC;
+  }
+
+  return 0;
+}
+
+
+
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/src/gui/passwdstore.h 
new/gwenhywfar-4.16.0beta/src/gui/passwdstore.h
--- old/gwenhywfar-4.15.5beta/src/gui/passwdstore.h     2014-07-23 
22:28:23.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/src/gui/passwdstore.h     2016-10-10 
21:44:02.000000000 +0200
@@ -27,6 +27,7 @@
 
 
 #include <gwenhywfar/gwenhywfarapi.h>
+#include <gwenhywfar/stringlist.h>
 
 
 #ifdef __cplusplus
@@ -51,6 +52,8 @@
 GWENHYWFAR_API
 int GWEN_PasswordStore_GetPassword(GWEN_PASSWD_STORE *sto, const char *token, 
char *buffer, int minLen, int maxLen);
 
+GWENHYWFAR_API
+int GWEN_PasswordStore_GetTokenList(GWEN_PASSWD_STORE *sto, GWEN_STRINGLIST 
*sl);
 
 
 #ifdef __cplusplus
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/src/ressource.rc 
new/gwenhywfar-4.16.0beta/src/ressource.rc
--- old/gwenhywfar-4.15.5beta/src/ressource.rc  2016-07-14 22:00:10.000000000 
+0200
+++ new/gwenhywfar-4.16.0beta/src/ressource.rc  2016-10-12 18:56:05.000000000 
+0200
@@ -43,8 +43,8 @@
 // Version
 
 VS_VERSION_INFO VERSIONINFO
- FILEVERSION 4, 15, 5, 0
- PRODUCTVERSION 4, 15, 5, 0
+ FILEVERSION 4, 16, 0, 0
+ PRODUCTVERSION 4, 16, 0, 0
  FILEFLAGSMASK 0x3fL
  FILEFLAGS 0x0L
  FILEOS 0x40004L      // Windows NT
@@ -58,14 +58,14 @@
             //VALUE "Comments", "\0"
             VALUE "CompanyName", " Aquamaniac\0"
             VALUE "FileDescription", "Multi purpose library\0"
-            VALUE "FileVersion", "v4.15.5beta\0"
+            VALUE "FileVersion", "v4.16.0beta\0"
             VALUE "InternalName", "Gwenhywfar\0"
             VALUE "LegalCopyright", "Copyright � 2003 by Martin Preuss\0"
             VALUE "LegalTrademarks", "Aquamaniac\0"
             VALUE "OriginalFilename", "GWENHYWFAR32.DLL\0"
             //VALUE "PrivateBuild", "\0"
             VALUE "ProductName", "Gwenhywfar\0"
-            VALUE "ProductVersion", "v4.15.5beta-0\0"
+            VALUE "ProductVersion", "v4.16.0beta-0\0"
             VALUE "Author", "Martin Preuss\0"
             VALUE "Email", "mar...@libchipcard.de\0"
             VALUE "Homepage", "http://gwenhywfar.sf.net/\0";
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/src/sio/syncio_tls.c 
new/gwenhywfar-4.16.0beta/src/sio/syncio_tls.c
--- old/gwenhywfar-4.15.5beta/src/sio/syncio_tls.c      2016-07-13 
23:49:41.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/src/sio/syncio_tls.c      2016-10-07 
21:02:32.000000000 +0200
@@ -264,7 +264,8 @@
 
 
 
-#if 0
+#if GWEN_TLS_USE_SYSTEM_CERTIFICATES
+# ifndef OS_WIN32
 static int GWEN_SyncIo_Tls_AddCaCertFolder(GWEN_SYNCIO *sio, const char 
*folder) {
   GWEN_SYNCIO_TLS *xio;
   int rv;
@@ -302,8 +303,7 @@
                      s, rv, gnutls_strerror(rv));
           }
           else {
-            DBG_INFO(GWEN_LOGDOMAIN,
-                     "Added %d trusted certs from [%s]", rv, s);
+            DBG_INFO(GWEN_LOGDOMAIN, "Added %d trusted certs from [%s]", rv, 
s);
             successfullTustFileCount++;
           }
         }
@@ -320,6 +320,7 @@
 
   return successfullTustFileCount;
 }
+# endif
 #endif
 
 
@@ -408,7 +409,7 @@
 
   /* find default trust file if none is selected */
   if (lflags & GWEN_SYNCIO_TLS_FLAGS_ADD_TRUSTED_CAS) {
-#if GWEN_TLS_USE_BUILTIN_CERTIFICATES
+#if GWEN_TLS_USE_SYSTEM_CERTIFICATES
     /* disable setting of default trust file as discussed on aqbanking-users.
      * The rationale is that without this file being set gnutls should behave
      * correctly on each system.
@@ -418,8 +419,7 @@
      */
     int trustFileSet=0;
 
-# if 0
-#  ifndef OS_WIN32
+# ifndef OS_WIN32
     /* try to find OpenSSL certificates */
     if (trustFileSet==0) {
       GWEN_STRINGLIST *paths;
@@ -429,9 +429,7 @@
       GWEN_StringList_AppendString(paths, "/etc/ssl/certs", 0, 0);
 
       nbuf=GWEN_Buffer_new(0, 256, 0, 1);
-      rv=GWEN_Directory_FindFileInPaths(paths,
-                                        "ca-certificates.crt",
-                                        nbuf);
+      rv=GWEN_Directory_FindFileInPaths(paths, "ca-certificates.crt", nbuf);
       GWEN_StringList_free(paths);
       if (rv==0) {
         DBG_INFO(GWEN_LOGDOMAIN,
@@ -454,10 +452,10 @@
       }
       GWEN_Buffer_free(nbuf);
     }
-#  endif
+# endif
 
 
-#  ifndef OS_WIN32
+# ifndef OS_WIN32
     /* try to find ca-certificates (at least available on Debian systems) */
     if (trustFileSet==0) {
       rv=GWEN_Directory_GetPath("/usr/share/ca-certificates", 
GWEN_PATH_FLAGS_NAMEMUSTEXIST);
@@ -472,45 +470,17 @@
       }
     }
 
-#  endif
 # endif
 
 
     if (trustFileSet==0) {
-      GWEN_STRINGLIST *paths;
 
-      /* try to find our trust file */
-      paths=GWEN_PathManager_GetPaths(GWEN_PM_LIBNAME, GWEN_PM_DATADIR);
-      if (paths) {
-        GWEN_BUFFER *nbuf;
-
-        nbuf=GWEN_Buffer_new(0, 256, 0, 1);
-        rv=GWEN_Directory_FindFileInPaths(paths,
-                                          "ca-bundle.crt",
-                                          nbuf);
-        GWEN_StringList_free(paths);
-        if (rv==0) {
-          DBG_INFO(GWEN_LOGDOMAIN,
-                   "Using default ca-bundle from [%s]",
-                   GWEN_Buffer_GetStart(nbuf));
-          rv=gnutls_certificate_set_x509_trust_file(xio->credentials,
-              GWEN_Buffer_GetStart(nbuf),
-              GNUTLS_X509_FMT_PEM);
-          if (rv<=0) {
-            DBG_ERROR(GWEN_LOGDOMAIN,
-                      "gnutls_certificate_set_x509_trust_file(%s): %d (%s)",
-                      GWEN_Buffer_GetStart(nbuf), rv, gnutls_strerror(rv));
-          }
-          else {
-            DBG_INFO(GWEN_LOGDOMAIN,
-                     "Added %d trusted certs", rv);
-            trustFileSet=1;
-          }
-        }
-        GWEN_Buffer_free(nbuf);
-      }
+        /* TODO: use gnutls_certificate_set_x509_system_trust() */
+        trustFileSet=1;
     }
 
+
+
     if (trustFileSet==0) {
       DBG_WARN(GWEN_LOGDOMAIN, "No default bundle file found");
     }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/src/version.h 
new/gwenhywfar-4.16.0beta/src/version.h
--- old/gwenhywfar-4.15.5beta/src/version.h     2016-07-14 22:00:10.000000000 
+0200
+++ new/gwenhywfar-4.16.0beta/src/version.h     2016-10-12 18:56:05.000000000 
+0200
@@ -31,12 +31,12 @@
 
 #define GWEN_VERSION_MAJOR 4
 #define GWENHYWFAR_VERSION_MAJOR 4
-#define GWENHYWFAR_VERSION_MINOR 15
-#define GWENHYWFAR_VERSION_PATCHLEVEL 5
+#define GWENHYWFAR_VERSION_MINOR 16
+#define GWENHYWFAR_VERSION_PATCHLEVEL 0
 #define GWENHYWFAR_VERSION_BUILD 0
 #define GWENHYWFAR_VERSION_TAG "beta"
-#define GWENHYWFAR_VERSION_FULL_STRING "4.15.5beta-0"
-#define GWENHYWFAR_VERSION_STRING "4.15.5"
+#define GWENHYWFAR_VERSION_FULL_STRING "4.16.0beta-0"
+#define GWENHYWFAR_VERSION_STRING "4.16.0"
 
 #define GWENHYWFAR_SO_EFFECTIVE 60
 #define GWENHYWFAR_SO_EFFECTIVE_STR "60"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/tools/gcttool/Makefile.am 
new/gwenhywfar-4.16.0beta/tools/gcttool/Makefile.am
--- old/gwenhywfar-4.15.5beta/tools/gcttool/Makefile.am 2014-07-23 
22:28:23.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/tools/gcttool/Makefile.am 2016-10-10 
21:51:13.000000000 +0200
@@ -19,6 +19,7 @@
   setkey.c \
   hashtree.c \
   checktree.c \
+  showpasswords.c \
   main.c
 
 gct_tool_LDADD=$(top_builddir)/src/$(gwenhywfar_internal_libname)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/tools/gcttool/Makefile.in 
new/gwenhywfar-4.16.0beta/tools/gcttool/Makefile.in
--- old/gwenhywfar-4.15.5beta/tools/gcttool/Makefile.in 2016-07-14 
21:59:52.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/tools/gcttool/Makefile.in 2016-10-12 
18:55:44.000000000 +0200
@@ -128,7 +128,7 @@
        create.$(OBJEXT) genkey.$(OBJEXT) showkey.$(OBJEXT) \
        showuser.$(OBJEXT) update.$(OBJEXT) setsignseq.$(OBJEXT) \
        setkey.$(OBJEXT) hashtree.$(OBJEXT) checktree.$(OBJEXT) \
-       main.$(OBJEXT)
+       showpasswords.$(OBJEXT) main.$(OBJEXT)
 gct_tool_OBJECTS = $(am_gct_tool_OBJECTS)
 am__DEPENDENCIES_1 =
 @IS_WINDOWS_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1)
@@ -476,6 +476,7 @@
   setkey.c \
   hashtree.c \
   checktree.c \
+  showpasswords.c \
   main.c
 
 gct_tool_LDADD = $(top_builddir)/src/$(gwenhywfar_internal_libname) \
@@ -600,6 +601,7 @@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/setkey.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/setsignseq.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/showkey.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/showpasswords.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/showuser.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/update.Po@am__quote@
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/tools/gcttool/globals.h 
new/gwenhywfar-4.16.0beta/tools/gcttool/globals.h
--- old/gwenhywfar-4.15.5beta/tools/gcttool/globals.h   2014-07-23 
22:28:23.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/tools/gcttool/globals.h   2016-10-10 
21:51:59.000000000 +0200
@@ -1,7 +1,4 @@
 /***************************************************************************
- $RCSfile$
- -------------------
- cvs         : $Id: globals.h 923 2005-11-19 03:35:10Z aquamaniac $
  begin       : Mon Mar 01 2004
  copyright   : (C) 2004 by Martin Preuss
  email       : mar...@libchipcard.de
@@ -57,6 +54,8 @@
 
 int checkTree(GWEN_DB_NODE *dbArgs, int argc, char **argv);
 
+int showPasswords(GWEN_DB_NODE *dbArgs, int argc, char **argv);
+
 
 #endif /* GCTTOOL_GLOBALS_H */
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/tools/gcttool/main.c 
new/gwenhywfar-4.16.0beta/tools/gcttool/main.c
--- old/gwenhywfar-4.15.5beta/tools/gcttool/main.c      2014-07-23 
22:28:23.000000000 +0200
+++ new/gwenhywfar-4.16.0beta/tools/gcttool/main.c      2016-10-10 
21:53:30.000000000 +0200
@@ -224,6 +224,9 @@
                             I18N("  update:\n"
                                  "    Update Crypt Token to newer version 
(e.g. OpenHBCI key"
                                  "files)\n\n"));
+    GWEN_Buffer_AppendString(ubuf,
+                            I18N("  showpasswords:\n"
+                                 "    Display passwords store in a 
GWEN_PASSWD_STORE file\n\n"));
 
     fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf));
     GWEN_Buffer_free(ubuf);
@@ -273,6 +276,9 @@
   else if (strcasecmp(cmd, "checkTree")==0) {
     rv=checkTree(db, argc, argv);
   }
+  else if (strcasecmp(cmd, "showpasswords")==0) {
+    rv=showPasswords(db, argc, argv);
+  }
   else {
     fprintf(stderr, "ERROR: Unknown command \"%s\".\n", cmd);
     rv=1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/gwenhywfar-4.15.5beta/tools/gcttool/showpasswords.c 
new/gwenhywfar-4.16.0beta/tools/gcttool/showpasswords.c
--- old/gwenhywfar-4.15.5beta/tools/gcttool/showpasswords.c     1970-01-01 
01:00:00.000000000 +0100
+++ new/gwenhywfar-4.16.0beta/tools/gcttool/showpasswords.c     2016-10-10 
21:55:33.000000000 +0200
@@ -0,0 +1,125 @@
+/***************************************************************************
+ begin       : Mon Oct 10 2016
+ copyright   : (C) 2016 by Martin Preuss
+ email       : mar...@libchipcard.de
+
+ ***************************************************************************
+ *          Please see toplevel file COPYING for license details           *
+ ***************************************************************************/
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include "globals.h"
+
+#include <gwenhywfar/debug.h>
+//#include <gwenhywfar/ct.h>
+//#include <gwenhywfar/ctplugin.h>
+//#include <gwenhywfar/text.h>
+#include <gwenhywfar/passwdstore.h>
+
+
+
+
+/*
+ * Show passwords from a GWEN_PASSWD_STORE file.
+ */
+
+
+int showPasswords(GWEN_DB_NODE *dbArgs, int argc, char **argv) {
+  GWEN_DB_NODE *db;
+  const char *file;
+  GWEN_PASSWD_STORE *sto;
+  GWEN_STRINGLIST *sl;
+  GWEN_STRINGLISTENTRY *se;
+  int rv;
+  const GWEN_ARGS args[]={
+  {
+    GWEN_ARGS_FLAGS_HAS_ARGUMENT, /* flags */
+    GWEN_ArgsType_Char,           /* type */
+    "file",                       /* name */
+    1,                            /* minnum */
+    1,                            /* maxnum */
+    "f",                          /* short option */
+    "file",                       /* long option */
+    "Specify the password file",     /* short description */
+    "Specify the password file"      /* long description */
+  },
+  {
+    GWEN_ARGS_FLAGS_HELP | GWEN_ARGS_FLAGS_LAST, /* flags */
+    GWEN_ArgsType_Int,             /* type */
+    "help",                       /* name */
+    0,                            /* minnum */
+    0,                            /* maxnum */
+    "h",                          /* short option */
+    "help",                       /* long option */
+    "Show this help screen",      /* short description */
+    "Show this help screen"       /* long description */
+  }
+  };
+
+  db=GWEN_DB_GetGroup(dbArgs, GWEN_DB_FLAGS_DEFAULT, "local");
+  rv=GWEN_Args_Check(argc, argv, 1,
+                     GWEN_ARGS_MODE_ALLOW_FREEPARAM,
+                     args,
+                     db);
+  if (rv==GWEN_ARGS_RESULT_ERROR) {
+    fprintf(stderr, "ERROR: Could not parse arguments\n");
+    return 1;
+  }
+  else if (rv==GWEN_ARGS_RESULT_HELP) {
+    GWEN_BUFFER *ubuf;
+
+    ubuf=GWEN_Buffer_new(0, 1024, 0, 1);
+    if (GWEN_Args_Usage(args, ubuf, GWEN_ArgsOutType_Txt)) {
+      fprintf(stderr, "ERROR: Could not create help string\n");
+      return 1;
+    }
+    fprintf(stderr, "%s\n", GWEN_Buffer_GetStart(ubuf));
+    GWEN_Buffer_free(ubuf);
+    return 0;
+  }
+
+  file=GWEN_DB_GetCharValue(db, "file", 0, NULL);
+  assert(file);
+
+  sto=GWEN_PasswordStore_new(file);
+  sl=GWEN_StringList_new();
+
+  rv=GWEN_PasswordStore_GetTokenList(sto, sl);
+  if (rv<0) {
+    fprintf(stderr, "ERROR: Could not get token list: %d\n", rv);
+    GWEN_PasswordStore_free(sto);
+    return 3;
+  }
+
+  se=GWEN_StringList_FirstEntry(sl);
+  while(se) {
+    const char *s;
+
+    s=GWEN_StringListEntry_Data(se);
+    if (s && *s) {
+      char passwd[512];
+
+      rv=GWEN_PasswordStore_GetPassword(sto, s, passwd, 1, sizeof(passwd)-1);
+      if (rv<0) {
+       fprintf(stderr, "ERROR: Could not get password for token \"%s\": %d\n", 
s, rv);
+       GWEN_PasswordStore_free(sto);
+       return 3;
+      }
+      passwd[sizeof(passwd)-1]=0;
+      fprintf(stdout, "\"%s\" -> \"%s\"\n", s, passwd);
+      memset(passwd, 0, sizeof(passwd));
+    }
+    se=GWEN_StringListEntry_Next(se);
+  }
+  GWEN_StringList_free(sl);
+
+  GWEN_PasswordStore_free(sto);
+
+  return 0;
+}
+
+
+


Reply via email to