Merged branch dev-0.4
authorMoritz Schulte <mo@g10code.com>
Fri, 8 Aug 2008 13:30:51 +0000 (13:30 +0000)
committerMoritz Schulte <mo@g10code.com>
Fri, 8 Aug 2008 13:30:51 +0000 (13:30 +0000)
191 files changed:
ABOUT-NLS [new file with mode: 0644]
BUGS [new file with mode: 0644]
ChangeLog
EXPERIMENTAL [new file with mode: 0644]
INSTALL
MIGRATION [new file with mode: 0644]
Makefile.am
NEWS
TODO [new file with mode: 0644]
acinclude.m4
am/ChangeLog [new file with mode: 0644]
am/Makefile.am [new file with mode: 0644]
am/cmacros.am [new file with mode: 0644]
autogen.sh [new file with mode: 0755]
conf/ChangeLog
conf/Makefile.am
conf/README.keys [new file with mode: 0644]
conf/poldi.conf.skel [new file with mode: 0644]
conf/users.skel [new file with mode: 0644]
config.rpath [new file with mode: 0755]
configure.ac
doc/ChangeLog
doc/mdate-sh
doc/poldi.texi
doc/texinfo.tex
m4/ChangeLog [new file with mode: 0644]
m4/Makefile.am [new file with mode: 0644]
m4/gettext.m4 [new file with mode: 0644]
m4/gpg-error.m4 [new file with mode: 0644]
m4/iconv.m4 [new file with mode: 0644]
m4/ksba.m4 [new file with mode: 0644]
m4/lib-ld.m4 [new file with mode: 0644]
m4/lib-link.m4 [new file with mode: 0644]
m4/lib-prefix.m4 [new file with mode: 0644]
m4/libassuan.m4 [new file with mode: 0644]
m4/libgcrypt.m4 [new file with mode: 0644]
m4/nls.m4 [new file with mode: 0644]
m4/po.m4 [new file with mode: 0644]
m4/progtest.m4 [new file with mode: 0644]
po/ChangeLog [new file with mode: 0644]
po/Makefile.in.in [new file with mode: 0644]
po/Makevars [new file with mode: 0644]
po/POTFILES.in [new file with mode: 0644]
po/Rules-quot [new file with mode: 0644]
po/boldquot.sed [new file with mode: 0644]
po/de.po [new file with mode: 0644]
po/en@boldquot.header [new file with mode: 0644]
po/en@quot.header [new file with mode: 0644]
po/insert-header.sin [new file with mode: 0644]
po/poldi.pot [new file with mode: 0644]
po/quot.sed [new file with mode: 0644]
po/remove-potcdate.sin [new file with mode: 0644]
src/ChangeLog
src/Makefile.am
src/README [moved from src/libscd/libjnlib-config.h with 100% similarity]
src/assuan/ChangeLog [new file with mode: 0644]
src/assuan/Makefile.am [new file with mode: 0644]
src/assuan/README [new file with mode: 0644]
src/assuan/assuan-buffer.c [new file with mode: 0644]
src/assuan/assuan-client.c [new file with mode: 0644]
src/assuan/assuan-connect.c [new file with mode: 0644]
src/assuan/assuan-defs.h [new file with mode: 0644]
src/assuan/assuan-handler.c [new file with mode: 0644]
src/assuan/assuan-inquire.c [new file with mode: 0644]
src/assuan/assuan-io-pth.c [new file with mode: 0644]
src/assuan/assuan-io.c [new file with mode: 0644]
src/assuan/assuan-listen.c [new file with mode: 0644]
src/assuan/assuan-logging.c [new file with mode: 0644]
src/assuan/assuan-pipe-connect.c [new file with mode: 0644]
src/assuan/assuan-pipe-server.c [new file with mode: 0644]
src/assuan/assuan-socket-connect.c [new file with mode: 0644]
src/assuan/assuan-socket-server.c [new file with mode: 0644]
src/assuan/assuan-socket.c [new file with mode: 0644]
src/assuan/assuan-uds.c [new file with mode: 0644]
src/assuan/assuan-util.c [new file with mode: 0644]
src/assuan/assuan.h [new file with mode: 0644]
src/assuan/funopen.c [new file with mode: 0644]
src/assuan/isascii.c [new file with mode: 0644]
src/assuan/libassuan-config.in [new file with mode: 0644]
src/assuan/libassuan.m4 [new file with mode: 0644]
src/assuan/memrchr.c [new file with mode: 0644]
src/assuan/mkerrors [new file with mode: 0755]
src/assuan/putc_unlocked.c [new file with mode: 0644]
src/assuan/setenv.c [new file with mode: 0644]
src/assuan/stpcpy.c [new file with mode: 0644]
src/common/ChangeLog [deleted file]
src/common/card.c [deleted file]
src/common/card.h [deleted file]
src/common/options.c [deleted file]
src/common/options.h [deleted file]
src/common/support.c [deleted file]
src/common/support.h [deleted file]
src/common/usersdb.c [deleted file]
src/common/usersdb.h [deleted file]
src/ctrl/ChangeLog
src/ctrl/Makefile.am
src/ctrl/poldi-ctrl.c
src/jnlib/ChangeLog [deleted file]
src/jnlib/README [deleted file]
src/jnlib/argparse.c [deleted file]
src/jnlib/argparse.h [deleted file]
src/jnlib/dotlock.c [deleted file]
src/jnlib/dotlock.h [deleted file]
src/jnlib/libjnlib-config.h [deleted file]
src/jnlib/logging.c [deleted file]
src/jnlib/logging.h [deleted file]
src/jnlib/mischelp.h [deleted file]
src/jnlib/stringhelp.c [deleted file]
src/jnlib/stringhelp.h [deleted file]
src/jnlib/strlist.c [deleted file]
src/jnlib/strlist.h [deleted file]
src/jnlib/types.h [deleted file]
src/jnlib/utf8conv.c [deleted file]
src/jnlib/utf8conv.h [deleted file]
src/jnlib/xmalloc.c [deleted file]
src/jnlib/xmalloc.h [deleted file]
src/libscd/ChangeLog [deleted file]
src/libscd/README [deleted file]
src/libscd/apdu.c [deleted file]
src/libscd/apdu.h [deleted file]
src/libscd/ccid-driver.c [deleted file]
src/libscd/ccid-driver.h [deleted file]
src/libscd/dynload.h [deleted file]
src/libscd/init.c [deleted file]
src/libscd/iso7816.c [deleted file]
src/libscd/iso7816.h [deleted file]
src/libscd/opt.c [deleted file]
src/libscd/scd.h [deleted file]
src/libscd/tlv.c [deleted file]
src/libscd/tlv.h [deleted file]
src/pam-test/ChangeLog [new file with mode: 0644]
src/pam-test/Makefile.am [new file with mode: 0644]
src/pam-test/README [new file with mode: 0644]
src/pam-test/pam-test.c [new file with mode: 0644]
src/pam/ChangeLog
src/pam/Makefile.am
src/pam/auth-method-localdb/ChangeLog [new file with mode: 0644]
src/pam/auth-method-localdb/Makefile.am [new file with mode: 0644]
src/pam/auth-method-localdb/auth-localdb.c [new file with mode: 0644]
src/pam/auth-method-localdb/defs-localdb.h [new file with mode: 0644]
src/pam/auth-method-localdb/key-lookup.c [new file with mode: 0644]
src/pam/auth-method-localdb/key-lookup.h [new file with mode: 0644]
src/pam/auth-method-localdb/usersdb.c [new file with mode: 0644]
src/pam/auth-method-localdb/usersdb.h [new file with mode: 0644]
src/pam/auth-method-x509/ChangeLog [new file with mode: 0644]
src/pam/auth-method-x509/Makefile.am [moved from src/jnlib/Makefile.am with 54% similarity]
src/pam/auth-method-x509/auth-x509.c [new file with mode: 0644]
src/pam/auth-method-x509/dirmngr.c [new file with mode: 0644]
src/pam/auth-method-x509/dirmngr.h [new file with mode: 0644]
src/pam/auth-methods.h [new file with mode: 0644]
src/pam/auth-support/ChangeLog [new file with mode: 0644]
src/pam/auth-support/Makefile.am [new file with mode: 0644]
src/pam/auth-support/conv.c [new file with mode: 0644]
src/pam/auth-support/conv.h [new file with mode: 0644]
src/pam/auth-support/ctx.h [new file with mode: 0644]
src/pam/auth-support/getpin-cb.c [new file with mode: 0644]
src/pam/auth-support/getpin-cb.h [new file with mode: 0644]
src/pam/auth-support/pam-util.c [new file with mode: 0644]
src/pam/auth-support/pam-util.h [new file with mode: 0644]
src/pam/auth-support/wait-for-card.c [new file with mode: 0644]
src/pam/auth-support/wait-for-card.h [new file with mode: 0644]
src/pam/pam_poldi.c
src/poldi.h [new file with mode: 0644]
src/scd/ChangeLog [new file with mode: 0644]
src/scd/Makefile.am [new file with mode: 0644]
src/scd/README [new file with mode: 0644]
src/scd/scd.c [new file with mode: 0644]
src/scd/scd.h [new file with mode: 0644]
src/util/ChangeLog [new file with mode: 0644]
src/util/Makefile.am [moved from src/common/Makefile.am with 57% similarity]
src/util/convert.c [new file with mode: 0644]
src/util/defs.h.in [moved from src/common/defs.h.in with 64% similarity]
src/util/filenames.c [new file with mode: 0644]
src/util/filenames.h [new file with mode: 0644]
src/util/membuf.c [new file with mode: 0644]
src/util/membuf.h [new file with mode: 0644]
src/util/simplelog.c [new file with mode: 0644]
src/util/simplelog.h [new file with mode: 0644]
src/util/simpleparse.c [new file with mode: 0644]
src/util/simpleparse.h [new file with mode: 0644]
src/util/support.c [new file with mode: 0644]
src/util/support.h [new file with mode: 0644]
src/util/util-local.h [new file with mode: 0644]
src/util/util.h [new file with mode: 0644]
tests/ChangeLog [new file with mode: 0644]
tests/Makefile.am [moved from src/libscd/Makefile.am with 64% similarity]
tests/README [new file with mode: 0644]
tests/pam-test.c [new file with mode: 0644]
tests/parse-test.c [new file with mode: 0644]
tools/Makefile.am [new file with mode: 0644]
tools/set-login-with-default-pin.sh [new file with mode: 0755]

diff --git a/ABOUT-NLS b/ABOUT-NLS
new file mode 100644 (file)
index 0000000..83bc72e
--- /dev/null
+++ b/ABOUT-NLS
@@ -0,0 +1,1068 @@
+1 Notes on the Free Translation Project
+***************************************
+
+Free software is going international!  The Free Translation Project is
+a way to get maintainers of free software, translators, and users all
+together, so that free software will gradually become able to speak many
+languages.  A few packages already provide translations for their
+messages.
+
+   If you found this `ABOUT-NLS' file inside a distribution, you may
+assume that the distributed package does use GNU `gettext' internally,
+itself available at your nearest GNU archive site.  But you do _not_
+need to install GNU `gettext' prior to configuring, installing or using
+this package with messages translated.
+
+   Installers will find here some useful hints.  These notes also
+explain how users should proceed for getting the programs to use the
+available translations.  They tell how people wanting to contribute and
+work on translations can contact the appropriate team.
+
+   When reporting bugs in the `intl/' directory or bugs which may be
+related to internationalization, you should tell about the version of
+`gettext' which is used.  The information can be found in the
+`intl/VERSION' file, in internationalized packages.
+
+1.1 Quick configuration advice
+==============================
+
+If you want to exploit the full power of internationalization, you
+should configure it using
+
+     ./configure --with-included-gettext
+
+to force usage of internationalizing routines provided within this
+package, despite the existence of internationalizing capabilities in the
+operating system where this package is being installed.  So far, only
+the `gettext' implementation in the GNU C library version 2 provides as
+many features (such as locale alias, message inheritance, automatic
+charset conversion or plural form handling) as the implementation here.
+It is also not possible to offer this additional functionality on top
+of a `catgets' implementation.  Future versions of GNU `gettext' will
+very likely convey even more functionality.  So it might be a good idea
+to change to GNU `gettext' as soon as possible.
+
+   So you need _not_ provide this option if you are using GNU libc 2 or
+you have installed a recent copy of the GNU gettext package with the
+included `libintl'.
+
+1.2 INSTALL Matters
+===================
+
+Some packages are "localizable" when properly installed; the programs
+they contain can be made to speak your own native language.  Most such
+packages use GNU `gettext'.  Other packages have their own ways to
+internationalization, predating GNU `gettext'.
+
+   By default, this package will be installed to allow translation of
+messages.  It will automatically detect whether the system already
+provides the GNU `gettext' functions.  If not, the included GNU
+`gettext' library will be used.  This library is wholly contained
+within this package, usually in the `intl/' subdirectory, so prior
+installation of the GNU `gettext' package is _not_ required.
+Installers may use special options at configuration time for changing
+the default behaviour.  The commands:
+
+     ./configure --with-included-gettext
+     ./configure --disable-nls
+
+will, respectively, bypass any pre-existing `gettext' to use the
+internationalizing routines provided within this package, or else,
+_totally_ disable translation of messages.
+
+   When you already have GNU `gettext' installed on your system and run
+configure without an option for your new package, `configure' will
+probably detect the previously built and installed `libintl.a' file and
+will decide to use this.  This might not be desirable.  You should use
+the more recent version of the GNU `gettext' library.  I.e. if the file
+`intl/VERSION' shows that the library which comes with this package is
+more recent, you should use
+
+     ./configure --with-included-gettext
+
+to prevent auto-detection.
+
+   The configuration process will not test for the `catgets' function
+and therefore it will not be used.  The reason is that even an
+emulation of `gettext' on top of `catgets' could not provide all the
+extensions of the GNU `gettext' library.
+
+   Internationalized packages usually have many `po/LL.po' files, where
+LL gives an ISO 639 two-letter code identifying the language.  Unless
+translations have been forbidden at `configure' time by using the
+`--disable-nls' switch, all available translations are installed
+together with the package.  However, the environment variable `LINGUAS'
+may be set, prior to configuration, to limit the installed set.
+`LINGUAS' should then contain a space separated list of two-letter
+codes, stating which languages are allowed.
+
+1.3 Using This Package
+======================
+
+As a user, if your language has been installed for this package, you
+only have to set the `LANG' environment variable to the appropriate
+`LL_CC' combination.  If you happen to have the `LC_ALL' or some other
+`LC_xxx' environment variables set, you should unset them before
+setting `LANG', otherwise the setting of `LANG' will not have the
+desired effect.  Here `LL' is an ISO 639 two-letter language code, and
+`CC' is an ISO 3166 two-letter country code.  For example, let's
+suppose that you speak German and live in Germany.  At the shell
+prompt, merely execute `setenv LANG de_DE' (in `csh'),
+`export LANG; LANG=de_DE' (in `sh') or `export LANG=de_DE' (in `bash').
+This can be done from your `.login' or `.profile' file, once and for
+all.
+
+   You might think that the country code specification is redundant.
+But in fact, some languages have dialects in different countries.  For
+example, `de_AT' is used for Austria, and `pt_BR' for Brazil.  The
+country code serves to distinguish the dialects.
+
+   The locale naming convention of `LL_CC', with `LL' denoting the
+language and `CC' denoting the country, is the one use on systems based
+on GNU libc.  On other systems, some variations of this scheme are
+used, such as `LL' or `LL_CC.ENCODING'.  You can get the list of
+locales supported by your system for your language by running the
+command `locale -a | grep '^LL''.
+
+   Not all programs have translations for all languages.  By default, an
+English message is shown in place of a nonexistent translation.  If you
+understand other languages, you can set up a priority list of languages.
+This is done through a different environment variable, called
+`LANGUAGE'.  GNU `gettext' gives preference to `LANGUAGE' over `LANG'
+for the purpose of message handling, but you still need to have `LANG'
+set to the primary language; this is required by other parts of the
+system libraries.  For example, some Swedish users who would rather
+read translations in German than English for when Swedish is not
+available, set `LANGUAGE' to `sv:de' while leaving `LANG' to `sv_SE'.
+
+   Special advice for Norwegian users: The language code for Norwegian
+bokma*l changed from `no' to `nb' recently (in 2003).  During the
+transition period, while some message catalogs for this language are
+installed under `nb' and some older ones under `no', it's recommended
+for Norwegian users to set `LANGUAGE' to `nb:no' so that both newer and
+older translations are used.
+
+   In the `LANGUAGE' environment variable, but not in the `LANG'
+environment variable, `LL_CC' combinations can be abbreviated as `LL'
+to denote the language's main dialect.  For example, `de' is equivalent
+to `de_DE' (German as spoken in Germany), and `pt' to `pt_PT'
+(Portuguese as spoken in Portugal) in this context.
+
+1.4 Translating Teams
+=====================
+
+For the Free Translation Project to be a success, we need interested
+people who like their own language and write it well, and who are also
+able to synergize with other translators speaking the same language.
+Each translation team has its own mailing list.  The up-to-date list of
+teams can be found at the Free Translation Project's homepage,
+`http://translationproject.org/', in the "Teams" area.
+
+   If you'd like to volunteer to _work_ at translating messages, you
+should become a member of the translating team for your own language.
+The subscribing address is _not_ the same as the list itself, it has
+`-request' appended.  For example, speakers of Swedish can send a
+message to `sv-request@li.org', having this message body:
+
+     subscribe
+
+   Keep in mind that team members are expected to participate
+_actively_ in translations, or at solving translational difficulties,
+rather than merely lurking around.  If your team does not exist yet and
+you want to start one, or if you are unsure about what to do or how to
+get started, please write to `coordinator@translationproject.org' to
+reach the coordinator for all translator teams.
+
+   The English team is special.  It works at improving and uniformizing
+the terminology in use.  Proven linguistic skills are praised more than
+programming skills, here.
+
+1.5 Available Packages
+======================
+
+Languages are not equally supported in all packages.  The following
+matrix shows the current state of internationalization, as of November
+2007.  The matrix shows, in regard of each package, for which languages
+PO files have been submitted to translation coordination, with a
+translation percentage of at least 50%.
+
+     Ready PO files       af am ar az be bg bs ca cs cy da de el en en_GB eo
+                        +----------------------------------------------------+
+     Compendium         |                      []       [] []        []      |
+     a2ps               |             []                [] [] []     []      |
+     aegis              |                                  ()                |
+     ant-phone          |                                  ()                |
+     anubis             |                                  []                |
+     ap-utils           |                                                    |
+     aspell             |                      [] []    [] []        []      |
+     bash               |                                                 [] |
+     bfd                |                                                    |
+     bibshelf           |                                  []                |
+     binutils           |                                                    |
+     bison              |                               [] []                |
+     bison-runtime      |                                  []                |
+     bluez-pin          | []                      []       [] []          [] |
+     cflow              |                               []                   |
+     clisp              |                               [] []    []          |
+     console-tools      |                         []       []                |
+     coreutils          |                []    [] []       []                |
+     cpio               |                                                    |
+     cpplib             |                      []       [] []                |
+     cryptonit          |                                  []                |
+     dialog             |                                                    |
+     diffutils          |                      [] []    [] [] []          [] |
+     doodle             |                                  []                |
+     e2fsprogs          |                         []       []                |
+     enscript           |                      []       [] []        []      |
+     fetchmail          |                      []       [] () []     []      |
+     findutils          |                []                                  |
+     findutils_stable   |                []    []       []                   |
+     flex               |                      []       [] []                |
+     fslint             |                                                    |
+     gas                |                                                    |
+     gawk               |                      []       [] []                |
+     gcal               |                      []                            |
+     gcc                |                                  []                |
+     gettext-examples   | []                   []          [] []          [] |
+     gettext-runtime    |             []       []       [] []             [] |
+     gettext-tools      |                      []          []                |
+     gip                |                []                                  |
+     gliv               |                []                []                |
+     glunarclock        |                []                                  |
+     gmult              | []                               []                |
+     gnubiff            |                                  ()                |
+     gnucash            |                      [] []       () ()     []      |
+     gnuedu             |                                                    |
+     gnulib             |                []                                  |
+     gnunet             |                                                    |
+     gnunet-gtk         |                                                    |
+     gnutls             |                                  []                |
+     gpe-aerial         |                         []       []                |
+     gpe-beam           |                         []       []                |
+     gpe-calendar       |                                                    |
+     gpe-clock          |                         []       []                |
+     gpe-conf           |                         []       []                |
+     gpe-contacts       |                                                    |
+     gpe-edit           |                         []                         |
+     gpe-filemanager    |                                                    |
+     gpe-go             |                         []                         |
+     gpe-login          |                         []       []                |
+     gpe-ownerinfo      |                         []       []                |
+     gpe-package        |                                                    |
+     gpe-sketchbook     |                         []       []                |
+     gpe-su             |                         []       []                |
+     gpe-taskmanager    |                         []       []                |
+     gpe-timesheet      |                         []                         |
+     gpe-today          |                         []       []                |
+     gpe-todo           |                                                    |
+     gphoto2            |                         []    [] []        []      |
+     gprof              |                               [] []                |
+     gpsdrive           |                                                    |
+     gramadoir          | []                               []                |
+     grep               |                         []                      [] |
+     gretl              |                                  ()                |
+     gsasl              |                                                    |
+     gss                |                                                    |
+     gst-plugins-bad    |                []             []                   |
+     gst-plugins-base   |                []             []                   |
+     gst-plugins-good   |                []    []       []                   |
+     gst-plugins-ugly   |                []             []                   |
+     gstreamer          | []             []    [] []    [] []        []      |
+     gtick              |                                  ()                |
+     gtkam              |             []          []    [] []                |
+     gtkorphan          |                []                []                |
+     gtkspell           |             []                   [] []          [] |
+     gutenprint         |                               []                   |
+     hello              |                []    []       [] []             [] |
+     herrie             |                                  []                |
+     hylafax            |                                                    |
+     idutils            |                               [] []                |
+     indent             |                      [] []       []             [] |
+     iso_15924          |                                                    |
+     iso_3166           |       []    [] [] [] [] [] [] [] [] []          [] |
+     iso_3166_2         |                                                    |
+     iso_4217           |                         []    [] []                |
+     iso_639            |                         []    [] []             [] |
+     jpilot             |                         []                         |
+     jtag               |                                                    |
+     jwhois             |                                                    |
+     kbd                |                         []    [] [] []             |
+     keytouch           |                      []          []                |
+     keytouch-editor    |                                  []                |
+     keytouch-keyboa... |                      []                            |
+     latrine            |                                  ()                |
+     ld                 |                               []                   |
+     leafpad            |                []    [] []       [] []             |
+     libc               |                      [] []    [] []                |
+     libexif            |                                  []                |
+     libextractor       |                                  []                |
+     libgpewidget       |                         []    [] []                |
+     libgpg-error       |                                  []                |
+     libgphoto2         |                               [] []                |
+     libgphoto2_port    |                               [] []                |
+     libgsasl           |                                                    |
+     libiconv           |                                  []             [] |
+     libidn             |                         []    []                [] |
+     lifelines          |                               [] ()                |
+     lilypond           |                                  []                |
+     lingoteach         |                                                    |
+     lprng              |                                                    |
+     lynx               |                      [] []    [] []                |
+     m4                 |                         []    [] [] []             |
+     mailfromd          |                                                    |
+     mailutils          |                      []                            |
+     make               |                               [] []                |
+     man-db             |                      []       [] []                |
+     minicom            |                         []    [] []                |
+     nano               |                []    []          []                |
+     opcodes            |                                  []                |
+     parted             |                         []       []                |
+     pilot-qof          |                                                    |
+     popt               |                         []    [] []                |
+     psmisc             |                []                                  |
+     pwdutils           |                                                    |
+     qof                |                                                    |
+     radius             |                      []                            |
+     recode             |             []       []       [] [] []          [] |
+     rpm                |                               []                   |
+     screem             |                                                    |
+     scrollkeeper       |          [] []       [] [] [] [] []        []      |
+     sed                |                      []          []             [] |
+     shared-mime-info   |                []    [] []    [] () []     []   [] |
+     sharutils          |                []    [] []    [] [] []             |
+     shishi             |                                                    |
+     skencil            |                               [] ()                |
+     solfege            |                                                    |
+     soundtracker       |                               [] []                |
+     sp                 |                                  []                |
+     system-tools-ba... |       []       [] [] [] []    [] [] []     []      |
+     tar                |                []                []                |
+     texinfo            |                               [] []             [] |
+     tin                |                                  ()        ()      |
+     tuxpaint           | []             []             [] []        []   [] |
+     unicode-han-tra... |                                                    |
+     unicode-transla... |                                                    |
+     util-linux         |                      [] []    [] []                |
+     util-linux-ng      |                      [] []    [] []                |
+     vorbis-tools       |                         []                         |
+     wastesedge         |                                  ()                |
+     wdiff              |                      []       [] []        []      |
+     wget               |                      [] []       []                |
+     xchat              |             [] []    [] []       [] []     []      |
+     xkeyboard-config   |                []                                  |
+     xpad               |                []             []           []      |
+                        +----------------------------------------------------+
+                          af am ar az be bg bs ca cs cy da de el en en_GB eo
+                           6  0  2  1  8 26  2 40 48  2 56 88 15  1  15   18
+
+                          es et eu fa fi fr  ga gl gu he hi hr hu id is it
+                        +--------------------------------------------------+
+     Compendium         | []          [] []  []                []          |
+     a2ps               |    []       [] []                             () |
+     aegis              |                                                  |
+     ant-phone          |                []                                |
+     anubis             |                []                                |
+     ap-utils           |             [] []                                |
+     aspell             |                []  []                         [] |
+     bash               | []                                               |
+     bfd                | []          []                                   |
+     bibshelf           | []                 []                         [] |
+     binutils           | []          [] []                                |
+     bison              | [] []          []  []                   []    [] |
+     bison-runtime      |    []          []  []                   []    [] |
+     bluez-pin          |             [] []  []                [] []       |
+     cflow              |                    []                            |
+     clisp              | []             []                                |
+     console-tools      |                                                  |
+     coreutils          | [] []       [] []  []                []          |
+     cpio               | []             []  []                            |
+     cpplib             | []             []                                |
+     cryptonit          |                []                                |
+     dialog             |       []           []                         [] |
+     diffutils          | []          [] []  [] []    []       [] []    [] |
+     doodle             |                    []                         [] |
+     e2fsprogs          | []             []                             [] |
+     enscript           |                []  []             []             |
+     fetchmail          | []                                               |
+     findutils          |    []              []                []          |
+     findutils_stable   |    []          []  []                []          |
+     flex               | []             []  []                            |
+     fslint             |                                                  |
+     gas                | []             []                                |
+     gawk               | []             []  []       []                () |
+     gcal               | []             []                                |
+     gcc                | []                                               |
+     gettext-examples   | []          [] []  []                [] []    [] |
+     gettext-runtime    | []          [] []  []                   []    [] |
+     gettext-tools      | []    []       []                             [] |
+     gip                | []    []       []  []                            |
+     gliv               |                ()                                |
+     glunarclock        |             []     []                []          |
+     gmult              |       []       []                             [] |
+     gnubiff            |                ()                             () |
+     gnucash            | ()             ()                    ()          |
+     gnuedu             | []                                               |
+     gnulib             | [] []              []                            |
+     gnunet             |                                                  |
+     gnunet-gtk         |                                                  |
+     gnutls             |                                                  |
+     gpe-aerial         | []             []                                |
+     gpe-beam           | []             []                                |
+     gpe-calendar       |                                                  |
+     gpe-clock          | []          [] []                    []          |
+     gpe-conf           |                []                                |
+     gpe-contacts       | []             []                                |
+     gpe-edit           | []             []                    [] []       |
+     gpe-filemanager    | []                                               |
+     gpe-go             | []             []                    []          |
+     gpe-login          | []             []                    []          |
+     gpe-ownerinfo      | []          [] []                    [] []       |
+     gpe-package        | []                                               |
+     gpe-sketchbook     | []             []                                |
+     gpe-su             | []          [] []                    []          |
+     gpe-taskmanager    | []          [] []                                |
+     gpe-timesheet      | []             []  []                   []       |
+     gpe-today          | []          [] []  []                            |
+     gpe-todo           | []                                               |
+     gphoto2            | []          [] []                    []       [] |
+     gprof              | []          [] []  []                   []       |
+     gpsdrive           |    []                                            |
+     gramadoir          |                []  []                            |
+     grep               | []          []     []                            |
+     gretl              | []    []       []                             () |
+     gsasl              |                    []                   []       |
+     gss                |                []  []                            |
+     gst-plugins-bad    | []          []                       []       [] |
+     gst-plugins-base   | []          []                       []       [] |
+     gst-plugins-good   | []    []    []                       []       [] |
+     gst-plugins-ugly   | []          []                       []       [] |
+     gstreamer          |             []                       []       [] |
+     gtick              |             []     []                         [] |
+     gtkam              | []             []                    []       [] |
+     gtkorphan          |                []                             [] |
+     gtkspell           | []    []    [] []  []                []       [] |
+     gutenprint         |                                      []          |
+     hello              | [] [] [] [] [] []  [] []    []    [] [] []    [] |
+     herrie             |                    []                            |
+     hylafax            |                                                  |
+     idutils            |                []  []                [] []    [] |
+     indent             | [] [] []    [] []  [] []             [] []    [] |
+     iso_15924          |                []                                |
+     iso_3166           | [] [] []    [] []     [] [] [] [] [] [] []    [] |
+     iso_3166_2         |                []                                |
+     iso_4217           | [] []       [] []                    []       [] |
+     iso_639            | []       [] [] []  []                []          |
+     jpilot             | []             []                                |
+     jtag               |                []                                |
+     jwhois             | []             []                    [] []    [] |
+     kbd                | []             []                                |
+     keytouch           |                []  []                         [] |
+     keytouch-editor    |                    []                            |
+     keytouch-keyboa... |                    []                         [] |
+     latrine            |                    []                         [] |
+     ld                 | []          [] []  []                            |
+     leafpad            | []             []  []       []       []       [] |
+     libc               | []          [] []     []             []          |
+     libexif            | []                                               |
+     libextractor       |                    []                            |
+     libgpewidget       | []             []  []                [] []       |
+     libgpg-error       |                []                                |
+     libgphoto2         | []             []                             [] |
+     libgphoto2_port    |                []                             [] |
+     libgsasl           |                []  []                            |
+     libiconv           |    []       []     []                            |
+     libidn             |                []                             [] |
+     lifelines          |                ()                                |
+     lilypond           | []          [] []                                |
+     lingoteach         |                []                       []    [] |
+     lprng              |                                                  |
+     lynx               |    []                                []       [] |
+     m4                 |                []  [] []                []       |
+     mailfromd          |                                                  |
+     mailutils          | []             []                                |
+     make               | []          [] []  [] []    []    []    []       |
+     man-db             |                                               [] |
+     minicom            | []          [] []                    []          |
+     nano               | []    []       []  [] []             []       [] |
+     opcodes            | []          [] []  []                            |
+     parted             |                []                       []    [] |
+     pilot-qof          |                                                  |
+     popt               |                []  [] []                   []    |
+     psmisc             |                                      []       [] |
+     pwdutils           |                                                  |
+     qof                |                                         []       |
+     radius             | []             []                                |
+     recode             | []             []  [] []    []       [] []    [] |
+     rpm                |                []                       []       |
+     screem             |                                                  |
+     scrollkeeper       | []          []                       []          |
+     sed                | [] []          []  []                []          |
+     shared-mime-info   | []    []    [] []                    []       [] |
+     sharutils          | [] []       [] []  [] []             []       [] |
+     shishi             |                []                                |
+     skencil            | []             []                                |
+     solfege            |                                               [] |
+     soundtracker       | []             []                             [] |
+     sp                 |                []                                |
+     system-tools-ba... | []    []    [] []  []             [] [] []    [] |
+     tar                |    [] []    []     []                []          |
+     texinfo            |                []           []       []          |
+     tin                |    []          ()                                |
+     tuxpaint           |                    []                []          |
+     unicode-han-tra... |                                                  |
+     unicode-transla... |                []  []                            |
+     util-linux         | [] []       [] []                    [] []    [] |
+     util-linux-ng      | [] []       [] []                    [] []    [] |
+     vorbis-tools       |                                                  |
+     wastesedge         |                ()                                |
+     wdiff              | [] []          []  [] []             [] []    [] |
+     wget               |    []       [] []  []             [] [] []    [] |
+     xchat              | []          [] []        []    []    []       [] |
+     xkeyboard-config   | []          [] []                    []          |
+     xpad               | []                 []                []          |
+                        +--------------------------------------------------+
+                          es et eu fa fi fr  ga gl gu he hi hr hu id is it
+                          85 22 14  2 48 101 61 12  2  8  2  6 53 29  1 52
+
+                          ja ka ko ku ky lg lt lv mk mn ms mt nb ne nl  nn
+                        +--------------------------------------------------+
+     Compendium         |                                           []     |
+     a2ps               |       ()                      []          []     |
+     aegis              |                                           ()     |
+     ant-phone          |                                           []     |
+     anubis             |                               []    []    []     |
+     ap-utils           |                               []                 |
+     aspell             |                            []             []     |
+     bash               |                                           []     |
+     bfd                |                                                  |
+     bibshelf           |                               []                 |
+     binutils           |                                                  |
+     bison              |                               []    []    []     |
+     bison-runtime      |                               []    []    []     |
+     bluez-pin          |          []                   []          []     |
+     cflow              |                                                  |
+     clisp              |                                           []     |
+     console-tools      |                                                  |
+     coreutils          |                                           []     |
+     cpio               |                                           []     |
+     cpplib             |                                           []     |
+     cryptonit          |                                           []     |
+     dialog             |                               []          []     |
+     diffutils          | []                            []          []     |
+     doodle             |                                                  |
+     e2fsprogs          |                                           []     |
+     enscript           |                                           []     |
+     fetchmail          | []                                        []     |
+     findutils          |                                           []     |
+     findutils_stable   |                                           []     |
+     flex               |       []                                  []     |
+     fslint             |                                                  |
+     gas                |                                                  |
+     gawk               | []                                        []     |
+     gcal               |                                                  |
+     gcc                |                                                  |
+     gettext-examples   | []                            []          []     |
+     gettext-runtime    | []    []                                  []     |
+     gettext-tools      | []    []                                         |
+     gip                |                               []          []     |
+     gliv               |                                           []     |
+     glunarclock        |                               []          []     |
+     gmult              | []                            []          []     |
+     gnubiff            |                                                  |
+     gnucash            | ()                                  () ()        |
+     gnuedu             |                                                  |
+     gnulib             | []                                        []     |
+     gnunet             |                                                  |
+     gnunet-gtk         |                                                  |
+     gnutls             |                               []                 |
+     gpe-aerial         |                                           []     |
+     gpe-beam           |                                           []     |
+     gpe-calendar       | []                                               |
+     gpe-clock          | []    []                                  []     |
+     gpe-conf           | []    []                                  []     |
+     gpe-contacts       |       []                                         |
+     gpe-edit           | []    []                                  []     |
+     gpe-filemanager    | []    []                                         |
+     gpe-go             | []    []                                  []     |
+     gpe-login          | []    []                                  []     |
+     gpe-ownerinfo      | []                                        []     |
+     gpe-package        | []    []                                         |
+     gpe-sketchbook     |       []                                  []     |
+     gpe-su             | []    []                                  []     |
+     gpe-taskmanager    | []    [] []                               []     |
+     gpe-timesheet      |                                           []     |
+     gpe-today          | []                                        []     |
+     gpe-todo           | []                                               |
+     gphoto2            | []                                        []     |
+     gprof              |                               []                 |
+     gpsdrive           |                                           []     |
+     gramadoir          |                                           ()     |
+     grep               |             []                            []     |
+     gretl              |                                                  |
+     gsasl              |                                           []     |
+     gss                |                                                  |
+     gst-plugins-bad    |                                           []     |
+     gst-plugins-base   |                                           []     |
+     gst-plugins-good   |                                           []     |
+     gst-plugins-ugly   |                                           []     |
+     gstreamer          |                                           []     |
+     gtick              |                                           []     |
+     gtkam              | []                                        []     |
+     gtkorphan          |                                           []     |
+     gtkspell           |                            []             []     |
+     gutenprint         |                                           []     |
+     hello              | [] [] []                      []    []    []  [] |
+     herrie             |                                           []     |
+     hylafax            |                                                  |
+     idutils            |                                           []     |
+     indent             | []                                        []     |
+     iso_15924          |                                           []     |
+     iso_3166           | []    [] []       []    []          []    []  [] |
+     iso_3166_2         |                                           []     |
+     iso_4217           | []                []                      []     |
+     iso_639            | []                []                      []  [] |
+     jpilot             | ()                                        ()     |
+     jtag               |                                                  |
+     jwhois             |                                           []     |
+     kbd                |                                           []     |
+     keytouch           |                                           []     |
+     keytouch-editor    |                                           []     |
+     keytouch-keyboa... |                                                  |
+     latrine            |                                           []     |
+     ld                 |                                                  |
+     leafpad            | []                []                             |
+     libc               | []    []                                  []     |
+     libexif            |                                                  |
+     libextractor       |                                                  |
+     libgpewidget       |                                           []     |
+     libgpg-error       |                                                  |
+     libgphoto2         | []                                               |
+     libgphoto2_port    | []                                               |
+     libgsasl           |                                           []     |
+     libiconv           |                                           []     |
+     libidn             | []                                        []     |
+     lifelines          |                                           []     |
+     lilypond           |                                           []     |
+     lingoteach         |                                           []     |
+     lprng              |                                                  |
+     lynx               | []                                        []     |
+     m4                 | []                                        []     |
+     mailfromd          |                                                  |
+     mailutils          |                                                  |
+     make               | []    []                                  []     |
+     man-db             |                                                  |
+     minicom            | []                                               |
+     nano               |                               []    []    []     |
+     opcodes            |                                           []     |
+     parted             | []                                        []     |
+     pilot-qof          |                                                  |
+     popt               | []    []                                  []     |
+     psmisc             | []                                  []    []     |
+     pwdutils           |                                                  |
+     qof                |                                                  |
+     radius             |                                                  |
+     recode             |                                           []     |
+     rpm                | []    []                                         |
+     screem             | []                                               |
+     scrollkeeper       |                                     [] [] []  [] |
+     sed                | []                                        []     |
+     shared-mime-info   | []    []          []          []    []    []  [] |
+     sharutils          | []                                        []     |
+     shishi             |                                                  |
+     skencil            |                                                  |
+     solfege            |                                     ()        () |
+     soundtracker       |                                                  |
+     sp                 | ()                                               |
+     system-tools-ba... | []    []          []                      []     |
+     tar                | []          []                            []     |
+     texinfo            |                                     []    []     |
+     tin                |                                                  |
+     tuxpaint           |                                     ()    []  [] |
+     unicode-han-tra... |                                                  |
+     unicode-transla... |                                                  |
+     util-linux         | []                                        []     |
+     util-linux-ng      | []                                        []     |
+     vorbis-tools       |                                                  |
+     wastesedge         |                                           []     |
+     wdiff              |                               []    []           |
+     wget               | []                                        []     |
+     xchat              | []    []                []                []     |
+     xkeyboard-config   |    [] []                                  []     |
+     xpad               |       []                      []          []     |
+                        +--------------------------------------------------+
+                          ja ka ko ku ky lg lt lv mk mn ms mt nb ne nl  nn
+                          51  2 25  3  2  0  6  0  2  2 20  0 11  1 103  6
+
+                          or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv  ta
+                        +--------------------------------------------------+
+     Compendium         |          []  []      []       []          []     |
+     a2ps               |       ()     []      [] []       []    [] []     |
+     aegis              |                      () ()                       |
+     ant-phone          |                      []                   []     |
+     anubis             |       []             [] []                       |
+     ap-utils           |       ()                                         |
+     aspell             |                      [] []    []                 |
+     bash               |       []                      []                 |
+     bfd                |                                                  |
+     bibshelf           |                                           []     |
+     binutils           |                         []    []                 |
+     bison              |       []     []      [] []                []     |
+     bison-runtime      |       []     []      []          []       []     |
+     bluez-pin          |       []     []   [] [] []    [] []    [] []     |
+     cflow              |       []                                         |
+     clisp              |                         []                       |
+     console-tools      |                         []                       |
+     coreutils          |       []                []       []       []     |
+     cpio               |       []                []                []     |
+     cpplib             |                                           []     |
+     cryptonit          |              []                           []     |
+     dialog             |                                           []     |
+     diffutils          |       []     []      [] []             [] []     |
+     doodle             |                                     []    []     |
+     e2fsprogs          |       []                                  []     |
+     enscript           |              []      [] []       []       []     |
+     fetchmail          |       []                []          []           |
+     findutils          |       [] []                               []     |
+     findutils_stable   |       [] []          []       [] []       []     |
+     flex               |       []     []      [] []                []     |
+     fslint             |                                           []     |
+     gas                |                                                  |
+     gawk               |       []     []      []                   []     |
+     gcal               |                                           []     |
+     gcc                |                                        [] []     |
+     gettext-examples   |       [] []          [] []    [] []    [] []     |
+     gettext-runtime    |       [] []          [] []    [] []    [] []     |
+     gettext-tools      |       []             [] []    [] []    [] []     |
+     gip                |                   []          []       [] []     |
+     gliv               |       []     []      [] []    []          []     |
+     glunarclock        |              []      [] []    []       [] []     |
+     gmult              |                   [] []                [] []     |
+     gnubiff            |                      ()                   []     |
+     gnucash            |       ()                                  []     |
+     gnuedu             |                                                  |
+     gnulib             |       []                         []       []     |
+     gnunet             |                                                  |
+     gnunet-gtk         |                                           []     |
+     gnutls             |       []                                  []     |
+     gpe-aerial         |          []  []      [] []       []    [] []     |
+     gpe-beam           |          []  []      [] []       []    [] []     |
+     gpe-calendar       |                         []       []    [] []     |
+     gpe-clock          |          []  []      [] []    [] []    [] []     |
+     gpe-conf           |          []  []      [] []    [] []       []     |
+     gpe-contacts       |                      [] []       []    [] []     |
+     gpe-edit           |       [] []  []      [] []    [] []    [] []     |
+     gpe-filemanager    |                                  []       []     |
+     gpe-go             |       []     []      [] []    [] []    [] []     |
+     gpe-login          |          []  []      [] []    [] []    [] []     |
+     gpe-ownerinfo      |          []  []      [] []    [] []    [] []     |
+     gpe-package        |                                  []       []     |
+     gpe-sketchbook     |          []  []      [] []    [] []    [] []     |
+     gpe-su             |          []  []      [] []    [] []    [] []     |
+     gpe-taskmanager    |          []  []      [] []    [] []    [] []     |
+     gpe-timesheet      |          []  []      [] []    [] []    [] []     |
+     gpe-today          |          []  []      [] []    [] []    [] []     |
+     gpe-todo           |                         []       []    [] []     |
+     gphoto2            |    [] []             []       []       [] []     |
+     gprof              |              []      []                   []     |
+     gpsdrive           |                         []                []     |
+     gramadoir          |                               []          []     |
+     grep               |       []                      [] []       []     |
+     gretl              |       [] []  []                                  |
+     gsasl              |       []                               [] []     |
+     gss                |       []             []       []          []     |
+     gst-plugins-bad    |       []     []                           []     |
+     gst-plugins-base   |       []                                  []     |
+     gst-plugins-good   |       []                                  []     |
+     gst-plugins-ugly   |       []     []                           []     |
+     gstreamer          |       []                            [] [] []     |
+     gtick              |                         []                       |
+     gtkam              |    [] []     []         []                []     |
+     gtkorphan          |                                           []     |
+     gtkspell           |              []   [] [] []    [] []    [] []     |
+     gutenprint         |                                           []     |
+     hello              |       []     []      [] []    [] []    [] []     |
+     herrie             |       []                []                []     |
+     hylafax            |                                                  |
+     idutils            |       []     []      [] []                []     |
+     indent             |       []     []      [] []    []       [] []     |
+     iso_15924          |                                                  |
+     iso_3166           |    [] [] []  []      [] [] [] [] [] [] [] []  [] |
+     iso_3166_2         |                                                  |
+     iso_4217           |       [] []             [] []    []    [] []     |
+     iso_639            |       []                [] [] [] []    [] []     |
+     jpilot             |                                                  |
+     jtag               |                               []                 |
+     jwhois             |       []     []      []                   []     |
+     kbd                |       []             []                   []     |
+     keytouch           |                                           []     |
+     keytouch-editor    |                                           []     |
+     keytouch-keyboa... |                                           []     |
+     latrine            |                                                  |
+     ld                 |                                           []     |
+     leafpad            |       [] []             []    []          []  [] |
+     libc               |       []                []    []          []     |
+     libexif            |       []                      []                 |
+     libextractor       |                      []                   []     |
+     libgpewidget       |       [] []  []      []       [] []    [] []     |
+     libgpg-error       |       []             []                   []     |
+     libgphoto2         |       []                                         |
+     libgphoto2_port    |       []                []                []     |
+     libgsasl           |       []             []                [] []     |
+     libiconv           |                                  []    [] []     |
+     libidn             |       []                               [] ()     |
+     lifelines          |       []                                  []     |
+     lilypond           |                                                  |
+     lingoteach         |              []                                  |
+     lprng              |       []                                         |
+     lynx               |              []         []                []     |
+     m4                 |       []     []      [] []                []     |
+     mailfromd          |       []                                         |
+     mailutils          |       []                []                []     |
+     make               |       []     []         []                []     |
+     man-db             |       []             [] []                []     |
+     minicom            |       []     []      [] []                []     |
+     nano               |              []      [] []                []     |
+     opcodes            |                      []                   []     |
+     parted             |       []                                         |
+     pilot-qof          |                                                  |
+     popt               |       [] []             []                []     |
+     psmisc             |       []                                  []     |
+     pwdutils           |       []                                  []     |
+     qof                |              []                           []     |
+     radius             |       []                []                       |
+     recode             |       [] []  []      [] []       []       []     |
+     rpm                |       [] []             []                []     |
+     screem             |                                                  |
+     scrollkeeper       |       []             [] []    []    [] [] []     |
+     sed                |       [] []  []      [] []    [] []    [] []     |
+     shared-mime-info   |       [] []  []                     [] [] []     |
+     sharutils          |       []                []             [] []     |
+     shishi             |       []                                         |
+     skencil            |          []  []                           []     |
+     solfege            |              []                                  |
+     soundtracker       |                               []          []     |
+     sp                 |                                                  |
+     system-tools-ba... |    [] [] []  []      []             [] [] []  [] |
+     tar                |       []                []       []       []     |
+     texinfo            |       []             [] []                []     |
+     tin                |                         ()                       |
+     tuxpaint           |       [] []                      [] [] [] []     |
+     unicode-han-tra... |                                                  |
+     unicode-transla... |                                                  |
+     util-linux         |              []         []       []       []     |
+     util-linux-ng      |              []         []       []       []     |
+     vorbis-tools       |                         []                       |
+     wastesedge         |                                                  |
+     wdiff              |       []     []      [] []    [] []       []     |
+     wget               |          []             []    []          []     |
+     xchat              |    []                   []    [] [] [] [] []     |
+     xkeyboard-config   |                               [] []       []     |
+     xpad               |                               [] []       []     |
+                        +--------------------------------------------------+
+                          or pa pl pt pt_BR rm ro ru rw sk sl sq sr sv  ta
+                           0  5 77 31  53    4 58 72  3 45 46  9 45 122  3
+
+                          tg th tk tr uk ven vi  wa xh zh_CN zh_HK zh_TW zu
+                        +---------------------------------------------------+
+     Compendium         |          []        []         []          []      | 19
+     a2ps               |          [] []     []                             | 19
+     aegis              |                    []                             |  1
+     ant-phone          |          []        []                             |  6
+     anubis             |          [] []     []                             | 11
+     ap-utils           |             ()     []                             |  4
+     aspell             |             []     []  []                         | 16
+     bash               |          []                                       |  6
+     bfd                |                                                   |  2
+     bibshelf           |                    []                             |  7
+     binutils           |          [] []     []                     []      |  9
+     bison              |          [] []     []                     []      | 20
+     bison-runtime      |             []     []         []          []      | 18
+     bluez-pin          |          [] []     []  []     []          []      | 28
+     cflow              |             []     []                             |  5
+     clisp              |                                                   |  9
+     console-tools      |          []        []                             |  5
+     coreutils          |          [] []     []                             | 18
+     cpio               |          [] []     []         []                  | 11
+     cpplib             |          [] []     []         []          []      | 12
+     cryptonit          |                    []                             |  6
+     dialog             |                    []  []     []                  |  9
+     diffutils          |          [] []     []         []          []      | 29
+     doodle             |                    []                             |  6
+     e2fsprogs          |          []        []                             | 10
+     enscript           |          [] []     []                             | 16
+     fetchmail          |          []        []                             | 12
+     findutils          |          [] []     []                             | 11
+     findutils_stable   |          [] []     []                     []      | 18
+     flex               |          []        []                             | 15
+     fslint             |                    []                             |  2
+     gas                |          []                                       |  3
+     gawk               |          []        []         []                  | 16
+     gcal               |          []                                       |  5
+     gcc                |          []                   []          []      |  7
+     gettext-examples   |          [] []     []         []    []    []      | 29
+     gettext-runtime    |          [] []     []         []    []    []      | 28
+     gettext-tools      |          [] []     []         []          []      | 20
+     gip                |                    []                     []      | 13
+     gliv               |          []        []                             | 11
+     glunarclock        |                    []  []                 []      | 15
+     gmult              |          []        []         []          []      | 16
+     gnubiff            |                    []                             |  2
+     gnucash            |          () []                                    |  5
+     gnuedu             |                    []                             |  2
+     gnulib             |                    []                             | 10
+     gnunet             |                                                   |  0
+     gnunet-gtk         |          []        []                             |  3
+     gnutls             |                                                   |  4
+     gpe-aerial         |                    []         []                  | 14
+     gpe-beam           |                    []         []                  | 14
+     gpe-calendar       |                    []  []                         |  7
+     gpe-clock          |          []        []  []     []                  | 21
+     gpe-conf           |                    []  []     []                  | 16
+     gpe-contacts       |                    []         []                  | 10
+     gpe-edit           |          []        []  []     []          []      | 22
+     gpe-filemanager    |                    []  []                         |  7
+     gpe-go             |          []        []  []     []                  | 19
+     gpe-login          |          []        []  []     []          []      | 21
+     gpe-ownerinfo      |          []        []         []          []      | 21
+     gpe-package        |                    []                             |  6
+     gpe-sketchbook     |          []        []                             | 16
+     gpe-su             |          []        []  []     []                  | 21
+     gpe-taskmanager    |          []        []  []     []                  | 21
+     gpe-timesheet      |          []        []         []          []      | 18
+     gpe-today          |          []        []  []     []          []      | 21
+     gpe-todo           |                    []  []                         |  8
+     gphoto2            |             []     []         []          []      | 21
+     gprof              |          []        []                             | 13
+     gpsdrive           |                    []                             |  5
+     gramadoir          |                    []                             |  7
+     grep               |                    []                             | 12
+     gretl              |                                                   |  6
+     gsasl              |                    []         []          []      |  9
+     gss                |                    []                             |  7
+     gst-plugins-bad    |             []     []         []                  | 13
+     gst-plugins-base   |             []     []                             | 11
+     gst-plugins-good   |             []     []         []    []    []      | 16
+     gst-plugins-ugly   |             []     []         []                  | 13
+     gstreamer          |          [] []     []                             | 18
+     gtick              |             []     []                             |  7
+     gtkam              |                    []                             | 16
+     gtkorphan          |                    []                             |  7
+     gtkspell           |             []     []  []     []    []    []      | 27
+     gutenprint         |                                                   |  4
+     hello              |          [] []     []         []          []      | 38
+     herrie             |          []        []                             |  8
+     hylafax            |                                                   |  0
+     idutils            |          []        []                             | 15
+     indent             |          [] []     []         []          []      | 28
+     iso_15924          |                    []         []                  |  4
+     iso_3166           |    [] [] [] []     []  []     []    []    []      | 54
+     iso_3166_2         |                    []         []                  |  4
+     iso_4217           |    []    []        []         []    []            | 24
+     iso_639            |             []     []  []     []    []            | 26
+     jpilot             |          [] []     []         []                  |  7
+     jtag               |                    []                             |  3
+     jwhois             |          []        []                     []      | 13
+     kbd                |          [] []     []                             | 13
+     keytouch           |                    []                             |  8
+     keytouch-editor    |                    []                             |  5
+     keytouch-keyboa... |                    []                             |  5
+     latrine            |          []        []                             |  5
+     ld                 |          []        []         []          []      | 10
+     leafpad            |          [] []     []         []          []      | 24
+     libc               |          []                   []          []      | 19
+     libexif            |                    []                             |  5
+     libextractor       |                    []                             |  5
+     libgpewidget       |                    []  []     []                  | 20
+     libgpg-error       |                    []                             |  6
+     libgphoto2         |             []     []                             |  9
+     libgphoto2_port    |             []     []                     []      | 11
+     libgsasl           |                    []                             |  8
+     libiconv           |                    []  []                         | 11
+     libidn             |                    []         []                  | 11
+     lifelines          |                                                   |  4
+     lilypond           |                    []                             |  6
+     lingoteach         |                    []                             |  6
+     lprng              |                    []                             |  2
+     lynx               |          [] []     []                             | 15
+     m4                 |                    []         []          []      | 18
+     mailfromd          |             []     []                             |  3
+     mailutils          |             []     []                             |  8
+     make               |          []        []         []                  | 20
+     man-db             |                    []                             |  9
+     minicom            |                    []                             | 14
+     nano               |                    []         []          []      | 20
+     opcodes            |          []        []                             | 10
+     parted             |          [] []                            []      | 11
+     pilot-qof          |                    []                             |  1
+     popt               |          []        []         []          []      | 18
+     psmisc             |                    []         []                  | 10
+     pwdutils           |                    []                             |  3
+     qof                |                    []                             |  4
+     radius             |             []     []                             |  7
+     recode             |          []        []         []                  | 25
+     rpm                |          [] []     []                     []      | 13
+     screem             |                    []                             |  2
+     scrollkeeper       |          [] []     []                     []      | 26
+     sed                |          []        []         []          []      | 23
+     shared-mime-info   |             []     []         []                  | 29
+     sharutils          |          []        []                     []      | 23
+     shishi             |                    []                             |  3
+     skencil            |                    []                             |  7
+     solfege            |                    []                             |  3
+     soundtracker       |          []        []                             |  9
+     sp                 |          []                                       |  3
+     system-tools-ba... |    []    [] []     []     []  []          []      | 38
+     tar                |          [] []     []                             | 17
+     texinfo            |          []        []         []                  | 15
+     tin                |                                                   |  1
+     tuxpaint           |                    []  []                 []      | 19
+     unicode-han-tra... |                                                   |  0
+     unicode-transla... |                                                   |  2
+     util-linux         |          [] []     []                             | 20
+     util-linux-ng      |          [] []     []                             | 20
+     vorbis-tools       |             []     []                             |  4
+     wastesedge         |                                                   |  1
+     wdiff              |          []        []                             | 23
+     wget               |          []        []                     []      | 20
+     xchat              |             []     []         []          []      | 29
+     xkeyboard-config   |          [] []     []                             | 14
+     xpad               |                    []         []          []      | 15
+                        +---------------------------------------------------+
+       76 teams           tg th tk tr uk ven vi  wa xh zh_CN zh_HK zh_TW zu
+      163 domains          0  3  1 74 51  0  143 21  1  57     7    45    0  2036
+
+   Some counters in the preceding matrix are higher than the number of
+visible blocks let us expect.  This is because a few extra PO files are
+used for implementing regional variants of languages, or language
+dialects.
+
+   For a PO file in the matrix above to be effective, the package to
+which it applies should also have been internationalized and
+distributed as such by its maintainer.  There might be an observable
+lag between the mere existence a PO file and its wide availability in a
+distribution.
+
+   If November 2007 seems to be old, you may fetch a more recent copy
+of this `ABOUT-NLS' file on most GNU archive sites.  The most
+up-to-date matrix with full percentage details can be found at
+`http://translationproject.org/extra/matrix.html'.
+
+1.6 Using `gettext' in new packages
+===================================
+
+If you are writing a freely available program and want to
+internationalize it you are welcome to use GNU `gettext' in your
+package.  Of course you have to respect the GNU Library General Public
+License which covers the use of the GNU `gettext' library.  This means
+in particular that even non-free programs can use `libintl' as a shared
+library, whereas only free software can use `libintl' as a static
+library or use modified versions of `libintl'.
+
+   Once the sources are changed appropriately and the setup can handle
+the use of `gettext' the only thing missing are the translations.  The
+Free Translation Project is also available for packages which are not
+developed inside the GNU project.  Therefore the information given above
+applies also for every other Free Software Project.  Contact
+`coordinator@translationproject.org' to make the `.pot' files available
+to the translation teams.
+
diff --git a/BUGS b/BUGS
new file mode 100644 (file)
index 0000000..dfca555
--- /dev/null
+++ b/BUGS
@@ -0,0 +1,7 @@
+                                                                -*- outline -*-
+
+* SCDaemon
+  
+  It seems there are still some problems in respect to
+  SCDaemon. Sometimes SCDaemon is confused and must be killed. Needs
+  to be fixed.
index 6302718..ab70372 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,126 @@
+2008-08-08  Moritz  <moritz@gnu.org>
+
+       * configure.ac: Bump version number up to 0.4.
+
+       * EXPERIMENTAL: New file.
+       * Makefile.am (EXTRA_DIST): Updated.
+
+       * BUGS: Updated, mentioend scdaemon problems.
+
+2008-08-07  Moritz  <moritz@gnu.org>
+
+       * TODO: Updated.
+
+2008-08-04  Moritz  <moritz@gnu.org>
+
+       * Makefile.am (SUBDIRS): Added po.
+
+2008-08-04  Moritz  <moritz@gnu.org>
+
+       * configure.ac: Removed checks for libusb (we use scdaemon!).
+
+2008-08-03  Moritz  <moritz@gnu.org>
+
+       * config.h.in: Added ENABLE_NLS symbol.
+
+2008-08-03  gettextize  <bug-gnu-gettext@gnu.org>
+
+       * Makefile.am (EXTRA_DIST): Add config.rpath.
+       * configure.ac (AC_CONFIG_FILES): Add po/Makefile.in.
+
+2008-07-20  Moritz  <moritz@gnu.org>
+
+       * configure.ac: Removed AC_DEFINE for jnlib
+       (AC_OUTPUT): removed src/jnlib/Makefile, src/pam-test/Makefile;
+       added tests/Makefile.
+
+2008-05-24  Moritz  <moritz@gnu.org>
+
+       Some build fixes related to Assuan (mostly correctings include paths in Makefile.am's).
+
+2008-05-03  Moritz  <moritz@gnu.org>
+
+       * configure.ac: Added tests for included libassuan.  Removed code
+       for installed libassuan.
+
+2008-04-05  Moritz  <moritz@gnu.org>
+
+       * configure.ac: Renamed auth method simpledb to localdb.  Removed
+       auth method test.  Adjust AC_CONFIG_FILES to new source tree
+       layout.
+
+2007-12-13  Moritz Schulte  <moritz@g10code.com>
+
+       * configure.ac (AC_CONFIG_FILES): New: src/test/Makefile.
+
+2007-11-11  Moritz  <moritz@g10code.com>
+
+       * configure.ac: Add hardwired dirmngr path to AH_BOTTOM call.
+
+2007-11-04  Moritz  <moritz@g10code.com>
+
+       * configure.ac: AC_DEFINE ENABLE_AUTH_METHOD_SIMPLEDB if simpledb
+       authentication is enabled.  Same for the new "test" authentication
+       method.
+
+2007-11-03  Moritz Schulte  <moritz@g10code.com>
+
+       * configure.ac: AC_DEFINE ENABLE_AUTH_METHOD_X509 if x509
+       authentication is enabled.
+
+2007-10-28  Moritz  <moritz@g10code.com>
+
+       * Makefile.am (ACLOCAL_AMFLAGS): New.
+       (SUBDIRS): Added: m4.
+
+       * configure.ac (AC_CONFIG_FILES): Added src/dirmngr/Makefile.
+
+2007-10-28  Moritz  <moritz@g10code.com>
+
+       * configure.ac: Integrated KSBA support; call AM_PATH_KSBA.  Use
+       POLDI_ENABLE_FEATURE macro for --enable-x509-auth and
+       --enable-simpledb-auth arguments.  AC_DEFINE_UNQUOTED the symbols
+       NEED_LIBGCRYPT_VERSION and NEED_KSBA_VERSION.  Define
+       AM_CONDITIONAL for symbols AUTH_METHOD_X509 and
+       AUTH_METHOD_SIMPLEDB.  Print final status message.
+
+       * acinclude.m4: Added quoting; removed gpg-error and libgcrypt
+       related macros; new macro: POLDI_ENABLE_FEATURE.
+
+2007-10-27  Moritz  <moritz@g10code.com>
+
+       * configure.ac (AC_CONFIG_FILES): Removed reference to
+       scd-support.
+
+2007-08-17  Moritz Schulte  <moritz@g10code.com>
+
+       * configure.ac (AC_CHECK_FUNCS): Added nanosleep.
+
+2007-06-30  Moritz Schulte  <moritz@g10code.com>
+
+       * configure.ac (AC_CONFIG_FILES): Added am/Makefile.
+       * autogen,sh: New file.
+       * Makefile.am (SUBDIRS): Added "am".
+       * am: New directory.
+
+2007-06-29  Moritz  <moritz@g10code.com>
+
+       * BUGS: New file.
+       * NEWS: Updated.
+
+       * m4: New directory.
+       * m4/libassuan.m4: New file.
+       * configure.ac: Require libassuan.
+       (AH_BOTTOM): Cleared, define GNUPG_DEFAULT_SCD.
+       Use AM_PROG_CC_C_O.
+       (AC_CONFIG_FILES): Added: m4/Makefile, src/scd-support/Makefile,
+       src/scd/Makefile; removed: src/libscd/Makefile.
+
+2007-03-03  Moritz Schulte  <moritz@g10code.com>
+
+       * configure.ac: Integrate assuan; it's a new dependency from now
+       on.
+
 2005-12-12  Moritz Schulte  <moritz@g10code.com>
 
        * configure.ac: Bumped version number up to 0.4-cvs.
diff --git a/EXPERIMENTAL b/EXPERIMENTAL
new file mode 100644 (file)
index 0000000..481cec0
--- /dev/null
@@ -0,0 +1 @@
+Poldi is still marked as experimental.
diff --git a/INSTALL b/INSTALL
index 095b1eb..d3c5b40 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -1,8 +1,8 @@
 Installation Instructions
 *************************
 
-Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004 Free
-Software Foundation, Inc.
+Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
+2006, 2007 Free Software Foundation, Inc.
 
 This file is free documentation; the Free Software Foundation gives
 unlimited permission to copy, distribute and modify it.
@@ -10,7 +10,10 @@ unlimited permission to copy, distribute and modify it.
 Basic Installation
 ==================
 
-These are generic installation instructions.
+Briefly, the shell commands `./configure; make; make install' should
+configure, build, and install this package.  The following
+more-detailed instructions are generic; see the `README' file for
+instructions specific to this package.
 
    The `configure' shell script attempts to guess correct values for
 various system-dependent variables used during compilation.  It uses
@@ -23,9 +26,9 @@ debugging `configure').
 
    It can also use an optional file (typically called `config.cache'
 and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring.  (Caching is
+the results of its tests to speed up reconfiguring.  Caching is
 disabled by default to prevent problems with accidental use of stale
-cache files.)
+cache files.
 
    If you need to do unusual things to compile the package, please try
 to figure out how `configure' could check whether to do them, and mail
@@ -35,20 +38,17 @@ some point `config.cache' contains results you don't want to keep, you
 may remove or edit it.
 
    The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'.  You only need
-`configure.ac' if you want to change it or regenerate `configure' using
-a newer version of `autoconf'.
+`configure' by a program called `autoconf'.  You need `configure.ac' if
+you want to change it or regenerate `configure' using a newer version
+of `autoconf'.
 
 The simplest way to compile this package is:
 
   1. `cd' to the directory containing the package's source code and type
-     `./configure' to configure the package for your system.  If you're
-     using `csh' on an old version of System V, you might need to type
-     `sh ./configure' instead to prevent `csh' from trying to execute
-     `configure' itself.
+     `./configure' to configure the package for your system.
 
-     Running `configure' takes awhile.  While running, it prints some
-     messages telling which features it is checking for.
+     Running `configure' might take a while.  While running, it prints
+     some messages telling which features it is checking for.
 
   2. Type `make' to compile the package.
 
@@ -67,6 +67,9 @@ The simplest way to compile this package is:
      all sorts of other programs in order to regenerate files that came
      with the distribution.
 
+  6. Often, you can also type `make uninstall' to remove the installed
+     files again.
+
 Compilers and Options
 =====================
 
@@ -78,7 +81,7 @@ details on some of the pertinent environment variables.
 by setting variables in the command line or in the environment.  Here
 is an example:
 
-     ./configure CC=c89 CFLAGS=-O2 LIBS=-lposix
+     ./configure CC=c99 CFLAGS=-g LIBS=-lposix
 
    *Note Defining Variables::, for more details.
 
@@ -87,31 +90,29 @@ Compiling For Multiple Architectures
 
 You can compile the package for more than one kind of computer at the
 same time, by placing the object files for each architecture in their
-own directory.  To do this, you must use a version of `make' that
-supports the `VPATH' variable, such as GNU `make'.  `cd' to the
+own directory.  To do this, you can use GNU `make'.  `cd' to the
 directory where you want the object files and executables to go and run
 the `configure' script.  `configure' automatically checks for the
 source code in the directory that `configure' is in and in `..'.
 
-   If you have to use a `make' that does not support the `VPATH'
-variable, you have to compile the package for one architecture at a
-time in the source code directory.  After you have installed the
-package for one architecture, use `make distclean' before reconfiguring
-for another architecture.
+   With a non-GNU `make', it is safer to compile the package for one
+architecture at a time in the source code directory.  After you have
+installed the package for one architecture, use `make distclean' before
+reconfiguring for another architecture.
 
 Installation Names
 ==================
 
-By default, `make install' will install the package's files in
-`/usr/local/bin', `/usr/local/man', etc.  You can specify an
-installation prefix other than `/usr/local' by giving `configure' the
-option `--prefix=PREFIX'.
+By default, `make install' installs the package's commands under
+`/usr/local/bin', include files under `/usr/local/include', etc.  You
+can specify an installation prefix other than `/usr/local' by giving
+`configure' the option `--prefix=PREFIX'.
 
    You can specify separate installation prefixes for
 architecture-specific files and architecture-independent files.  If you
-give `configure' the option `--exec-prefix=PREFIX', the package will
-use PREFIX as the prefix for installing programs and libraries.
-Documentation and other data files will still use the regular prefix.
+pass the option `--exec-prefix=PREFIX' to `configure', the package uses
+PREFIX as the prefix for installing programs and libraries.
+Documentation and other data files still use the regular prefix.
 
    In addition, if you use an unusual directory layout you can give
 options like `--bindir=DIR' to specify different values for particular
@@ -159,7 +160,7 @@ where SYSTEM can have one of these forms:
 need to know the machine type.
 
    If you are _building_ compiler tools for cross-compiling, you should
-use the `--target=TYPE' option to select the type of system they will
+use the option `--target=TYPE' to select the type of system they will
 produce code for.
 
    If you want to _use_ a cross compiler, that generates code for a
@@ -189,9 +190,14 @@ them in the `configure' command line, using `VAR=value'.  For example:
 
      ./configure CC=/usr/local2/bin/gcc
 
-will cause the specified gcc to be used as the C compiler (unless it is
+causes the specified `gcc' to be used as the C compiler (unless it is
 overridden in the site shell script).
 
+Unfortunately, this technique does not work for `CONFIG_SHELL' due to
+an Autoconf bug.  Until the bug is fixed you can use this workaround:
+
+     CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
+
 `configure' Invocation
 ======================
 
diff --git a/MIGRATION b/MIGRATION
new file mode 100644 (file)
index 0000000..8157bb9
--- /dev/null
+++ b/MIGRATION
@@ -0,0 +1,28 @@
+Migration from Poldi 0.3
+========================
+
+Several things have changed with the release of Poldi 0.4.  This
+document explains how to upgrade smoothly from Poldi 0.3 to Poldi 0.4.
+
+* Authentication Methods
+
+  Poldi 0.3 only supported one mechanism to authenticate a user: a
+  challenge-response protocol in combination with a smartcard<-->user
+  mapping stored in a plain text file. Now, Poldi supports two
+  so-called "authentication methods" with the Poldi 0.3 way of
+  authenticating being one such method, which is named "localdb".
+
+  The other supported authentication method named "x509" implements
+  authentication against a X509 PKI with the help of Dirmngr.
+
+  There is no default authentication method, thus if you want to use
+  the new Poldi just like Poldi 0.3, you need to specify "auth-method
+  localdb" in the configuration file poldi.conf.
+
+* Configuration
+
+  With Poldi 0.3 it was possible to "register" smartcards and control
+  the mapping between users and smartcards with the poldi-ctrl
+  utility. As of Poldi 0.4 poldi-ctrl has been stripped in this
+  respect; it does not contain this functionality anymore. Instead the
+  system administrator has to edit the appropriate files manually.
index 4ba38b3..7a1ec92 100644 (file)
@@ -1,4 +1,4 @@
-# Copyright (C) 2004, 2005 g10 Code GmbH
+# Copyright (C) 2004, 2005, 2007, 2008 g10 Code GmbH
 #
 # This file is part of Poldi.
 #
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
 # 02111-1307, USA
 
-SUBDIRS = src doc conf
+ACLOCAL_AMFLAGS = -I m4
+
+SUBDIRS = src doc conf am m4 tests tools po
 
 install-conf-skeleton:
        $(MAKE) -C conf install-conf-skeleton
+
+EXTRA_DIST = config.rpath MIGRATION EXPERIMENTAL
diff --git a/NEWS b/NEWS
index 821efe1..922ee0f 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,29 @@
                                                                 -*- outline -*-
 
+Changes since version 0.3:
+
+* Many parts have been rewritten and/or reorganized
+
+* GPLv3+
+  Changed License to GPL v3 or later.
+
+* SCdaemon support
+  Poldi uses the scdaemon from now on instead of talking to the
+  smartcard directly.
+
+* Authentication methods
+  Implemented abstraction layer for "authentication methods".  The
+  previous authentication process is now encapsulated in an
+  authentication method named "localdb".
+
+* X509
+  Added another authentication method named "x509", which interacts
+  with Dirmngr in order to provide authentication through a X509 PKI.
+
+* i18n
+  Added support for internationalization.
+  Added german translation.
+
 Changes since version 0.2:
 
 * Smartcard to account mapping:
diff --git a/TODO b/TODO
new file mode 100644 (file)
index 0000000..c62faea
--- /dev/null
+++ b/TODO
@@ -0,0 +1,33 @@
+Final:
+* allow for Dirmngr to be started on demand (in pipe mode) (NO <- Why?!)
+
+Low priority:
+* figure out what exactly the dependencies on the OpenPGP smartcard are.
+* improve doc
+* work on MIGRATION text
+* fix install-conf-skeleton (does nothing for x509?)
+* better (new?) error codes
+* verify we don't need pam_sm_setcred; i still don't get what this
+  call is needed for - most PAM modules in Linux-PAM implement it as a
+  dummy.
+* poldi shouldn't contain any global state (explain why), reference
+  needed: as far as i understand it, PAM modules should be rather
+  reentrant; at least thread safe.  so that applications do can call
+  pam_authenticate without danger.
+* conf skeleton for x509 method?
+* do we want to respect conv_tell error codes or should it be void?
+* give user a chance to enter PIN twice?
+* check if information on Applications in the manual are still uptodate.
+* figure what needs to be done for enabling LTSP logins through Poldi (interesting!)
+* allow user to override scdaemon to use through environment variables
+  or something (probably required for ltsp).
+* what does "6 characters minimum" mean in openpgp-card.pdf? is it "bytes" or really "utf8 characters"?
+* shall we really forbid to use non-digit characters in PIN?
+* system wide scdaemon?
+* disallow login in case of key expiration
+* diplay expiration info before key is expired
+* portability to non- GNU/Linux systems that support PAM
+* workaround for older cards regarding public key retrival?
+
+High priority:
+* general audit
index f9ab1d9..a91d990 100644 (file)
@@ -21,7 +21,7 @@ dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
 dnl GNUPG_CHECK_TYPEDEF(TYPE, HAVE_NAME)
 dnl Check whether a typedef exists and create a #define $2 if it exists
 dnl
-AC_DEFUN(GNUPG_CHECK_TYPEDEF,
+AC_DEFUN([GNUPG_CHECK_TYPEDEF],
   [ AC_MSG_CHECKING(for $1 typedef)
     AC_CACHE_VAL(gnupg_cv_typedef_$1,
     [AC_TRY_COMPILE([#define _GNU_SOURCE 1
@@ -93,170 +93,29 @@ define(GNUPG_CHECK_ENDIAN,
     fi
   ])
 
-dnl Autoconf macros for libgpg-error
-
-dnl AM_PATH_GPG_ERROR([MINIMUM-VERSION,
-dnl                   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
-dnl Test for libgpg-error and define GPG_ERROR_CFLAGS and GPG_ERROR_LIBS
-dnl
-AC_DEFUN(AM_PATH_GPG_ERROR,
-[ AC_ARG_WITH(gpg-error-prefix,
-            AC_HELP_STRING([--with-gpg-error-prefix=PFX],
-                           [prefix where GPG Error is installed (optional)]),
-     gpg_error_config_prefix="$withval", gpg_error_config_prefix="")
-  if test x$gpg_error_config_prefix != x ; then
-     if test x${GPG_ERROR_CONFIG+set} != xset ; then
-        GPG_ERROR_CONFIG=$gpg_error_config_prefix/bin/gpg-error-config
-     fi
-  fi
-
-  AC_PATH_PROG(GPG_ERROR_CONFIG, gpg-error-config, no)
-  min_gpg_error_version=ifelse([$1], ,0.0,$1)
-  AC_MSG_CHECKING(for GPG Error - version >= $min_gpg_error_version)
-  ok=no
-  if test "$GPG_ERROR_CONFIG" != "no" ; then
-    req_major=`echo $min_gpg_error_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
-    req_minor=`echo $min_gpg_error_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
-    gpg_error_config_version=`$GPG_ERROR_CONFIG $gpg_error_config_args --version`
-    if test "$gpg_error_config_version"; then
-      major=`echo $gpg_error_config_version | \
-                 sed 's/\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
-      minor=`echo $gpg_error_config_version | \
-                 sed 's/\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
-      if test "$major" -gt "$req_major"; then
-          ok=yes
-      else 
-          if test "$major" -eq "$req_major"; then
-              if test "$minor" -ge "$req_minor"; then
-                 ok=yes
-              fi
-          fi
-      fi
-    fi
-  fi
-  if test $ok = yes; then
-    GPG_ERROR_CFLAGS=`$GPG_ERROR_CONFIG $gpg_error_config_args --cflags`
-    GPG_ERROR_LIBS=`$GPG_ERROR_CONFIG $gpg_error_config_args --libs`
-    AC_MSG_RESULT(yes)
-    ifelse([$2], , :, [$2])
-  else
-    GPG_ERROR_CFLAGS=""
-    GPG_ERROR_LIBS=""
-    AC_MSG_RESULT(no)
-    ifelse([$3], , :, [$3])
-  fi
-  AC_SUBST(GPG_ERROR_CFLAGS)
-  AC_SUBST(GPG_ERROR_LIBS)
-])
-
-
-dnl Autoconf macros for libgcrypt
-dnl       Copyright (C) 2002, 2004 Free Software Foundation, Inc.
-dnl
-dnl This file is free software; as a special exception the author gives
-dnl unlimited permission to copy and/or distribute it, with or without
-dnl modifications, as long as this notice is preserved.
-dnl
-dnl This file is distributed in the hope that it will be useful, but
-dnl WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
-dnl implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
-
-
-dnl AM_PATH_LIBGCRYPT([MINIMUM-VERSION,
-dnl                   [ACTION-IF-FOUND [, ACTION-IF-NOT-FOUND ]]])
-dnl Test for libgcrypt and define LIBGCRYPT_CFLAGS and LIBGCRYPT_LIBS.
-dnl MINIMUN-VERSION is a string with the version number optionalliy prefixed
-dnl with the API version to also check the API compatibility. Example:
-dnl a MINIMUN-VERSION of 1:1.2.5 won't pass the test unless the installed 
-dnl version of libgcrypt is at least 1.2.5 *and* the API number is 1.  Using
-dnl this features allows to prevent build against newer versions of libgcrypt
-dnl with a changed API.
-dnl
-AC_DEFUN(AM_PATH_LIBGCRYPT,
-[ AC_ARG_WITH(libgcrypt-prefix,
-            AC_HELP_STRING([--with-libgcrypt-prefix=PFX],
-                           [prefix where LIBGCRYPT is installed (optional)]),
-     libgcrypt_config_prefix="$withval", libgcrypt_config_prefix="")
-  if test x$libgcrypt_config_prefix != x ; then
-     if test x${LIBGCRYPT_CONFIG+set} != xset ; then
-        LIBGCRYPT_CONFIG=$libgcrypt_config_prefix/bin/libgcrypt-config
-     fi
-  fi
-
-  AC_PATH_PROG(LIBGCRYPT_CONFIG, libgcrypt-config, no)
-  tmp=ifelse([$1], ,1:1.2.0,$1)
-  if echo "$tmp" | grep ':' >/dev/null 2>/dev/null ; then
-     req_libgcrypt_api=`echo "$tmp"     | sed 's/\(.*\):\(.*\)/\1/'`
-     min_libgcrypt_version=`echo "$tmp" | sed 's/\(.*\):\(.*\)/\2/'`
-  else
-     req_libgcrypt_api=0
-     min_libgcrypt_version="$tmp"
-  fi
-
-  AC_MSG_CHECKING(for LIBGCRYPT - version >= $min_libgcrypt_version)
-  ok=no
-  if test "$LIBGCRYPT_CONFIG" != "no" ; then
-    req_major=`echo $min_libgcrypt_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\1/'`
-    req_minor=`echo $min_libgcrypt_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\2/'`
-    req_micro=`echo $min_libgcrypt_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\)/\3/'`
-    libgcrypt_config_version=`$LIBGCRYPT_CONFIG --version`
-    major=`echo $libgcrypt_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\1/'`
-    minor=`echo $libgcrypt_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\2/'`
-    micro=`echo $libgcrypt_config_version | \
-               sed 's/\([[0-9]]*\)\.\([[0-9]]*\)\.\([[0-9]]*\).*/\3/'`
-    if test "$major" -gt "$req_major"; then
-        ok=yes
-    else 
-        if test "$major" -eq "$req_major"; then
-            if test "$minor" -gt "$req_minor"; then
-               ok=yes
-            else
-               if test "$minor" -eq "$req_minor"; then
-                   if test "$micro" -ge "$req_micro"; then
-                     ok=yes
-                   fi
-               fi
-            fi
-        fi
-    fi
-  fi
-  if test $ok = yes; then
-    AC_MSG_RESULT(yes)
-  else
-    AC_MSG_RESULT(no)
-  fi
-  if test $ok = yes; then
-     # If we have a recent libgcrypt, we should also check that the
-     # API is compatible
-     if test "$req_libgcrypt_api" -gt 0 ; then
-        tmp=`$LIBGCRYPT_CONFIG --api-version 2>/dev/null || echo 0`
-        if test "$tmp" -gt 0 ; then
-           AC_MSG_CHECKING([LIBGCRYPT API version])
-           if test "$req_libgcrypt_api" -eq "$tmp" ; then
-             AC_MSG_RESULT(okay)
-           else
-             ok=no
-             AC_MSG_RESULT([does not match (want=$req_libgcrypt_api got=$tmp)])
-           fi
-        fi
-     fi
-  fi
-  if test $ok = yes; then
-    LIBGCRYPT_CFLAGS=`$LIBGCRYPT_CONFIG --cflags`
-    LIBGCRYPT_LIBS=`$LIBGCRYPT_CONFIG --libs`
-    ifelse([$2], , :, [$2])
-  else
-    LIBGCRYPT_CFLAGS=""
-    LIBGCRYPT_LIBS=""
-    ifelse([$3], , :, [$3])
-  fi
-  AC_SUBST(LIBGCRYPT_CFLAGS)
-  AC_SUBST(LIBGCRYPT_LIBS)
-])
+# GNUPG_BUILD_PROGRAM(NAME,DEFAULT)
+# Add a --enable-NAME option to configure an set the
+# shell variable build_NAME either to "yes" or "no".  DEFAULT must
+# either be "yes" or "no" and decided on the default value for
+# build_NAME and whether --enable-NAME or --disable-NAME is shown with 
+# ./configure --help
+AC_DEFUN([POLDI_ENABLE_FEATURE],
+  [$1=$2
+   m4_if([$2],[yes],[
+      AC_ARG_ENABLE([$3], AC_HELP_STRING([--disable-$3],
+                                         [disable $4]),
+                           $1=$enableval, $1=$2)
+    ],[
+      AC_ARG_ENABLE([$3], AC_HELP_STRING([--enable-$3],
+                                         [enable $4]),
+                           $1=$enableval, $1=$2)
+    ])
+   case "$$1" in
+         no|yes)
+           ;;
+         *)
+          echo "$1"
+           AC_MSG_ERROR([argument for --enable-$3 must be either yes or no])
+           ;;
+   esac
+  ])
diff --git a/am/ChangeLog b/am/ChangeLog
new file mode 100644 (file)
index 0000000..bc61093
--- /dev/null
@@ -0,0 +1,7 @@
+2008-08-03  Moritz  <moritz@gnu.org>
+
+       * cmacros.am: Added LOCALEDIR defintion.
+
+2007-06-30  Moritz  <moritz@g10code.com>
+
+       * Makefile.am, cmacros.am: New files.
diff --git a/am/Makefile.am b/am/Makefile.am
new file mode 100644 (file)
index 0000000..d0569b2
--- /dev/null
@@ -0,0 +1 @@
+EXTRA_DIST = cmacros.am
diff --git a/am/cmacros.am b/am/cmacros.am
new file mode 100644 (file)
index 0000000..ca24616
--- /dev/null
@@ -0,0 +1,4 @@
+AM_CPPFLAGS += -DGNUPG_BINDIR="\"$(bindir)\""
+datadir = @datadir@
+localedir = $(datadir)/locale
+DEFS = -DLOCALEDIR=\"$(localedir)\" @DEFS@
diff --git a/autogen.sh b/autogen.sh
new file mode 100755 (executable)
index 0000000..5e256d0
--- /dev/null
@@ -0,0 +1,153 @@
+#! /bin/sh
+# Run this to generate all the initial makefiles, etc. 
+#
+# Copyright (C) 2003, 2007 g10 Code GmbH
+#
+# This file is free software; as a special exception the author gives
+# unlimited permission to copy and/or distribute it, with or without
+# modifications, as long as this notice is preserved.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+configure_ac="configure.ac"
+
+cvtver () {
+  awk 'NR==1 {split($NF,A,".");X=1000000*A[1]+1000*A[2]+A[3];print X;exit 0}'
+}
+
+check_version () {
+    if [ `("$1" --version || echo "0") | cvtver` -ge "$2" ]; then
+       return 0
+    fi
+    echo "**Error**: "\`$1\'" not installed or too old." >&2
+    echo '           Version '$3' or newer is required.' >&2
+    [ -n "$4" ] && echo '           Note that this is part of '\`$4\''.' >&2
+    DIE="yes"
+    return 1
+}
+
+DIE=no
+
+
+
+
+# ***** AMD64 cross build script *******
+# Used to cross-compile for AMD64 (for testing)
+if test "$1" = "--build-amd64"; then
+    tmp=`dirname $0`
+    tsdir=`cd "$tmp"; pwd`
+    shift
+    if [ ! -f $tsdir/config.guess ]; then
+        echo "$tsdir/config.guess not found" >&2
+        exit 1
+    fi
+    build=`$tsdir/config.guess`
+
+    [ -z "$amd64root" ] && amd64root="$HOME/amd64root"
+    echo "Using $amd64root as standard install directory" >&2
+    
+    # Locate the cross compiler
+    crossbindir=
+    for host in x86_64-linux-gnu amd64-linux-gnu; do
+        if ${host}-gcc --version >/dev/null 2>&1 ; then
+            crossbindir=/usr/${host}/bin
+            conf_CC="CC=${host}-gcc"
+            break;
+        fi
+    done
+    if [ -z "$crossbindir" ]; then
+        echo "Cross compiler kit not installed" >&2
+        echo "Stop." >&2
+        exit 1
+    fi
+   
+    if [ -f "$tsdir/config.log" ]; then
+        if ! head $tsdir/config.log | grep "$host" >/dev/null; then
+            echo "Please run a 'make distclean' first" >&2
+            exit 1
+        fi
+    fi
+
+    $tsdir/configure --enable-maintainer-mode --prefix=${amd64root}  \
+             --host=${host} --build=${build} \
+             --with-gpg-error-prefix=${amd64root} 
+
+    rc=$?
+    exit $rc
+fi
+# ***** end AMD64 cross build script *******
+
+
+
+
+# Grep the required versions from configure.ac
+autoconf_vers=`sed -n '/^AC_PREREQ(/ { 
+s/^.*(\(.*\))/\1/p
+q
+}' ${configure_ac}`
+autoconf_vers_num=`echo "$autoconf_vers" | cvtver`
+
+automake_vers=`sed -n '/^min_automake_version=/ { 
+s/^.*="\(.*\)"/\1/p
+q
+}' ${configure_ac}`
+automake_vers_num=`echo "$automake_vers" | cvtver`
+
+#gettext_vers=`sed -n '/^AM_GNU_GETTEXT_VERSION(/ { 
+#s/^.*(\(.*\))/\1/p
+#q
+#}' ${configure_ac}`
+#gettext_vers_num=`echo "$gettext_vers" | cvtver`
+
+
+if [ -z "$autoconf_vers" -o -z "$automake_vers" ]
+then
+  echo "**Error**: version information not found in "\`${configure_ac}\'"." >&2
+  exit 1
+fi
+
+# Allow to override the default tool names
+AUTOCONF=${AUTOCONF_PREFIX}${AUTOCONF:-autoconf}${AUTOCONF_SUFFIX}
+AUTOHEADER=${AUTOCONF_PREFIX}${AUTOHEADER:-autoheader}${AUTOCONF_SUFFIX}
+
+AUTOMAKE=${AUTOMAKE_PREFIX}${AUTOMAKE:-automake}${AUTOMAKE_SUFFIX}
+ACLOCAL=${AUTOMAKE_PREFIX}${ACLOCAL:-aclocal}${AUTOMAKE_SUFFIX}
+
+#GETTEXT=${GETTEXT_PREFIX}${GETTEXT:-gettext}${GETTEXT_SUFFIX}
+#MSGMERGE=${GETTEXT_PREFIX}${MSGMERGE:-msgmerge}${GETTEXT_SUFFIX}
+
+DIE=no
+
+
+if check_version $AUTOCONF $autoconf_vers_num $autoconf_vers ; then
+    check_version $AUTOHEADER $autoconf_vers_num $autoconf_vers autoconf
+fi
+if check_version $AUTOMAKE $automake_vers_num $automake_vers; then
+  check_version $ACLOCAL $automake_vers_num $autoconf_vers automake
+fi
+#if check_version $GETTEXT $gettext_vers_num $gettext_vers; then
+#  check_version $MSGMERGE $gettext_vers_num $gettext_vers gettext
+#fi
+
+if test "$DIE" = "yes"; then
+    cat <<EOF
+
+Note that you may use alternative versions of the tools by setting 
+the corresponding environment variables; see README.CVS for details.
+                   
+EOF
+    exit 1
+fi
+
+echo "Running aclocal -I m4 ${ACLOCAL_FLAGS:+$ACLOCAL_FLAGS }..."
+$ACLOCAL -I m4 $ACLOCAL_FLAGS
+echo "Running autoheader..."
+$AUTOHEADER
+echo "Running automake --gnu --add-missing..."
+$AUTOMAKE --gnu --add-missing
+echo "Running autoconf..."
+$AUTOCONF
+
+echo "You may now run \"./configure --enable-maintainer-mode && make\"."
index cf2eb88..3f42f28 100644 (file)
@@ -1,3 +1,19 @@
+2008-08-07  Moritz  <moritz@gnu.org>
+
+       * poldi.conf.skel: New file.
+       * Makefile.am (install-conf-skeleton): Install poldi.conf.skel.
+       * users.skel: Removed example entry.
+
+2008-04-13  Moritz  <moritz@gnu.org>
+
+       * README.keys: Cosmetics.
+
+2008-04-05  Moritz  <moritz@gnu.org>
+
+       * README.keys, users.skel: New files.
+       * Makefile.am (install-conf-skeleton): use "localdb" prefix;
+       install new files.
+
 2005-12-11  Moritz Schulte  <moritz@g10code.com>
 
        * Makefile.am: Touch user database file.
index a638665..1fd3ba4 100644 (file)
@@ -1,4 +1,4 @@
-# Copyright (C) 2005 g10 Code GmbH
+# Copyright (C) 2005, 2008 g10 Code GmbH
 #
 # This file is part of Poldi.
 #
 # 02111-1307, USA
 
 install-conf-skeleton:
-       $(INSTALL) -d $(POLDI_CONF_DIRECTORY)/keys
-       touch $(POLDI_CONF_DIRECTORY)/users
+       $(INSTALL) -d $(POLDI_CONF_DIRECTORY)/localdb/keys
+       install -m 644 -T $(top_srcdir)/conf/README.keys \
+         $(POLDI_CONF_DIRECTORY)/localdb/keys/README
+       if test -e $(POLDI_CONF_DIRECTORY)/localdb/users; then \
+               echo "$(POLDI_CONF_DIRECTORY)/localdb/users exists, doing nothing here"; \
+       else \
+               install -m 644 -T $(top_srcdir)/conf/users.skel \
+                  $(POLDI_CONF_DIRECTORY)/localdb/users; \
+       fi
+       if test -e $(POLDI_CONF_DIRECTORY)/poldi.conf; then \
+               echo "$(POLDI_CONF_DIRECTORY)/poldi.conf exists, doing nothing here"; \
+       else \
+               install -m 644 -T $(top_srcdir)/conf/poldi.conf.skel \
+                  $(POLDI_CONF_DIRECTORY)/poldi.conf; \
+       fi
+
+EXTRA_DIST = poldi.conf.skel users.skel README.keys
diff --git a/conf/README.keys b/conf/README.keys
new file mode 100644 (file)
index 0000000..b63bcc3
--- /dev/null
@@ -0,0 +1,13 @@
+(extracted from the Poldi Manual)
+
+This directory contains the "key database" for Poldis "local database"
+authentication method.  When Poldi needs the key belonging to a given
+smartcard serial number, it looks up a file in this directory whose
+name is exactly the serial number.
+
+Usually only the system administrator is able to modify this directory
+and thus establish the mapping between smartcards and keys.  But it
+might make sense for the administrator to make a file in this
+directory writable for a ordinary user as well, since this would allow
+that user to update his smartcard's key and adjust the mapping himself
+without bothering the admin.
diff --git a/conf/poldi.conf.skel b/conf/poldi.conf.skel
new file mode 100644 (file)
index 0000000..aa08924
--- /dev/null
@@ -0,0 +1,14 @@
+# This is the main configuration file of Poldi.
+
+# Specify authentication method:
+# (supported methods: localdb, x509)
+auth-method localdb
+
+# Specify the log file:
+log-file /home/moritz/logs/poldi.txt
+
+# Enable debugging messages
+debug
+
+# Specify SCDaemon executable
+scdaemon-program /usr/bin/scdaemon
diff --git a/conf/users.skel b/conf/users.skel
new file mode 100644 (file)
index 0000000..7ca3913
--- /dev/null
@@ -0,0 +1,13 @@
+# This is the database used by Poldis "local database" authentication
+# method.  Syntax of this file is:
+# 
+#   This file consists of entries - one entry per line.
+#   Entries are of the form: "<SERIALNO><WHITESPACES><USERNAME>\n"
+#   (without quotation marks and without angle brackets.  Allowed
+#   whitespaces are spaces and tabs.  <SERIALNO> is the serial number
+#   of an OpenPGP smartcard as reported by poldi-ctrl
+#   --print-serialno.  <USERNAME> is a valid username on the system.
+#   Comments are opened with "#" and terminated by a newline.
+#
+# So, a valid entry would look like:
+#   "D2760001240101010001000006550000  moritz"
diff --git a/config.rpath b/config.rpath
new file mode 100755 (executable)
index 0000000..c547c68
--- /dev/null
@@ -0,0 +1,666 @@
+#! /bin/sh
+# Output a system dependent set of variables, describing how to set the
+# run time search path of shared libraries in an executable.
+#
+#   Copyright 1996-2007 Free Software Foundation, Inc.
+#   Taken from GNU libtool, 2001
+#   Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996
+#
+#   This file is free software; the Free Software Foundation gives
+#   unlimited permission to copy and/or distribute it, with or without
+#   modifications, as long as this notice is preserved.
+#
+# The first argument passed to this file is the canonical host specification,
+#    CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or
+#    CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# The environment variables CC, GCC, LDFLAGS, LD, with_gnu_ld
+# should be set by the caller.
+#
+# The set of defined variables is at the end of this script.
+
+# Known limitations:
+# - On IRIX 6.5 with CC="cc", the run time search patch must not be longer
+#   than 256 bytes, otherwise the compiler driver will dump core. The only
+#   known workaround is to choose shorter directory names for the build
+#   directory and/or the installation directory.
+
+# All known linkers require a `.a' archive for static linking (except MSVC,
+# which needs '.lib').
+libext=a
+shrext=.so
+
+host="$1"
+host_cpu=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+host_vendor=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+host_os=`echo "$host" | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+
+# Code taken from libtool.m4's _LT_CC_BASENAME.
+
+for cc_temp in $CC""; do
+  case $cc_temp in
+    compile | *[\\/]compile | ccache | *[\\/]ccache ) ;;
+    distcc | *[\\/]distcc | purify | *[\\/]purify ) ;;
+    \-*) ;;
+    *) break;;
+  esac
+done
+cc_basename=`echo "$cc_temp" | sed -e 's%^.*/%%'`
+
+# Code taken from libtool.m4's AC_LIBTOOL_PROG_COMPILER_PIC.
+
+wl=
+if test "$GCC" = yes; then
+  wl='-Wl,'
+else
+  case "$host_os" in
+    aix*)
+      wl='-Wl,'
+      ;;
+    darwin*)
+      case $cc_basename in
+        xlc*)
+          wl='-Wl,'
+          ;;
+      esac
+      ;;
+    mingw* | cygwin* | pw32* | os2*)
+      ;;
+    hpux9* | hpux10* | hpux11*)
+      wl='-Wl,'
+      ;;
+    irix5* | irix6* | nonstopux*)
+      wl='-Wl,'
+      ;;
+    newsos6)
+      ;;
+    linux* | k*bsd*-gnu)
+      case $cc_basename in
+        icc* | ecc*)
+          wl='-Wl,'
+          ;;
+        pgcc | pgf77 | pgf90)
+          wl='-Wl,'
+          ;;
+        ccc*)
+          wl='-Wl,'
+          ;;
+        como)
+          wl='-lopt='
+          ;;
+        *)
+          case `$CC -V 2>&1 | sed 5q` in
+            *Sun\ C*)
+              wl='-Wl,'
+              ;;
+          esac
+          ;;
+      esac
+      ;;
+    osf3* | osf4* | osf5*)
+      wl='-Wl,'
+      ;;
+    rdos*)
+      ;;
+    solaris*)
+      wl='-Wl,'
+      ;;
+    sunos4*)
+      wl='-Qoption ld '
+      ;;
+    sysv4 | sysv4.2uw2* | sysv4.3*)
+      wl='-Wl,'
+      ;;
+    sysv4*MP*)
+      ;;
+    sysv5* | unixware* | sco3.2v5* | sco5v6* | OpenUNIX*)
+      wl='-Wl,'
+      ;;
+    unicos*)
+      wl='-Wl,'
+      ;;
+    uts4*)
+      ;;
+  esac
+fi
+
+# Code taken from libtool.m4's AC_LIBTOOL_PROG_LD_SHLIBS.
+
+hardcode_libdir_flag_spec=
+hardcode_libdir_separator=
+hardcode_direct=no
+hardcode_minus_L=no
+
+case "$host_os" in
+  cygwin* | mingw* | pw32*)
+    # FIXME: the MSVC++ port hasn't been tested in a loooong time
+    # When not using gcc, we currently assume that we are using
+    # Microsoft Visual C++.
+    if test "$GCC" != yes; then
+      with_gnu_ld=no
+    fi
+    ;;
+  interix*)
+    # we just hope/assume this is gcc and not c89 (= MSVC++)
+    with_gnu_ld=yes
+    ;;
+  openbsd*)
+    with_gnu_ld=no
+    ;;
+esac
+
+ld_shlibs=yes
+if test "$with_gnu_ld" = yes; then
+  # Set some defaults for GNU ld with shared library support. These
+  # are reset later if shared libraries are not supported. Putting them
+  # here allows them to be overridden if necessary.
+  # Unlike libtool, we use -rpath here, not --rpath, since the documented
+  # option of GNU ld is called -rpath, not --rpath.
+  hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+  case "$host_os" in
+    aix3* | aix4* | aix5*)
+      # On AIX/PPC, the GNU linker is very broken
+      if test "$host_cpu" != ia64; then
+        ld_shlibs=no
+      fi
+      ;;
+    amigaos*)
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_minus_L=yes
+      # Samuel A. Falvo II <kc5tja@dolphin.openprojects.net> reports
+      # that the semantics of dynamic libraries on AmigaOS, at least up
+      # to version 4, is to share data among multiple programs linked
+      # with the same dynamic library.  Since this doesn't match the
+      # behavior of shared libraries on other platforms, we cannot use
+      # them.
+      ld_shlibs=no
+      ;;
+    beos*)
+      if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+        :
+      else
+        ld_shlibs=no
+      fi
+      ;;
+    cygwin* | mingw* | pw32*)
+      # hardcode_libdir_flag_spec is actually meaningless, as there is
+      # no search path for DLLs.
+      hardcode_libdir_flag_spec='-L$libdir'
+      if $LD --help 2>&1 | grep 'auto-import' > /dev/null; then
+        :
+      else
+        ld_shlibs=no
+      fi
+      ;;
+    interix[3-9]*)
+      hardcode_direct=no
+      hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+      ;;
+    gnu* | linux* | k*bsd*-gnu)
+      if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+        :
+      else
+        ld_shlibs=no
+      fi
+      ;;
+    netbsd*)
+      ;;
+    solaris*)
+      if $LD -v 2>&1 | grep 'BFD 2\.8' > /dev/null; then
+        ld_shlibs=no
+      elif $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+        :
+      else
+        ld_shlibs=no
+      fi
+      ;;
+    sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX*)
+      case `$LD -v 2>&1` in
+        *\ [01].* | *\ 2.[0-9].* | *\ 2.1[0-5].*)
+          ld_shlibs=no
+          ;;
+        *)
+          if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+            hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-rpath,$libdir`'
+          else
+            ld_shlibs=no
+          fi
+          ;;
+      esac
+      ;;
+    sunos4*)
+      hardcode_direct=yes
+      ;;
+    *)
+      if $LD --help 2>&1 | grep ': supported targets:.* elf' > /dev/null; then
+        :
+      else
+        ld_shlibs=no
+      fi
+      ;;
+  esac
+  if test "$ld_shlibs" = no; then
+    hardcode_libdir_flag_spec=
+  fi
+else
+  case "$host_os" in
+    aix3*)
+      # Note: this linker hardcodes the directories in LIBPATH if there
+      # are no directories specified by -L.
+      hardcode_minus_L=yes
+      if test "$GCC" = yes; then
+        # Neither direct hardcoding nor static linking is supported with a
+        # broken collect2.
+        hardcode_direct=unsupported
+      fi
+      ;;
+    aix4* | aix5*)
+      if test "$host_cpu" = ia64; then
+        # On IA64, the linker does run time linking by default, so we don't
+        # have to do anything special.
+        aix_use_runtimelinking=no
+      else
+        aix_use_runtimelinking=no
+        # Test if we are trying to use run time linking or normal
+        # AIX style linking. If -brtl is somewhere in LDFLAGS, we
+        # need to do runtime linking.
+        case $host_os in aix4.[23]|aix4.[23].*|aix5*)
+          for ld_flag in $LDFLAGS; do
+            if (test $ld_flag = "-brtl" || test $ld_flag = "-Wl,-brtl"); then
+              aix_use_runtimelinking=yes
+              break
+            fi
+          done
+          ;;
+        esac
+      fi
+      hardcode_direct=yes
+      hardcode_libdir_separator=':'
+      if test "$GCC" = yes; then
+        case $host_os in aix4.[012]|aix4.[012].*)
+          collect2name=`${CC} -print-prog-name=collect2`
+          if test -f "$collect2name" && \
+            strings "$collect2name" | grep resolve_lib_name >/dev/null
+          then
+            # We have reworked collect2
+            :
+          else
+            # We have old collect2
+            hardcode_direct=unsupported
+            hardcode_minus_L=yes
+            hardcode_libdir_flag_spec='-L$libdir'
+            hardcode_libdir_separator=
+          fi
+          ;;
+        esac
+      fi
+      # Begin _LT_AC_SYS_LIBPATH_AIX.
+      echo 'int main () { return 0; }' > conftest.c
+      ${CC} ${LDFLAGS} conftest.c -o conftest
+      aix_libpath=`dump -H conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0  *\(.*\)$/\1/; p; }
+}'`
+      if test -z "$aix_libpath"; then
+        aix_libpath=`dump -HX64 conftest 2>/dev/null | sed -n -e '/Import File Strings/,/^$/ { /^0/ { s/^0  *\(.*\)$/\1/; p; }
+}'`
+      fi
+      if test -z "$aix_libpath"; then
+        aix_libpath="/usr/lib:/lib"
+      fi
+      rm -f conftest.c conftest
+      # End _LT_AC_SYS_LIBPATH_AIX.
+      if test "$aix_use_runtimelinking" = yes; then
+        hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+      else
+        if test "$host_cpu" = ia64; then
+          hardcode_libdir_flag_spec='${wl}-R $libdir:/usr/lib:/lib'
+        else
+          hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath"
+        fi
+      fi
+      ;;
+    amigaos*)
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_minus_L=yes
+      # see comment about different semantics on the GNU ld section
+      ld_shlibs=no
+      ;;
+    bsdi[45]*)
+      ;;
+    cygwin* | mingw* | pw32*)
+      # When not using gcc, we currently assume that we are using
+      # Microsoft Visual C++.
+      # hardcode_libdir_flag_spec is actually meaningless, as there is
+      # no search path for DLLs.
+      hardcode_libdir_flag_spec=' '
+      libext=lib
+      ;;
+    darwin* | rhapsody*)
+      hardcode_direct=no
+      if test "$GCC" = yes ; then
+        :
+      else
+        case $cc_basename in
+          xlc*)
+            ;;
+          *)
+            ld_shlibs=no
+            ;;
+        esac
+      fi
+      ;;
+    dgux*)
+      hardcode_libdir_flag_spec='-L$libdir'
+      ;;
+    freebsd1*)
+      ld_shlibs=no
+      ;;
+    freebsd2.2*)
+      hardcode_libdir_flag_spec='-R$libdir'
+      hardcode_direct=yes
+      ;;
+    freebsd2*)
+      hardcode_direct=yes
+      hardcode_minus_L=yes
+      ;;
+    freebsd* | dragonfly*)
+      hardcode_libdir_flag_spec='-R$libdir'
+      hardcode_direct=yes
+      ;;
+    hpux9*)
+      hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+      hardcode_libdir_separator=:
+      hardcode_direct=yes
+      # hardcode_minus_L: Not really in the search PATH,
+      # but as the default location of the library.
+      hardcode_minus_L=yes
+      ;;
+    hpux10*)
+      if test "$with_gnu_ld" = no; then
+        hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+        hardcode_libdir_separator=:
+        hardcode_direct=yes
+        # hardcode_minus_L: Not really in the search PATH,
+        # but as the default location of the library.
+        hardcode_minus_L=yes
+      fi
+      ;;
+    hpux11*)
+      if test "$with_gnu_ld" = no; then
+        hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+        hardcode_libdir_separator=:
+        case $host_cpu in
+          hppa*64*|ia64*)
+            hardcode_direct=no
+            ;;
+          *)
+            hardcode_direct=yes
+            # hardcode_minus_L: Not really in the search PATH,
+            # but as the default location of the library.
+            hardcode_minus_L=yes
+            ;;
+        esac
+      fi
+      ;;
+    irix5* | irix6* | nonstopux*)
+      hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      hardcode_libdir_separator=:
+      ;;
+    netbsd*)
+      hardcode_libdir_flag_spec='-R$libdir'
+      hardcode_direct=yes
+      ;;
+    newsos6)
+      hardcode_direct=yes
+      hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      hardcode_libdir_separator=:
+      ;;
+    openbsd*)
+      if test -f /usr/libexec/ld.so; then
+        hardcode_direct=yes
+        if test -z "`echo __ELF__ | $CC -E - | grep __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then
+          hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+        else
+          case "$host_os" in
+            openbsd[01].* | openbsd2.[0-7] | openbsd2.[0-7].*)
+              hardcode_libdir_flag_spec='-R$libdir'
+              ;;
+            *)
+              hardcode_libdir_flag_spec='${wl}-rpath,$libdir'
+              ;;
+          esac
+        fi
+      else
+        ld_shlibs=no
+      fi
+      ;;
+    os2*)
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_minus_L=yes
+      ;;
+    osf3*)
+      hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      hardcode_libdir_separator=:
+      ;;
+    osf4* | osf5*)
+      if test "$GCC" = yes; then
+        hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+      else
+        # Both cc and cxx compiler support -rpath directly
+        hardcode_libdir_flag_spec='-rpath $libdir'
+      fi
+      hardcode_libdir_separator=:
+      ;;
+    solaris*)
+      hardcode_libdir_flag_spec='-R$libdir'
+      ;;
+    sunos4*)
+      hardcode_libdir_flag_spec='-L$libdir'
+      hardcode_direct=yes
+      hardcode_minus_L=yes
+      ;;
+    sysv4)
+      case $host_vendor in
+        sni)
+          hardcode_direct=yes # is this really true???
+          ;;
+        siemens)
+          hardcode_direct=no
+          ;;
+        motorola)
+          hardcode_direct=no #Motorola manual says yes, but my tests say they lie
+          ;;
+      esac
+      ;;
+    sysv4.3*)
+      ;;
+    sysv4*MP*)
+      if test -d /usr/nec; then
+        ld_shlibs=yes
+      fi
+      ;;
+    sysv4*uw2* | sysv5OpenUNIX* | sysv5UnixWare7.[01].[10]* | unixware7* | sco3.2v5.0.[024]*)
+      ;;
+    sysv5* | sco3.2v5* | sco5v6*)
+      hardcode_libdir_flag_spec='`test -z "$SCOABSPATH" && echo ${wl}-R,$libdir`'
+      hardcode_libdir_separator=':'
+      ;;
+    uts4*)
+      hardcode_libdir_flag_spec='-L$libdir'
+      ;;
+    *)
+      ld_shlibs=no
+      ;;
+  esac
+fi
+
+# Check dynamic linker characteristics
+# Code taken from libtool.m4's AC_LIBTOOL_SYS_DYNAMIC_LINKER.
+# Unlike libtool.m4, here we don't care about _all_ names of the library, but
+# only about the one the linker finds when passed -lNAME. This is the last
+# element of library_names_spec in libtool.m4, or possibly two of them if the
+# linker has special search rules.
+library_names_spec=      # the last element of library_names_spec in libtool.m4
+libname_spec='lib$name'
+case "$host_os" in
+  aix3*)
+    library_names_spec='$libname.a'
+    ;;
+  aix4* | aix5*)
+    library_names_spec='$libname$shrext'
+    ;;
+  amigaos*)
+    library_names_spec='$libname.a'
+    ;;
+  beos*)
+    library_names_spec='$libname$shrext'
+    ;;
+  bsdi[45]*)
+    library_names_spec='$libname$shrext'
+    ;;
+  cygwin* | mingw* | pw32*)
+    shrext=.dll
+    library_names_spec='$libname.dll.a $libname.lib'
+    ;;
+  darwin* | rhapsody*)
+    shrext=.dylib
+    library_names_spec='$libname$shrext'
+    ;;
+  dgux*)
+    library_names_spec='$libname$shrext'
+    ;;
+  freebsd1*)
+    ;;
+  freebsd* | dragonfly*)
+    case "$host_os" in
+      freebsd[123]*)
+        library_names_spec='$libname$shrext$versuffix' ;;
+      *)
+        library_names_spec='$libname$shrext' ;;
+    esac
+    ;;
+  gnu*)
+    library_names_spec='$libname$shrext'
+    ;;
+  hpux9* | hpux10* | hpux11*)
+    case $host_cpu in
+      ia64*)
+        shrext=.so
+        ;;
+      hppa*64*)
+        shrext=.sl
+        ;;
+      *)
+        shrext=.sl
+        ;;
+    esac
+    library_names_spec='$libname$shrext'
+    ;;
+  interix[3-9]*)
+    library_names_spec='$libname$shrext'
+    ;;
+  irix5* | irix6* | nonstopux*)
+    library_names_spec='$libname$shrext'
+    case "$host_os" in
+      irix5* | nonstopux*)
+        libsuff= shlibsuff=
+        ;;
+      *)
+        case $LD in
+          *-32|*"-32 "|*-melf32bsmip|*"-melf32bsmip ") libsuff= shlibsuff= ;;
+          *-n32|*"-n32 "|*-melf32bmipn32|*"-melf32bmipn32 ") libsuff=32 shlibsuff=N32 ;;
+          *-64|*"-64 "|*-melf64bmip|*"-melf64bmip ") libsuff=64 shlibsuff=64 ;;
+          *) libsuff= shlibsuff= ;;
+        esac
+        ;;
+    esac
+    ;;
+  linux*oldld* | linux*aout* | linux*coff*)
+    ;;
+  linux* | k*bsd*-gnu)
+    library_names_spec='$libname$shrext'
+    ;;
+  knetbsd*-gnu)
+    library_names_spec='$libname$shrext'
+    ;;
+  netbsd*)
+    library_names_spec='$libname$shrext'
+    ;;
+  newsos6)
+    library_names_spec='$libname$shrext'
+    ;;
+  nto-qnx*)
+    library_names_spec='$libname$shrext'
+    ;;
+  openbsd*)
+    library_names_spec='$libname$shrext$versuffix'
+    ;;
+  os2*)
+    libname_spec='$name'
+    shrext=.dll
+    library_names_spec='$libname.a'
+    ;;
+  osf3* | osf4* | osf5*)
+    library_names_spec='$libname$shrext'
+    ;;
+  rdos*)
+    ;;
+  solaris*)
+    library_names_spec='$libname$shrext'
+    ;;
+  sunos4*)
+    library_names_spec='$libname$shrext$versuffix'
+    ;;
+  sysv4 | sysv4.3*)
+    library_names_spec='$libname$shrext'
+    ;;
+  sysv4*MP*)
+    library_names_spec='$libname$shrext'
+    ;;
+  sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*)
+    library_names_spec='$libname$shrext'
+    ;;
+  uts4*)
+    library_names_spec='$libname$shrext'
+    ;;
+esac
+
+sed_quote_subst='s/\(["`$\\]\)/\\\1/g'
+escaped_wl=`echo "X$wl" | sed -e 's/^X//' -e "$sed_quote_subst"`
+shlibext=`echo "$shrext" | sed -e 's,^\.,,'`
+escaped_libname_spec=`echo "X$libname_spec" | sed -e 's/^X//' -e "$sed_quote_subst"`
+escaped_library_names_spec=`echo "X$library_names_spec" | sed -e 's/^X//' -e "$sed_quote_subst"`
+escaped_hardcode_libdir_flag_spec=`echo "X$hardcode_libdir_flag_spec" | sed -e 's/^X//' -e "$sed_quote_subst"`
+
+LC_ALL=C sed -e 's/^\([a-zA-Z0-9_]*\)=/acl_cv_\1=/' <<EOF
+
+# How to pass a linker flag through the compiler.
+wl="$escaped_wl"
+
+# Static library suffix (normally "a").
+libext="$libext"
+
+# Shared library suffix (normally "so").
+shlibext="$shlibext"
+
+# Format of library name prefix.
+libname_spec="$escaped_libname_spec"
+
+# Library names that the linker finds when passed -lNAME.
+library_names_spec="$escaped_library_names_spec"
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec="$escaped_hardcode_libdir_flag_spec"
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator="$hardcode_libdir_separator"
+
+# Set to yes if using DIR/libNAME.so during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct="$hardcode_direct"
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L="$hardcode_minus_L"
+
+EOF
index 2063034..660f3d3 100644 (file)
@@ -1,5 +1,5 @@
 # configure.ac - Configure script for Poldi
-# Copyright (C) 2004, 2005 g10 Code GmbH
+# Copyright (C) 2004, 2005, 2007, 2008 g10 Code GmbH
 # 
 # This file is part of Poldi.
 #
@@ -24,13 +24,17 @@ min_automake_version="1.7.9"
 
 # Version number: Remember to change it immediately *after* a release.
 #                 Add a "-cvs" prefix for non-released code.
-AC_INIT(poldi, 0.4-cvs, gnupg-devel@gnupg.org)
+AC_INIT(poldi, 0.4, gnupg-devel@gnupg.org)
 
 PACKAGE=$PACKAGE_NAME
 VERSION=$PACKAGE_VERSION
 
 NEED_LIBGCRYPT_VERSION=0
 NEED_GPG_ERROR_VERSION=0.7
+
+NEED_KSBA_API=1
+NEED_KSBA_VERSION=1.0.2
+
        
 AC_CONFIG_SRCDIR(src/pam/pam_poldi.c)
 AM_CONFIG_HEADER(config.h)
@@ -51,21 +55,32 @@ AC_SUBST(PAM_MODULE_DIRECTORY)
 
 AC_GNU_SOURCE
 
-# Some status variables to give feedback at the end of a configure run
-#have_gpg_error=no
-#have_libgcrypt=no 
+have_gpg_error=no
+have_libgcrypt=no 
+have_ksba=no
 
+POLDI_ENABLE_FEATURE(enable_auth_x509, yes, x509-auth, support for X509 authentication)
+POLDI_ENABLE_FEATURE(enable_auth_localdb, yes, localdb-auth, support for local-db authentication)
 AC_SUBST(PACKAGE)
 AC_SUBST(VERSION)
 AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of this package])
 AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version of this package])
 AC_DEFINE_UNQUOTED(PACKAGE_BUGREPORT, "$PACKAGE_BUGREPORT",
                                         [Bug report address])
+AC_DEFINE_UNQUOTED(NEED_LIBGCRYPT_VERSION, "$NEED_LIBGCRYPT_VERSION",
+                                       [Required version of Libgcrypt])
+AC_DEFINE_UNQUOTED(NEED_KSBA_VERSION, "$NEED_KSBA_VERSION",
+                                       [Required version of Libksba])
+
 
 AH_BOTTOM([
-/* Tell the sources taken from GnuPG's SCD what header file they
-   should use. */
-#define GNUPG_SCD_MAIN_HEADER "scd.h"
+/* Setup the hardwired names of modules. */
+#ifndef GNUPG_DEFAULT_SCD
+#define GNUPG_DEFAULT_SCD    ( GNUPG_BINDIR "/scdaemon" )
+#endif
+#ifndef GNUPG_DEFAULT_DIRMNGR
+#define GNUPG_DEFAULT_DIRMNGR    ( GNUPG_BINDIR "/dirmngr" )
+#endif
 ])
 
 AM_MAINTAINER_MODE
@@ -81,6 +96,7 @@ AM_MISSING_PROG(AUTOHEADER, autoheader, $missing_dir)
 AM_MISSING_PROG(MAKEINFO, makeinfo, $missing_dir)
 AC_PROG_AWK
 AC_PROG_CC
+AM_PROG_CC_C_O
 AC_PROG_CPP
 AC_PROG_RANLIB
 AC_PROG_INSTALL
@@ -91,27 +107,14 @@ AC_SYS_LARGEFILE
 # Checks for libraries.
 #
 
-have_libgcrypt=no
 AM_PATH_LIBGCRYPT("$NEED_LIBGCRYPT_VERSION",
                   have_libgcrypt=yes,have_libgcrypt=no)
-
-have_gpg_error=no
 AM_PATH_GPG_ERROR("$NEED_GPG_ERROR_VERSION",
                   have_gpg_error=yes,have_gpg_error=no)
+AM_PATH_KSBA("$NEED_KSBA_API:$NEED_KSBA_VERSION",have_ksba=yes,have_ksba=no)
 
-
-#
-# libusb allows us to use the integrated CCID smartcard reader driver.
-#
-LIBUSB_LIBS=""
-AC_CHECK_LIB(usb, usb_bulk_write,
-             [ LIBUSB_LIBS="$LIBUSB_LIBS -lusb"
-               AC_DEFINE(HAVE_LIBUSB,1,
-               [defined if libusb is available])
-             ])
-AC_SUBST(LIBUSB_LIBS)
-AC_CHECK_FUNCS(usb_get_busses memicmp stpcpy strlwr strtoul memmove stricmp)
-AC_CHECK_FUNCS(fopencookie funopen)
+AC_CHECK_FUNCS(memicmp stpcpy strlwr strtoul memmove stricmp)
+AC_CHECK_FUNCS(fopencookie funopen nanosleep)
 
 # Checks for header files.
 AC_HEADER_STDC
@@ -164,8 +167,55 @@ if test "$GCC" = yes; then
 fi
 
 # We use jnlib, so tell other modules about it
-AC_DEFINE(HAVE_JNLIB_LOGGING, 1,
-         [Defined if jnlib style logging fucntions are available])
+#AC_DEFINE(HAVE_JNLIB_LOGGING, 1,
+#         [Defined if jnlib style logging fucntions are available])
+# Disabled, since we don't use jnlib anymore.
+
+#
+# Taken from libassuan source package
+#
+
+#AC_DEFINE(HAVE_DOSISH_SYSTEM,0,[We do not run here])
+#AC_UNDEFINE(HAVE_W32_SYSTEM),0, [We do not run here])
+AC_CHECK_HEADERS([string.h locale.h sys/uio.h])
+AC_TYPE_SIGNAL
+#AC_DEFINE(USE_DESCRIPTOR_PASSING, 0, [We do not need this feature])
+AC_REPLACE_FUNCS(setenv)
+# Check for funopen
+AC_CHECK_FUNCS(funopen)
+if test $ac_cv_func_funopen != yes; then
+    # No funopen but we can implement that in terms of fopencookie.
+    AC_CHECK_FUNCS(fopencookie)
+    if test $ac_cv_func_fopencookie = yes; then
+        AC_LIBOBJ([funopen])
+    else
+        AC_MSG_WARN([
+***
+*** No implementation of fopencookie or funopen available.
+*** The assuan_get_data_fp feature won't work.
+***])
+    fi
+fi
+
+# NLS:
+AM_GNU_GETTEXT([external])
+
+#
+# Decide what to build
+#
+
+if test $have_ksba = no; then
+  enable_auth_x509=no
+fi
+AM_CONDITIONAL(AUTH_METHOD_X509, test "$enable_auth_x509" = "yes")
+AM_CONDITIONAL(AUTH_METHOD_LOCALDB, test "$enable_auth_localdb" = "yes")
+
+if test "$enable_auth_x509" = "yes"; then
+   AC_DEFINE(ENABLE_AUTH_METHOD_X509, 1, [Enable X509 authentication method])
+fi
+if test "$enable_auth_localdb" = "yes"; then
+   AC_DEFINE(ENABLE_AUTH_METHOD_LOCALDB, 1, [Enable local-db authentication method])
+fi
 
 #
 # Print errors here so that they are visible all
@@ -192,6 +242,15 @@ if test "$have_libgcrypt" = "no"; then
 *** (at least version $NEED_LIBGCRYPT_VERSION is required.)
 ***]])
 fi
+if test "$have_ksba" = "no"; then
+   AC_MSG_NOTICE([[
+***
+*** libksba not found, building with X.509 authentication support.
+*** libksba can be retrieved from:
+***   URL FIXME
+*** (at least version $NEED_KSBA_VERSION (API $NEED_KSBA_API) is required).
+***]])
+fi
 if test "$die" = "yes"; then
     AC_MSG_ERROR([[
 ***
@@ -201,13 +260,21 @@ if test "$die" = "yes"; then
 fi
 
 AC_CONFIG_FILES([Makefile
-                doc/Makefile
+                po/Makefile.in
+                m4/Makefile
+                am/Makefile
                 src/Makefile
-                src/jnlib/Makefile
-                src/libscd/Makefile
-                src/common/Makefile
-                src/pam/Makefile
+                src/assuan/Makefile
+                src/util/Makefile
+                src/scd/Makefile
                 src/ctrl/Makefile
+                src/pam/Makefile
+                src/pam/auth-support/Makefile
+                src/pam/auth-method-localdb/Makefile
+                src/pam/auth-method-x509/Makefile
+                doc/Makefile
+                tests/Makefile
+                tools/Makefile
                 conf/Makefile])
 AC_OUTPUT
 
@@ -221,3 +288,13 @@ if test "$PAM_MODULE_DIRECTORY" = "$DEFAULT_PAM_MODULE_DIRECTORY"; then
 else
   AC_MSG_NOTICE([PAM module installation directory: $PAM_MODULE_DIRECTORY])
 fi
+
+echo "
+        Poldi v${VERSION} has been configured as follows:
+
+        installation directory for PAM module: $PAM_MODULE_DIRECTORY
+        
+             X509 authentication: $enable_auth_x509
+         local-db authentication: $enable_auth_localdb
+
+"
index d7cfbb2..0134a3a 100644 (file)
@@ -1,3 +1,20 @@
+2008-04-20  Moritz  <moritz@gnu.org>
+
+       * poldi.texi: Several smaller fixes.
+
+2008-04-13  Moritz  <moritz@gnu.org>
+
+       * poldi.texi: Many improvements (primarily in respect to X509
+       auth).
+
+2008-04-05  Moritz  <moritz@gnu.org>
+
+       * poldi.tex: Updated and improved.
+
+2008-01-04  Moritz Schulte  <moritz@gnu.org>
+
+       * poldi.texi: Started with a major reorganization of this manual.
+
 2006-01-09  Moritz Schulte  <moritz@g10code.com>
 
        * poldi.texi: Mention kdm.
index 881782e..83d2700 100755 (executable)
@@ -1,9 +1,10 @@
 #!/bin/sh
 # Get modification time of a file or directory and pretty-print it.
 
-scriptversion=2004-12-08.12
+scriptversion=2007-03-30.02
 
-# Copyright (C) 1995, 1996, 1997, 2003, 2004 Free Software Foundation, Inc.
+# Copyright (C) 1995, 1996, 1997, 2003, 2004, 2005, 2007 Free Software
+# Foundation, Inc.
 # written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, June 1995
 #
 # This program is free software; you can redistribute it and/or modify
@@ -18,7 +19,7 @@ scriptversion=2004-12-08.12
 #
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software Foundation,
-# Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
 
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -42,11 +43,11 @@ Pretty-print the modification time of FILE.
 
 Report bugs to <bug-automake@gnu.org>.
 EOF
-    exit 0
+    exit $?
     ;;
   -v | --v*)
     echo "mdate-sh $scriptversion"
-    exit 0
+    exit $?
     ;;
 esac
 
@@ -58,7 +59,15 @@ export LC_ALL
 LC_TIME=C
 export LC_TIME
 
-save_arg1="$1"
+# GNU ls changes its time format in response to the TIME_STYLE
+# variable.  Since we cannot assume `unset' works, revert this
+# variable to its documented default.
+if test "${TIME_STYLE+set}" = set; then
+  TIME_STYLE=posix-long-iso
+  export TIME_STYLE
+fi
+
+save_arg1=$1
 
 # Find out how to get the extended ls output of a file or directory.
 if ls -L /dev/null 1>/dev/null 2>&1; then
@@ -66,6 +75,10 @@ if ls -L /dev/null 1>/dev/null 2>&1; then
 else
   ls_command='ls -l -d'
 fi
+# Avoid user/group names that might have spaces, when possible.
+if ls -n /dev/null 1>/dev/null 2>&1; then
+  ls_command="$ls_command -n"
+fi
 
 # A `ls -l' line looks as follows on OS/2.
 #  drwxrwx---        0 Aug 11  2001 foo
@@ -80,7 +93,7 @@ fi
 # words should be skipped to get the date.
 
 # On HPUX /bin/sh, "set" interprets "-rw-r--r--" as options, so the "x" below.
-set x`ls -l -d /`
+set x`$ls_command /`
 
 # Find which argument is the month.
 month=
@@ -107,13 +120,32 @@ do
 done
 
 # Get the extended ls output of the file or directory.
-set x`eval "$ls_command \"\$save_arg1\""`
+set dummy x`eval "$ls_command \"\$save_arg1\""`
 
 # Remove all preceding arguments
 eval $command
 
-# Get the month.  Next argument is day, followed by the year or time.
-case $1 in
+# Because of the dummy argument above, month is in $2.
+#
+# On a POSIX system, we should have
+#
+# $# = 5
+# $1 = file size
+# $2 = month
+# $3 = day
+# $4 = year or time
+# $5 = filename
+#
+# On Darwin 7.7.0 and 7.6.0, we have
+#
+# $# = 4
+# $1 = day
+# $2 = month
+# $3 = year or time
+# $4 = filename
+
+# Get the month.
+case $2 in
   Jan) month=January; nummonth=1;;
   Feb) month=February; nummonth=2;;
   Mar) month=March; nummonth=3;;
@@ -128,7 +160,10 @@ case $1 in
   Dec) month=December; nummonth=12;;
 esac
 
-day=$2
+case $3 in
+  ???*) day=$1;;
+  *) day=$3; shift;;
+esac
 
 # Here we have to deal with the problem that the ls output gives either
 # the time of day or the year.
index 245b9cb..f7fd8e7 100644 (file)
@@ -1,5 +1,5 @@
 \input texinfo                  @c -*- Texinfo -*-
-@c Copyright (C) 2000, 2002, 2003, 2004, 2005 Free Software Foundation, Inc.
+@c Copyright (C) 2000, 2002, 2003, 2004, 2005, 2007, 2008 Free Software Foundation, Inc.
 @c 
 @c This file is part of Poldi.
 @c
@@ -23,9 +23,9 @@
 This file documents `Poldi'.
 
 This is Edition @value{EDITION}, last updated @value{UPDATED}, of
-@cite{The `Poldi Reference Manual}, for Version @value{VERSION}.
+@cite{The Poldi Manual}, for Version @value{VERSION}.
 
-Copyright @copyright{} 2004, 2005 g10 Code GmbH.
+Copyright @copyright{} 2004, 2005, 2006, 2007, 2008 g10 Code GmbH.
 
 Permission is granted to copy, distribute and/or modify this document
 under the terms of the GNU General Public License as published by the
@@ -35,9 +35,7 @@ section entitled ``Copying''.
 @end ifinfo
 
 @titlepage
-@center @titlefont{The `Poldi'}
-@sp 1
-@center @titlefont{Reference Manual}
+@center @titlefont{The Poldi Manual}
 @sp 6
 @center Edition @value{EDITION}
 @sp 1
@@ -46,7 +44,7 @@ section entitled ``Copying''.
 @center for version @value{VERSION}
 @page
 @vskip 0pt plus 1filll
-Copyright @copyright{} 2004, 2005 g10 Code GmbH.
+Copyright @copyright{} 2004, 2005, 2006, 2007, 2008 g10 Code GmbH.
 
 Permission is granted to copy, distribute and/or modify this document
 under the terms of the GNU General Public License as published by the
@@ -62,10 +60,10 @@ section entitled ``Copying''.
 @node Top
 @top Main Menu
 This is Edition @value{EDITION}, last updated @value{UPDATED}, of
-@cite{The `Poldi Reference Manual}, for Version
+@cite{The Poldi Manual}, for Version
 @value{VERSION} of Poldi.
 
-Copyright @copyright{} 2004, 2005 g10 Code GmbH.
+Copyright @copyright{} 2004, 2005, 2006, 2007, 2008 g10 Code GmbH.
 
 Permission is granted to copy, distribute and/or modify this document
 under the terms of the GNU General Public License as published by the
@@ -76,224 +74,483 @@ section entitled ``Copying''.
 @end ifnottex
 
 @menu
-* Introduction::                 What is Poldi
-* Using Poldi::                  Using Poldi
-* Applications::                 Notes on applications
-
-Appendices
+* Overview::
+* Authentication methods::
+* Installation from Source::
+* Configuration::
+* Configuration Example::
+* Testing::
+* Notes on Applications::
 * Copying::                     The GNU General Public License
 
-@detailmenu
- --- The Detailed Node Listing ---
-Introduction
-* Overview::                    Overview
-* Building::                    Building Poldi
-@end detailmenu
+@c @detailmenu
+@c  --- The Detailed Node Listing ---
+@c * Overview::                    Overview
+@c * Building::                    Building Poldi
+@c @end detailmenu
 
 @end menu
 
-@node Introduction
-@chapter Introduction
+@node Overview
+@chapter Overview
 
-@menu
-* Overview::                    Overview
-* Building::                    Building Poldi
-* Installing::                  Installing Poldi
-@end menu
+Poldi is a PAM module implementing challenge/response based
+authentication through the OpenPGP smartcard
+(http://www.g10code.de/p-card.html).  It makes use of several GnuPG
+components (Libgcrypt, Assuan, Scdaemon, Dirmngr) and currently supports two
+authentication methods:
 
-@node Overview
-@section Overview
+@table @asis
+@item ``local-database'' authentication method
 
-Poldi is package consisting of a PAM module (pam_poldi) and a CLI
-program (poldi-ctrl) , which implement authentication via OpenPGP
-smartcards (http://www.g10code.de/p-card.html).
+This method establishs the mapping between user accounts and
+smartcards through a locally administered database.
 
-@node Building
-@section Building
+@item ``X509'' authentication
 
-Building Poldi should be pretty straightforward; Poldi depends on the
-following packages: Libgcrypt, Libgpg-error.
+This method uses the PKI infrastructure provided by Dirmngr for
+validating certificates.  OpenPGP smartcards are associated with X509
+certificates through the smartcard's ``url'' field; the user account
+name to use for authentication is extracted from the certificate.
+@end table
 
-Details on the build procedure can be found in the file ``INSTALL''.  At
-least one configure switch should be set:
-@code{--with-pam-module-directory}, which specifies the installation
-directory for PAM modules.
+This manual is primarily intended for system administrators interested
+in setting up authentication through PAM Poldi.
 
-@node Installing
-@section Installing
+@node Authentication methods
+@chapter Authentication methods
 
-Installing Poldi should not require more than an invocation of the
-``install'' make target.
+This chapter explains the supported authentication methods in detail.
 
-Poldi requires some directories beneath `SYSCONFDIR/poldi', which is
-usually equal to `PREFIX/etc/poldi'.
+@menu
+* Local-database authentication::
+* X509 authentication::
+@end menu
 
-The directories can be created manually or through the
-`install-conf-skeleton' make target.
+@node Local-database authentication
+@section Local-database authentication
 
-@node Using Poldi
-@chapter Using Poldi
+The login process through local database authentication consists
+essentially of three parts: looking up the smartcards key on the local
+computer, figuring out the desired identity for the login and finally
+doing challenge/response authentication against the local key.
 
-In this chapter you will find information on the correct configuration
-and Usage of Poldi.
+Poldi maintains a database, which associates local user accounts with
+smartcards (through their serial number).  There are little
+restrictions in respect to the mapping of users and smartcards: one
+smartcard can be associated with many users and one user can be
+associated with many smartcards.
 
-@menu
-* Configuration::               Configuring Poldi
-* Access control::              How to setup Poldi for authentication
-* Example::                     Example
-* Testing::                     Testing basic functionality
-@end menu
+The public keys are stored in files in a subdirectory named
+``keys''. The files are named after the card serial numbers and must
+contain the public key as a single S-Expression as it is printed out
+by poldi-ctrl.
+
+The mapping between keys and Unix accounts is to be established by
+adding appropriate entries to the user database file named ``users''.
+Such an entry is of the following form:
+
+@example
+<card serial number> <white space(s)> <account>.
+@end example
+
+@node X509 authentication
+@section X509 authentication
+
+With X509 authentication smartcards need to be associated with X509
+certicates.  This mapping is to be established through the ``url''
+field on the OpenPGP smartcard.  The url field is expected to hold
+either a valid LDAP url (``ldap://...'') or a file url
+(``file:///...'').  After a certificate has been successfuly looked
+up, it is validated through Dirmngr and a challenge-response
+authentication is triggered against the smartcard.  The mapping
+between smartcards and local accounts is established through the list
+of email addresses contained in the certificate.  Through the
+configuration file, Poldi is informed about the ``X509 domain'' to
+use.  This domain is used when looking through the list of email
+addresses for the local username on the system. Note: semantics might
+change.
+
+To illustrate this with an example: lets assume a user is trying to
+authenticate himself trough Poldi's X509 method.  Poldi looks up the
+url field of the user's smartcard and retrieves his X509 certificate.
+The certificate contains two e-mail addresses: ``<dude@@example.com>''
+and ``<fry@@gnupg.org>''.  Since the administrator set the ``X509
+domain'' to ``gnupg.org'' in Poldi's configuration file, Poldi will
+pick out the address ``fry@@gnupg.org'' and (after succesful
+challenge-response authentication) will let the user login as ``fry''.
+
+@node Installation from Source
+@chapter Installation from Source
+
+Building and installing Poldi from source should be pretty
+straightforward, since it uses the GNU autotools.  Build- and runtime
+dependencies may vary with the enabled authentication methods.
+
+Independent from enabled authentication methods, Poldi depends on
+Libgpg-error, Libgcrypt, Libassuan, Scdaemon and of course Libpam.
+
+The ``X509'' authentication method additionaly has a build-time
+dependency on libksba and requires Dirmngr to be properly setup at
+runtime.  The ``local database'' authentication method has no
+additional requirements.
+
+Details on the building procedure can be found in the file
+``INSTALL''.
+
+At least one configure switch should be set:
+@code{--with-pam-module-directory}, which specifies the installation
+directory for PAM modules.  Alternatively one can copy the built PAM
+module (named ``pam_poldi.so'') to the correct place manually.
+
+For building the Poldi package, ``make'' needs to be invoked.
+
+Installing Poldi works by invoking the ``install'' make target.  As
+noted before, special care must be taken so that the PAM module ends up
+in the correct place.
+
+Poldi requires some directories beneath `SYSCONFDIR/poldi', which is
+usually equal to `PREFIX/etc/poldi'. These directories can be created
+manually or through the `install-conf-skeleton' make target.
 
 @node Configuration
-@section Configuration
+@chapter Configuration
 
-All configuration files of Poldi are stored beneath
+Poldi can be configured through configuration files and through PAM
+arguments.  All configuration files of Poldi are stored beneath
 ``@code{sysconfdir}/poldi''.
 
 Poldi's main configuration file is
-``@code{sysconfdir}/poldi/poldi.conf''.  The syntax of this
+``@code{sysconfdir}/poldi/poldi.conf''.  The syntax of Poldi's
 configuration file is identical to the one used by several other GnuPG
-components; options, and their values, are written next each other,
+components; options and their values are written next to each other,
 seperated by a whitespace - one such configuration item per line.
 
-Poldi supports the following options:
+Poldi supports the following authentication method independent
+options, which can be specified in the main configuration file and in
+the PAM configuration files as arguments to the Poldi PAM module (with
+standard doubledash notation).
 
 @table @code
-@item ctapi-driver <driver name>
-@item pcsc-driver <driver name>
-@item reader-port <reader port>
-@item disable-ccid
-@item disable-opensc
-@item debug-ccid-driver
-@item logfile
+@item logfile FILENAME
+Specify the file to use for log messages.
+@item auth-method AUTH-METHOD
+Specify the authentication method to use.  May be either ``localdb
+or ``x509''.
+@item debug
+Enable debugging messages.
 @end table
 
-The semantics used by Poldi in respect to choosing a default card
-driver and handling of the card driver specific options should match
-those of scdaemon.
+Further configuration depends on the authentication method to use.
 
-@node Access control
-@section Access control
+@menu
+* Configuration for ``local-database'' authentication::
+* Configuration for ``X509'' authentication::
+@end menu
 
-In order for a user to be able to authenticate himself through Poldi,
-several preconditions must be satisfied:
+@node Configuration for ``local-database'' authentication
+@section Configuration for ``local-database'' authentication
 
-@table @asis
-@item the smartcard in question needs to be introduced to Poldi
-@item the smartcard's key must be installed
-@item the user must be associated with the smartcard
+For the local-database authentication method additional configuration
+is required.  All local-database specific configuration files are
+stored in the subdirectory ``localdb'':
+
+@table @code
+@item File: users
+This file contains the mapping between smartcard serial numbers and
+local usernames.  Syntax: this file consists of entries - one entry
+per line.  Entries are of the form:
+"<SERIALNO><WHITESPACES><USERNAME>\n" (without quotation marks and
+without angle brackets.  Allowed whitespaces are spaces and tabs.
+<SERIALNO> is the serial number of an OpenPGP smartcard as reported by
+poldi-ctrl --print-serialno.  <USERNAME> is a valid username on the
+system.  Comments are opened with "#" and terminated by a newline.
+
+@item Directory: keys
+
+This directory contains the "key database" for Poldis "local database"
+authentication method.  When Poldi needs the key belonging to a given
+smartcard serial number, it looks up a file in this directory whose
+name is exactly the serial number.
+
+Usually only the system administrator is able to modify this directory
+and thus establish the mapping between smartcards and keys.  But it
+might make sense for the administrator to make a file in this
+directory writable for a ordinary user as well, since this would allow
+that user to update his smartcard's key and adjust the mapping himself
+without bothering the admin.
 @end table
 
-@table @asis
 
-@item Smartcard management:
+@node Configuration for ``X509'' authentication
+@section Configuration for ``X509'' authentication
 
-Poldi manages a list of ``registered'' smartcards.  Each registered
-smartcard is associated with exactly one key.
+In case X509 authentication is enabled, Poldi tries to parse another
+configuration file, namely ``poldi-x509.conf''.  The following
+configuration options are supported for this configuration file:
 
-Smartcard registration/unregistration needs to be done by a user having
-write access to Poldi's key directory, which is stored beneath
-SYSCONFDIR/poldi by default.  Therefore the system administrator is
-usually the only user able to register/unregister smartcards in case
-Poldi is installed globally in the system.
+@table @code
+@item dirmngr-socket FILENAME
+Specify the socket to be used for communication with Dirmngr.
 
-It might be desired to allow a user who is not the system administrator
-to install or update the key of his smartcard.  In this case, the
-appropriate user needs to be specified during card registration.
+@item x509-domain STRING
+Specify the X509 domain, which is simply a suffix required for
+recognizing email addresses contained in user certificates as
+belonging to the system on which authentication happens.
+@end table
 
-@item Key setup:
+@node Configuration Example
+@chapter Configuration Example
 
-After a smartcard has been registered, it's key needs to be installed in
-order to allow authentication with the given card.
+@menu
+* Example for ``local-database'' authentication::
+* Example for ``X509'' authentication::
+@end menu
 
-@item Associating a user with a card:
+@node Example for ``local-database'' authentication
+@section Example for ``local-database'' authentication
 
-Poldi manages a ``user database'', which is used for associating users
-with smartcards.  There are no quantitative restrictions in respect to
-the mapping of users and smartcards: on smartcard can be associated with
-many users and one user can be associated with many smartcards.
+Lets assume a new installation of Poldi into the root filesystem,
+having configuration files stored beneath /etc/poldi. The user
+``moritz'', who got an OpenPGP card with the serial number
+``D2760001240101010001000006550000, would like to authenticate himself
+through Poldi.
 
-@item Details:
+First, the system administrator has to associate the user moritz with
+the card's serial number:
 
-The public keys are stored in files beneath the directory
-``keys''. which are named after the card serial numbers.  These files
-must contain the public key as a single S-Expression.
+@example
+$ echo "D2760001240101010001000006550000 moritz" >> /etc/poldi/localdb/users
+@end example
 
-The mapping between keys and Unix accounts is to be established by
-adding appropriate entries to the user database file named ``users''.
-Such an entry has to be of the following form:
+Second, the system administrator needs to write the card's key into a
+card-specific key file.  Therefore he inserts Moritz' smartcard and
+executes:
 
-<card serial number> <white space(s)> <account>.
+@example
+$ poldi-ctrl --print-key > /etc/poldi/localdb/keys/D2760001240101010001000006550000
+@end example
+
+The administrator wants to allow Moritz to update his card's key
+himself; he/she types:
+
+@example
+$ chown moritz /etc/poldi/localdb/keys/D2760001240101010001000006550000
+@end example
+
+That's it.
+
+@node Example for ``X509'' authentication
+@section Example for ``X509'' authentication
+
+Setting up X509 authentication is more complicated than setting up
+localdb authentication, since more components are involved.  This
+sections tries to explain the basic steps.
+
+When using localdb authentication, all we need is a list of keys on
+the system, against which the challenge-response authentication is
+done.  For X509 authentication we need to:
 
+@table @asis
+@item ... create X509 certificates
+one per smartcard, issued by a certificate authority trusted by Dirmngr
+@item ... setup the smartcards
+so that they ``point'' to ``their'' certificates
+@item ... run Dirmngr
+making it listen on a specific socket
+@item ... setup Poldi
+specifying Dirmngr's socket and the ``X509 domain'' in poldi-x509.conf.
+@end table
+
+Lets assume we don't have a certificate authority yet.  For the CA
+administration one needs a CA program, like OpenSSL.  It can either be
+used directly or through a GUI frontend like ``Tiny CA''.
+
+FIXME: explain situation/goal (x509_domain).
+
+Step 1: Create a CA.  I created my test CA with the following
+settings:
+
+@table @asis
+@item Common Name: Fnord Inc CA
+@item Country Name: DE
+@item Organization Name: Fnord Inc
+@item Organizational Unit: Testing
 @end table
 
-@node Example
-@section Example
+The other options required are rather self-explanitory.  After CA
+creation, we need to generate a signing request.  For this,
+gpgsm-gencert.sh can be used (after inserting the users smartcard and
+running gpg-agent):
+
+@example
+$ gpgsm-gencert.sh
+Key type
+ [1] RSA
+ [2] Existing key
+ [3] Direct from card
+Your selection: 3
+You selected: Direct from card
+Card with S/N D2760001240101010001000006550000 found
+gpg-agent uses OPENPGP.3 as ssh key
+Select key 
+ [1] OPENPGP.1
+ [2] OPENPGP.2
+ [3] OPENPGP.3
+ [4] back
+Your selection: 3
+You selected: OPENPGP.3
+Key usage
+ [1] sign, encrypt
+ [2] sign
+ [3] encrypt
+Your selection: 2
+You selected: sign
+Name (DN)
+> CN=Moritz Schulte
+E-Mail addresses (end with an empty line)
+> Moritz.Schulte@@rub.de
+E-Mail addresses (end with an empty line)
+> 
+DNS Names (optional; end with an empty line)
+> 
+URIs (optional; end with an empty line)
+> 
+Parameters for certificate request to create:
+     1  Key-Type: card:OPENPGP.3
+     2  Key-Length: 
+     3  Key-Usage: sign
+     4  Name-DN: CN=Moritz Schulte
+     5  Name-Email: Moritz.Schulte@@rub.de
+
+Really create such a CSR?
+ [1] yes
+ [2] no
+Your selection: 1
+You selected: yes
+gpgsm: certificate request created
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBnjCCAQcCAQAwGTEXMBUGA1UEAxMOTW9yaXR6IFNjaHVsdGUwgaEwDQYJKoZI
+hvcNAQEBBQADgY8AMIGLAoGBALjl58iz5T59otx5e6G2NMujUj949QAMLqYXL2Gw
+bugmlkY8eDQ4Gd1S1fKBXCbGQrZ1D+M8mMdqjLInI4BK9DxBBq7X91YonuJdR1WS
+6tSIYudMV0UoonbAyksB0zM2SatWz6roD8KgX8cPJbKgKlOmZ4VZGGa0GVayHaEE
+fQuDAgUA6o2s+aBDMEEGCSqGSIb3DQEJDjE0MDIwIAYDVR0RBBkwF4EVTW9yaXR6
+LlNjaHVsdGVAcnViLmRlMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0BAQUFAAOB
+gQCpRvQK2gV0rjFK4+H7/rBgUZvA5L89tz3vlWSgXwCVqTewgPMKYmFYXViGobti
+c4laXQuGGqnCjmakbcs5/2Mt13bSTAaTOtfyzWZp+LwVtl8xwR9w/PbbsWyjKwnW
+9H/jfXaKtyoLQgyUyK3cplPw0jW8bqC/t6zQcHe0YMYfPA==
+-----END CERTIFICATE REQUEST-----
+$ 
+@end example
+
+Import the new certificate signing request in your CA and sign it,
+yielding a new client certificate.  A note on Tiny CA: the program
+defaults FIXME mail address.
+
+Export both, the CA certificate and the client certificate, in DER
+format.  Export a certificate revocation list (CRL) for your CA in DER
+format.
 
-The user ``bender'', who got a OpenPGP card with the serial number
-``D2760001240101000001000000CF0000'', would like to authenticate himself
-through Poldi.  Neither the card, nor the user is already known to
-Poldi.
+Step 2: Setup OpenPGP smartcard
 
-First, the system administrator has to register the new card for Poldi:
+The OpenPGP smartcard is not a ``real'' PKCS#XYZ (FIXME?) smartcard -
+it cannot store X509 certificates.  So instead of ``uploading'' the
+certificate to the smartcard, we write an URL to the card, through
+which the complete certificate can be retrieved.  Simply fill the
+smartcard's ``url'' field with either a ``ldap://'' or a ``file://''
+URL, pointing to the certificate.  For LDAP urls to work, the
+certificate must be stored on a LDAP server and Dirmngr must be
+configured to use that LDAP server.  For testing, one can simply
+specify ``file:///some/where/cert-exported-from-ca.crt''.  Editing the
+card's data fields is to be done through GnuPG:
 
 @example
-$ poldi-ctrl --register-card --serialno D2760001240101000001000000CF0000
+$ gpg --card-edit # (or gpg2)
 @end example
 
-If bender should be able to install or update his card's key himself,
-the following can be used:
+Step 3: Setup Dirmngr.
 
+For debugging purposes it is usually a good idea to add:
 @example
-$ poldi-ctrl --register-card --account bender --serialno D2760001240101000001000000CF0000
+debug-all
+log-file /some/where/dirmngr.log
 @end example
 
-Now, after the card has been registered, a mapping needs to be
-established between the user ``bender'' and the smartcard he owns:
+to dirmngr.conf.
+
+Drop the exported CA certificate in Dirmngr's ``trusted-certs''
+directory.
+
+Now, run Dirmngr:
 
 @example
-$ poldi-ctrl --associate --account bender --serialno D2760001240101000001000000CF0000
+$ eval $(dirmngr --socket /some/where/dirmngr.S --daemon)
 @end example
 
-Now, bender has to write the public key of his OpenPGP card into the
-appropriate key file:
+and inform it about the CRL:
 
 @example
-$ poldi-ctrl --set-key
+$ dirmngr-client --load-crl previously-saved-crl.der
 @end example
 
-That's it.
+Check Dirmngr's log file for any errors.
 
-@node Testing
-@section Testing
+Step 4: Configure Poldi.
 
-After configuring Poldi properly, basic functionality should be tested
-prior to integrating the PAM module into the system.
+Obviously, in the main configuration file poldi.conf, we need:
 
-In order to test basic card access, poldi-ctrl can be used as follows
-to dump information read from the card:
+@example
+auth-method x509
+@end example
+
+Again, it's a very good idea to also add:
 
 @example
-$ poldi-ctrl --dump
+debug
+log-file /some/where/poldi.og
 @end example
 
-After verifying the correct interaction with the card, poldi-ctrl
-should be used to simulate an authentication mechanism:
+Add the following to ``poldi-x509.conf'':
 
 @example
-$ poldi-ctrl --test
+dirmngr-socket /some/where/dirmngr.S # the socket name previously specified
+x509-domain example.com
 @end example
 
-If this works as well, Poldi should be ready for integration into the
-PAM system.
+Now, things should be ready for trying authentication.
+
+@node Testing
+@chapter Testing
+
+Authentication through Poldi should be tested before activating the
+module.  For this purpose, the Poldi package includes a simple program
+named ``pam-test'', which is suitable for testing PAM authentication.
+
+@menu
+* The pam-test program::
+@end menu
+
+@node The pam-test program
+@section The pam-test program
+
+pam-test is a small program suitable for testing PAM authentication,
+without any Poldi specific aspects.  Synopsis:
+
+@example # FIXME
+pam-test [options] <service name>
+@end example
+
+The program accepts the following options: FIXME.
+
 
-@node Applications
-@chapter Applications
+@node Notes on Applications
+@chapter Notes on Applications
 
-Generally speaking, all applications containing a decent PAM integration
-should work flawlessly in combination with Poldi.  Sadly, there are
-applications out there, which do not use PAM as they should.  Therefore,
-they might work not too well in case they are configured to use Poldi.
+Generally speaking, all applications containing a decent PAM
+integration should work flawlessly in combination with Poldi.  Sadly,
+there are applications out there, which do not use PAM correctly.
+Therefore, they might work not too well in case they are configured to
+use Poldi.
 
 This chapter attempts to list the most common problems or useful hints
 in respect to popular applications.
@@ -301,7 +558,7 @@ in respect to popular applications.
 When applications still ask for e.g. a username although Poldi is
 activated for that application, it might be the case that other
 authentication modules, which trigger this kind of user interaction, are
-run prior to Poldi.
+configured to run prior to Poldi.
 
 @menu
 * login::
index c93912a..d2b264d 100644 (file)
@@ -3,16 +3,16 @@
 % Load plain if necessary, i.e., if running under initex.
 \expandafter\ifx\csname fmtname\endcsname\relax\input plain\fi
 %
-\def\texinfoversion{2004-11-25.16}
+\def\texinfoversion{2007-12-02.17}
 %
-% Copyright (C) 1985, 1986, 1988, 1990, 1991, 1992, 1993, 1994, 1995,
-% 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004 Free Software
-% Foundation, Inc.
+% Copyright (C) 1985, 1986, 1988, 1990, 1991, 1992, 1993, 1994, 1995, 2007,
+% 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006,
+% 2007 Free Software Foundation, Inc.
 %
-% This texinfo.tex file is free software; you can redistribute it and/or
+% This texinfo.tex file is free software: you can redistribute it and/or
 % modify it under the terms of the GNU General Public License as
-% published by the Free Software Foundation; either version 2, or (at
-% your option) any later version.
+% published by the Free Software Foundation, either version 3 of the
+% License, or (at your option) any later version.
 %
 % This texinfo.tex file is distributed in the hope that it will be
 % useful, but WITHOUT ANY WARRANTY; without even the implied warranty
@@ -20,9 +20,7 @@
 % General Public License for more details.
 %
 % You should have received a copy of the GNU General Public License
-% along with this texinfo.tex file; see the file COPYING.  If not, write
-% to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
-% Boston, MA 02111-1307, USA.
+% along with this program.  If not, see <http://www.gnu.org/licenses/>.
 %
 % As a special exception, when this file is read by TeX when processing
 % a Texinfo source document, you may use the result without
@@ -67,7 +65,7 @@
 \everyjob{\message{[Texinfo version \texinfoversion]}%
   \catcode`+=\active \catcode`\_=\active}
 
-\message{Basics,}
+
 \chardef\other=12
 
 % We never want plain's \outer definition of \+ in Texinfo.
 \ifx\putwordDefopt\undefined    \gdef\putwordDefopt{User Option}\fi
 \ifx\putwordDeffunc\undefined   \gdef\putwordDeffunc{Function}\fi
 
-% In some macros, we cannot use the `\? notation---the left quote is
-% in some cases the escape char.
+% Since the category of space is not known, we have to be careful.
+\chardef\spacecat = 10
+\def\spaceisspace{\catcode`\ =\spacecat}
+
+% sometimes characters are active, so we need control sequences.
 \chardef\colonChar = `\:
 \chardef\commaChar = `\,
+\chardef\dashChar  = `\-
 \chardef\dotChar   = `\.
 \chardef\exclamChar= `\!
+\chardef\lquoteChar= `\`
 \chardef\questChar = `\?
+\chardef\rquoteChar= `\'
 \chardef\semiChar  = `\;
 \chardef\underChar = `\_
 
-\chardef\spaceChar = `\ %
-\chardef\spacecat = 10
-\def\spaceisspace{\catcode\spaceChar=\spacecat}
-
 % Ignore a token.
 %
 \def\gobble#1{}
 \newdimen\cornerthick \cornerthick=.3pt
 \newdimen\topandbottommargin \topandbottommargin=.75in
 
+% Output a mark which sets \thischapter, \thissection and \thiscolor.
+% We dump everything together because we only have one kind of mark.
+% This works because we only use \botmark / \topmark, not \firstmark.
+%
+% A mark contains a subexpression of the \ifcase ... \fi construct.
+% \get*marks macros below extract the needed part using \ifcase.
+%
+% Another complication is to let the user choose whether \thischapter
+% (\thissection) refers to the chapter (section) in effect at the top
+% of a page, or that at the bottom of a page.  The solution is
+% described on page 260 of The TeXbook.  It involves outputting two
+% marks for the sectioning macros, one before the section break, and
+% one after.  I won't pretend I can describe this better than DEK...
+\def\domark{%
+  \toks0=\expandafter{\lastchapterdefs}%
+  \toks2=\expandafter{\lastsectiondefs}%
+  \toks4=\expandafter{\prevchapterdefs}%
+  \toks6=\expandafter{\prevsectiondefs}%
+  \toks8=\expandafter{\lastcolordefs}%
+  \mark{%
+                   \the\toks0 \the\toks2
+      \noexpand\or \the\toks4 \the\toks6
+    \noexpand\else \the\toks8
+  }%
+}
+% \topmark doesn't work for the very first chapter (after the title
+% page or the contents), so we use \firstmark there -- this gets us
+% the mark with the chapter defs, unless the user sneaks in, e.g.,
+% @setcolor (or @url, or @link, etc.) between @contents and the very
+% first @chapter.
+\def\gettopheadingmarks{%
+  \ifcase0\topmark\fi
+  \ifx\thischapter\empty \ifcase0\firstmark\fi \fi
+}
+\def\getbottomheadingmarks{\ifcase1\botmark\fi}
+\def\getcolormarks{\ifcase2\topmark\fi}
+
+% Avoid "undefined control sequence" errors.
+\def\lastchapterdefs{}
+\def\lastsectiondefs{}
+\def\prevchapterdefs{}
+\def\prevsectiondefs{}
+\def\lastcolordefs{}
+
 % Main output routine.
 \chardef\PAGE = 255
 \output = {\onepageout{\pagecontents\PAGE}}
   %
   % Do this outside of the \shipout so @code etc. will be expanded in
   % the headline as they should be, not taken literally (outputting ''code).
+  \ifodd\pageno \getoddheadingmarks \else \getevenheadingmarks \fi
   \setbox\headlinebox = \vbox{\let\hsize=\pagewidth \makeheadline}%
+  \ifodd\pageno \getoddfootingmarks \else \getevenfootingmarks \fi
   \setbox\footlinebox = \vbox{\let\hsize=\pagewidth \makefootline}%
   %
   {%
     % take effect in \write's, yet the group defined by the \vbox ends
     % before the \shipout runs.
     %
-    \escapechar = `\\     % use backslash in output files.
     \indexdummies         % don't expand commands in the output.
     \normalturnoffactive  % \ in index entries must not stay \, e.g., if
-                   % the page break happens to be in the middle of an example.
+               % the page break happens to be in the middle of an example.
+               % We don't want .vr (or whatever) entries like this:
+               % \entry{{\tt \indexbackslash }acronym}{32}{\code {\acronym}}
+               % "\acronym" won't work when it's read back in;
+               % it needs to be 
+               % {\code {{\tt \backslashcurfont }acronym}
     \shipout\vbox{%
       % Do this early so pdf references go to the beginning of the page.
       \ifpdfmakepagedest \pdfdest name{\the\pageno} xyz\fi
       \pagebody{#1}%
       \ifdim\ht\footlinebox > 0pt
         % Only leave this space if the footline is nonempty.
-        % (We lessened \vsize for it in \oddfootingxxx.)
+        % (We lessened \vsize for it in \oddfootingyyy.)
         % The \baselineskip=24pt in plain's \makefootline has no effect.
-        \vskip 2\baselineskip
+        \vskip 24pt
         \unvbox\footlinebox
       \fi
       %
       \egroup % \vbox from first cropmarks clause
       \fi
     }% end of \shipout\vbox
-  }% end of group with \normalturnoffactive
+  }% end of group with \indexdummies
   \advancepageno
   \ifnum\outputpenalty>-20000 \else\dosupereject\fi
 }
 % marginal hacks, juha@viisa.uucp (Juha Takala)
 \ifvoid\margin\else % marginal info is present
   \rlap{\kern\hsize\vbox to\z@{\kern1pt\box\margin \vss}}\fi
-\dimen@=\dp#1 \unvbox#1
+\dimen@=\dp#1\relax \unvbox#1\relax
 \ifvoid\footins\else\vskip\skip\footins\footnoterule \unvbox\footins\fi
 \ifr@ggedbottom \kern-\dimen@ \vfil \fi}
 }
 %
 \def\parsearg{\parseargusing{}}
 \def\parseargusing#1#2{%
-  \def\next{#2}%
+  \def\argtorun{#2}%
   \begingroup
     \obeylines
     \spaceisspace
 \def\argcheckspacesY#1\^^M#2\^^M#3\ArgTerm{%
   \def\temp{#3}%
   \ifx\temp\empty
-    % We cannot use \next here, as it holds the macro to run;
-    % thus we reuse \temp.
+    % Do not use \next, perhaps the caller of \parsearg uses it; reuse \temp:
     \let\temp\finishparsearg
   \else
     \let\temp\argcheckspaces
 % If a _delimited_ argument is enclosed in braces, they get stripped; so
 % to get _exactly_ the rest of the line, we had to prevent such situation.
 % We prepended an \empty token at the very beginning and we expand it now,
-% just before passing the control to \next.
+% just before passing the control to \argtorun.
 % (Similarily, we have to think about #3 of \argcheckspacesY above: it is
 % either the null string, or it ends with \^^M---thus there is no danger
 % that a pair of braces would be stripped.
 %
 % But first, we have to remove the trailing space token.
 %
-\def\finishparsearg#1 \ArgTerm{\expandafter\next\expandafter{#1}}
+\def\finishparsearg#1 \ArgTerm{\expandafter\argtorun\expandafter{#1}}
 
 % \parseargdef\foo{...}
 %      is roughly equivalent to
 \let\}=\myrbrace
 \begingroup
   % Definitions to produce \{ and \} commands for indices,
-  % and @{ and @} for the aux file.
+  % and @{ and @} for the aux/toc files.
   \catcode`\{ = \other \catcode`\} = \other
   \catcode`\[ = 1 \catcode`\] = 2
   \catcode`\! = 0 \catcode`\\ = \other
 \let\/=\allowbreak
 
 % @. is an end-of-sentence period.
-\def\.{.\spacefactor=3000 }
+\def\.{.\spacefactor=\endofsentencespacefactor\space}
 
 % @! is an end-of-sentence bang.
-\def\!{!\spacefactor=3000 }
+\def\!{!\spacefactor=\endofsentencespacefactor\space}
 
 % @? is an end-of-sentence query.
-\def\?{?\spacefactor=3000 }
+\def\?{?\spacefactor=\endofsentencespacefactor\space}
+
+% @frenchspacing on|off  says whether to put extra space after punctuation.
+% 
+\def\onword{on}
+\def\offword{off}
+%
+\parseargdef\frenchspacing{%
+  \def\temp{#1}%
+  \ifx\temp\onword \plainfrenchspacing
+  \else\ifx\temp\offword \plainnonfrenchspacing
+  \else
+    \errhelp = \EMsimple
+    \errmessage{Unknown @frenchspacing option `\temp', must be on/off}%
+  \fi\fi
+}
 
 % @w prevents a word break.  Without the \leavevmode, @w at the
 % beginning of a paragraph, when TeX is still in vertical mode, would
@@ -1031,9 +1095,9 @@ where each line of input produces a line of output.}
 % _ active, and distinguish by seeing if the current family is \slfam,
 % which is what @var uses.
 {
-  \catcode\underChar = \active
+  \catcode`\_ = \active
   \gdef\mathunderscore{%
-    \catcode\underChar=\active
+    \catcode`\_=\active
     \def_{\ifnum\fam=\slfam \_\else\sb\fi}%
   }
 }
@@ -1076,15 +1140,24 @@ where each line of input produces a line of output.}
 \def\minus{$-$}
 
 % @dots{} outputs an ellipsis using the current font.
-% We do .5em per period so that it has the same spacing in a typewriter
-% font as three actual period characters.
+% We do .5em per period so that it has the same spacing in the cm
+% typewriter fonts as three actual period characters; on the other hand,
+% in other typewriter fonts three periods are wider than 1.5em.  So do
+% whichever is larger.
 %
 \def\dots{%
   \leavevmode
-  \hbox to 1.5em{%
-    \hskip 0pt plus 0.25fil
-    .\hfil.\hfil.%
-    \hskip 0pt plus 0.5fil
+  \setbox0=\hbox{...}% get width of three periods
+  \ifdim\wd0 > 1.5em
+    \dimen0 = \wd0
+  \else
+    \dimen0 = 1.5em
+  \fi
+  \hbox to \dimen0{%
+    \hskip 0pt plus.25fil
+    .\hskip 0pt plus1fil
+    .\hskip 0pt plus1fil
+    .\hskip 0pt plus.5fil
   }%
 }
 
@@ -1092,7 +1165,7 @@ where each line of input produces a line of output.}
 %
 \def\enddots{%
   \dots
-  \spacefactor=3000
+  \spacefactor=\endofsentencespacefactor
 }
 
 % @comma{} is so commas can be inserted into text without messing up
@@ -1176,13 +1249,134 @@ where each line of input produces a line of output.}
     \fi
   \fi
 \fi
-%
+
+% PDF uses PostScript string constants for the names of xref targets,
+% for display in the outlines, and in other places.  Thus, we have to
+% double any backslashes.  Otherwise, a name like "\node" will be
+% interpreted as a newline (\n), followed by o, d, e.  Not good.
+% http://www.ntg.nl/pipermail/ntg-pdftex/2004-July/000654.html
+% (and related messages, the final outcome is that it is up to the TeX
+% user to double the backslashes and otherwise make the string valid, so
+% that's what we do).
+
+% double active backslashes.
+% 
+{\catcode`\@=0 \catcode`\\=\active
+ @gdef@activebackslashdouble{%
+   @catcode`@\=@active
+   @let\=@doublebackslash}
+}
+
+% To handle parens, we must adopt a different approach, since parens are
+% not active characters.  hyperref.dtx (which has the same problem as
+% us) handles it with this amazing macro to replace tokens, with minor
+% changes for Texinfo.  It is included here under the GPL by permission
+% from the author, Heiko Oberdiek.
+% 
+% #1 is the tokens to replace.
+% #2 is the replacement.
+% #3 is the control sequence with the string.
+% 
+\def\HyPsdSubst#1#2#3{%
+  \def\HyPsdReplace##1#1##2\END{%
+    ##1%
+    \ifx\\##2\\%
+    \else
+      #2%
+      \HyReturnAfterFi{%
+        \HyPsdReplace##2\END
+      }%
+    \fi
+  }%
+  \xdef#3{\expandafter\HyPsdReplace#3#1\END}%
+}
+\long\def\HyReturnAfterFi#1\fi{\fi#1}
+
+% #1 is a control sequence in which to do the replacements.
+\def\backslashparens#1{%
+  \xdef#1{#1}% redefine it as its expansion; the definition is simply
+             % \lastnode when called from \setref -> \pdfmkdest.
+  \HyPsdSubst{(}{\realbackslash(}{#1}%
+  \HyPsdSubst{)}{\realbackslash)}{#1}%
+}
+
+\newhelp\nopdfimagehelp{Texinfo supports .png, .jpg, .jpeg, and .pdf images
+with PDF output, and none of those formats could be found.  (.eps cannot
+be supported due to the design of the PDF format; use regular TeX (DVI
+output) for that.)}
+
 \ifpdf
-  \input pdfcolor
-  \pdfcatalog{/PageMode /UseOutlines}%
+  %
+  % Color manipulation macros based on pdfcolor.tex.
+  \def\cmykDarkRed{0.28 1 1 0.35}
+  \def\cmykBlack{0 0 0 1}
+  %
+  \def\pdfsetcolor#1{\pdfliteral{#1 k}}
+  % Set color, and create a mark which defines \thiscolor accordingly,
+  % so that \makeheadline knows which color to restore.
+  \def\setcolor#1{%
+    \xdef\lastcolordefs{\gdef\noexpand\thiscolor{#1}}%
+    \domark
+    \pdfsetcolor{#1}%
+  }
+  %
+  \def\maincolor{\cmykBlack}
+  \pdfsetcolor{\maincolor}
+  \edef\thiscolor{\maincolor}
+  \def\lastcolordefs{}
+  %
+  \def\makefootline{%
+    \baselineskip24pt
+    \line{\pdfsetcolor{\maincolor}\the\footline}%
+  }
+  %
+  \def\makeheadline{%
+    \vbox to 0pt{%
+      \vskip-22.5pt
+      \line{%
+        \vbox to8.5pt{}%
+        % Extract \thiscolor definition from the marks.
+        \getcolormarks
+        % Typeset the headline with \maincolor, then restore the color.
+        \pdfsetcolor{\maincolor}\the\headline\pdfsetcolor{\thiscolor}%
+      }%
+      \vss
+    }%
+    \nointerlineskip
+  }
+  %
+  %
+  \pdfcatalog{/PageMode /UseOutlines}
+  %
+  % #1 is image name, #2 width (might be empty/whitespace), #3 height (ditto).
   \def\dopdfimage#1#2#3{%
-    \def\imagewidth{#2}%
-    \def\imageheight{#3}%
+    \def\imagewidth{#2}\setbox0 = \hbox{\ignorespaces #2}%
+    \def\imageheight{#3}\setbox2 = \hbox{\ignorespaces #3}%
+    %
+    % pdftex (and the PDF format) support .png, .jpg, .pdf (among
+    % others).  Let's try in that order.
+    \let\pdfimgext=\empty
+    \begingroup
+      \openin 1 #1.png \ifeof 1
+        \openin 1 #1.jpg \ifeof 1
+          \openin 1 #1.jpeg \ifeof 1
+            \openin 1 #1.JPG \ifeof 1
+              \openin 1 #1.pdf \ifeof 1
+                \errhelp = \nopdfimagehelp
+                \errmessage{Could not find image file #1 for pdf}%
+              \else \gdef\pdfimgext{pdf}%
+              \fi
+            \else \gdef\pdfimgext{JPG}%
+            \fi
+          \else \gdef\pdfimgext{jpeg}%
+          \fi
+        \else \gdef\pdfimgext{jpg}%
+        \fi
+      \else \gdef\pdfimgext{png}%
+      \fi
+      \closein 1
+    \endgroup
+    %
     % without \immediate, pdftex seg faults when the same image is
     % included twice.  (Version 3.14159-pre-1.0-unofficial-20010704.)
     \ifnum\pdftexversion < 14
@@ -1190,26 +1384,38 @@ where each line of input produces a line of output.}
     \else
       \immediate\pdfximage
     \fi
-      \ifx\empty\imagewidth\else width \imagewidth \fi
-      \ifx\empty\imageheight\else height \imageheight \fi
+      \ifdim \wd0 >0pt width \imagewidth \fi
+      \ifdim \wd2 >0pt height \imageheight \fi
       \ifnum\pdftexversion<13
-         #1.pdf%
+         #1.\pdfimgext
        \else
-         {#1.pdf}%
+         {#1.\pdfimgext}%
        \fi
     \ifnum\pdftexversion < 14 \else
       \pdfrefximage \pdflastximage
     \fi}
+  %
   \def\pdfmkdest#1{{%
-    % We have to set dummies so commands such as @code in a section title
-    % aren't expanded.
-    \atdummies
-    \normalturnoffactive
-    \pdfdest name{#1} xyz%
+    % We have to set dummies so commands such as @code, and characters
+    % such as \, aren't expanded when present in a section title.
+    \indexnofonts
+    \turnoffactive
+    \activebackslashdouble
+    \makevalueexpandable
+    \def\pdfdestname{#1}%
+    \backslashparens\pdfdestname
+    \safewhatsit{\pdfdest name{\pdfdestname} xyz}%
   }}
+  %
+  % used to mark target names; must be expandable.
   \def\pdfmkpgn#1{#1}
-  \let\linkcolor = \Blue  % was Cyan, but that seems light?
-  \def\endlink{\Black\pdfendlink}
+  %
+  % by default, use a color that is dark enough to print on paper as
+  % nearly black, but still distinguishable for online viewing.
+  \def\urlcolor{\cmykDarkRed}
+  \def\linkcolor{\cmykDarkRed}
+  \def\endlink{\setcolor{\maincolor}\pdfendlink}
+  %
   % Adding outlines to PDF; macros for calculating structure of outlines
   % come from Petr Olsak
   \def\expnumber#1{\expandafter\ifx\csname#1\endcsname\relax 0%
@@ -1218,20 +1424,31 @@ where each line of input produces a line of output.}
     \advance\tempnum by 1
     \expandafter\xdef\csname#1\endcsname{\the\tempnum}}
   %
-  % #1 is the section text.  #2 is the pdf expression for the number
-  % of subentries (or empty, for subsubsections).  #3 is the node
-  % text, which might be empty if this toc entry had no
-  % corresponding node.  #4 is the page number.
+  % #1 is the section text, which is what will be displayed in the
+  % outline by the pdf viewer.  #2 is the pdf expression for the number
+  % of subentries (or empty, for subsubsections).  #3 is the node text,
+  % which might be empty if this toc entry had no corresponding node.
+  % #4 is the page number
   %
   \def\dopdfoutline#1#2#3#4{%
     % Generate a link to the node text if that exists; else, use the
     % page number.  We could generate a destination for the section
     % text in the case where a section has no node, but it doesn't
-    % seem worthwhile, since most documents are normally structured.
+    % seem worth the trouble, since most documents are normally structured.
     \def\pdfoutlinedest{#3}%
-    \ifx\pdfoutlinedest\empty \def\pdfoutlinedest{#4}\fi
+    \ifx\pdfoutlinedest\empty
+      \def\pdfoutlinedest{#4}%
+    \else
+      % Doubled backslashes in the name.
+      {\activebackslashdouble \xdef\pdfoutlinedest{#3}%
+       \backslashparens\pdfoutlinedest}%
+    \fi
     %
-    \pdfoutline goto name{\pdfmkpgn{\pdfoutlinedest}}#2{#1}%
+    % Also double the backslashes in the display string.
+    {\activebackslashdouble \xdef\pdfoutlinetext{#1}%
+     \backslashparens\pdfoutlinetext}%
+    %
+    \pdfoutline goto name{\pdfmkpgn{\pdfoutlinedest}}#2{\pdfoutlinetext}%
   }
   %
   \def\pdfmakeoutlines{%
@@ -1272,7 +1489,7 @@ where each line of input produces a line of output.}
       \def\unnsecentry{\numsecentry}%
       \def\unnsubsecentry{\numsubsecentry}%
       \def\unnsubsubsecentry{\numsubsubsecentry}%
-      \input \jobname.toc
+      \readdatafile{toc}%
       %
       % Read toc second time, this time actually producing the outlines.
       % The `-' means take the \expnumber as the absolute number of
@@ -1298,41 +1515,12 @@ where each line of input produces a line of output.}
       % their "best" equivalent, based on the @documentencoding.  Right
       % now, I guess we'll just let the pdf reader have its way.
       \indexnofonts
-      \turnoffactive
-      \input \jobname.toc
+      \setupdatafile
+      \catcode`\\=\active \otherbackslash
+      \input \tocreadfilename
     \endgroup
   }
   %
-  \def\makelinks #1,{%
-    \def\params{#1}\def\E{END}%
-    \ifx\params\E
-      \let\nextmakelinks=\relax
-    \else
-      \let\nextmakelinks=\makelinks
-      \ifnum\lnkcount>0,\fi
-      \picknum{#1}%
-      \startlink attr{/Border [0 0 0]}
-        goto name{\pdfmkpgn{\the\pgn}}%
-      \linkcolor #1%
-      \advance\lnkcount by 1%
-      \endlink
-    \fi
-    \nextmakelinks
-  }
-  \def\picknum#1{\expandafter\pn#1}
-  \def\pn#1{%
-    \def\p{#1}%
-    \ifx\p\lbrace
-      \let\nextpn=\ppn
-    \else
-      \let\nextpn=\ppnn
-      \def\first{#1}
-    \fi
-    \nextpn
-  }
-  \def\ppn#1{\pgn=#1\gobble}
-  \def\ppnn{\pgn=\first}
-  \def\pdfmklnk#1{\lnkcount=0\makelinks #1,END,}
   \def\skipspaces#1{\def\PP{#1}\def\D{|}%
     \ifx\PP\D\let\nextsp\relax
     \else\let\nextsp\skipspaces
@@ -1347,11 +1535,19 @@ where each line of input produces a line of output.}
   \else
     \let \startlink \pdfstartlink
   \fi
+  % make a live url in pdf output.
   \def\pdfurl#1{%
     \begingroup
-      \normalturnoffactive\def\@{@}%
+      % it seems we really need yet another set of dummies; have not
+      % tried to figure out what each command should do in the context
+      % of @url.  for now, just make @/ a no-op, that's the only one
+      % people have actually reported a problem with.
+      % 
+      \normalturnoffactive
+      \def\@{@}%
+      \let\/=\empty
       \makevalueexpandable
-      \leavevmode\Red
+      \leavevmode\setcolor{\urlcolor}%
       \startlink attr{/Border [0 0 0]}%
         user{/Subtype /Link /A << /S /URI /URI (#1) >>}%
     \endgroup}
@@ -1378,13 +1574,14 @@ where each line of input produces a line of output.}
     {\noexpand\pdflink{\the\toksC}}\toksC={}\global\countA=0}
   \def\pdflink#1{%
     \startlink attr{/Border [0 0 0]} goto name{\pdfmkpgn{#1}}
-    \linkcolor #1\endlink}
+    \setcolor{\linkcolor}#1\endlink}
   \def\done{\edef\st{\global\noexpand\toksA={\the\toksB}}\st}
 \else
   \let\pdfmkdest = \gobble
   \let\pdfurl = \gobble
   \let\endlink = \relax
-  \let\linkcolor = \relax
+  \let\setcolor = \gobble
+  \let\pdfsetcolor = \gobble
   \let\pdfmakeoutlines = \relax
 \fi  % \ifx\pdfoutput
 
@@ -1419,6 +1616,7 @@ where each line of input produces a line of output.}
 % We don't need math for this font style.
 \def\ttsl{\setfontstyle{ttsl}}
 
+
 % Default leading.
 \newdimen\textleading  \textleading = 13.2pt
 
@@ -1430,8 +1628,12 @@ where each line of input produces a line of output.}
 \def\strutheightpercent{.70833}
 \def\strutdepthpercent {.29167}
 %
+% can get a sort of poor man's double spacing by redefining this.
+\def\baselinefactor{1}
+%
 \def\setleading#1{%
-  \normalbaselineskip = #1\relax
+  \dimen0 = #1\relax
+  \normalbaselineskip = \baselinefactor\dimen0
   \normallineskip = \lineskipfactor\normalbaselineskip
   \normalbaselines
   \setbox\strutbox =\hbox{%
@@ -1440,10 +1642,279 @@ where each line of input produces a line of output.}
   }%
 }
 
+% PDF CMaps.  See also LaTeX's t1.cmap.
+%
+% do nothing with this by default.
+\expandafter\let\csname cmapOT1\endcsname\gobble
+\expandafter\let\csname cmapOT1IT\endcsname\gobble
+\expandafter\let\csname cmapOT1TT\endcsname\gobble
+
+% if we are producing pdf, and we have \pdffontattr, then define cmaps.
+% (\pdffontattr was introduced many years ago, but people still run
+% older pdftex's; it's easy to conditionalize, so we do.)
+\ifpdf \ifx\pdffontattr\undefined \else
+  \begingroup
+    \catcode`\^^M=\active \def^^M{^^J}% Output line endings as the ^^J char.
+    \catcode`\%=12 \immediate\pdfobj stream {%!PS-Adobe-3.0 Resource-CMap
+%%DocumentNeededResources: ProcSet (CIDInit)
+%%IncludeResource: ProcSet (CIDInit)
+%%BeginResource: CMap (TeX-OT1-0)
+%%Title: (TeX-OT1-0 TeX OT1 0)
+%%Version: 1.000
+%%EndComments
+/CIDInit /ProcSet findresource begin
+12 dict begin
+begincmap
+/CIDSystemInfo
+<< /Registry (TeX)
+/Ordering (OT1)
+/Supplement 0
+>> def
+/CMapName /TeX-OT1-0 def
+/CMapType 2 def
+1 begincodespacerange
+<00> <7F>
+endcodespacerange
+8 beginbfrange
+<00> <01> <0393>
+<09> <0A> <03A8>
+<23> <26> <0023>
+<28> <3B> <0028>
+<3F> <5B> <003F>
+<5D> <5E> <005D>
+<61> <7A> <0061>
+<7B> <7C> <2013>
+endbfrange
+40 beginbfchar
+<02> <0398>
+<03> <039B>
+<04> <039E>
+<05> <03A0>
+<06> <03A3>
+<07> <03D2>
+<08> <03A6>
+<0B> <00660066>
+<0C> <00660069>
+<0D> <0066006C>
+<0E> <006600660069>
+<0F> <00660066006C>
+<10> <0131>
+<11> <0237>
+<12> <0060>
+<13> <00B4>
+<14> <02C7>
+<15> <02D8>
+<16> <00AF>
+<17> <02DA>
+<18> <00B8>
+<19> <00DF>
+<1A> <00E6>
+<1B> <0153>
+<1C> <00F8>
+<1D> <00C6>
+<1E> <0152>
+<1F> <00D8>
+<21> <0021>
+<22> <201D>
+<27> <2019>
+<3C> <00A1>
+<3D> <003D>
+<3E> <00BF>
+<5C> <201C>
+<5F> <02D9>
+<60> <2018>
+<7D> <02DD>
+<7E> <007E>
+<7F> <00A8>
+endbfchar
+endcmap
+CMapName currentdict /CMap defineresource pop
+end
+end
+%%EndResource
+%%EOF
+    }\endgroup
+  \expandafter\edef\csname cmapOT1\endcsname#1{%
+    \pdffontattr#1{/ToUnicode \the\pdflastobj\space 0 R}%
+  }%
+%
+% \cmapOT1IT
+  \begingroup
+    \catcode`\^^M=\active \def^^M{^^J}% Output line endings as the ^^J char.
+    \catcode`\%=12 \immediate\pdfobj stream {%!PS-Adobe-3.0 Resource-CMap
+%%DocumentNeededResources: ProcSet (CIDInit)
+%%IncludeResource: ProcSet (CIDInit)
+%%BeginResource: CMap (TeX-OT1IT-0)
+%%Title: (TeX-OT1IT-0 TeX OT1IT 0)
+%%Version: 1.000
+%%EndComments
+/CIDInit /ProcSet findresource begin
+12 dict begin
+begincmap
+/CIDSystemInfo
+<< /Registry (TeX)
+/Ordering (OT1IT)
+/Supplement 0
+>> def
+/CMapName /TeX-OT1IT-0 def
+/CMapType 2 def
+1 begincodespacerange
+<00> <7F>
+endcodespacerange
+8 beginbfrange
+<00> <01> <0393>
+<09> <0A> <03A8>
+<25> <26> <0025>
+<28> <3B> <0028>
+<3F> <5B> <003F>
+<5D> <5E> <005D>
+<61> <7A> <0061>
+<7B> <7C> <2013>
+endbfrange
+42 beginbfchar
+<02> <0398>
+<03> <039B>
+<04> <039E>
+<05> <03A0>
+<06> <03A3>
+<07> <03D2>
+<08> <03A6>
+<0B> <00660066>
+<0C> <00660069>
+<0D> <0066006C>
+<0E> <006600660069>
+<0F> <00660066006C>
+<10> <0131>
+<11> <0237>
+<12> <0060>
+<13> <00B4>
+<14> <02C7>
+<15> <02D8>
+<16> <00AF>
+<17> <02DA>
+<18> <00B8>
+<19> <00DF>
+<1A> <00E6>
+<1B> <0153>
+<1C> <00F8>
+<1D> <00C6>
+<1E> <0152>
+<1F> <00D8>
+<21> <0021>
+<22> <201D>
+<23> <0023>
+<24> <00A3>
+<27> <2019>
+<3C> <00A1>
+<3D> <003D>
+<3E> <00BF>
+<5C> <201C>
+<5F> <02D9>
+<60> <2018>
+<7D> <02DD>
+<7E> <007E>
+<7F> <00A8>
+endbfchar
+endcmap
+CMapName currentdict /CMap defineresource pop
+end
+end
+%%EndResource
+%%EOF
+    }\endgroup
+  \expandafter\edef\csname cmapOT1IT\endcsname#1{%
+    \pdffontattr#1{/ToUnicode \the\pdflastobj\space 0 R}%
+  }%
+%
+% \cmapOT1TT
+  \begingroup
+    \catcode`\^^M=\active \def^^M{^^J}% Output line endings as the ^^J char.
+    \catcode`\%=12 \immediate\pdfobj stream {%!PS-Adobe-3.0 Resource-CMap
+%%DocumentNeededResources: ProcSet (CIDInit)
+%%IncludeResource: ProcSet (CIDInit)
+%%BeginResource: CMap (TeX-OT1TT-0)
+%%Title: (TeX-OT1TT-0 TeX OT1TT 0)
+%%Version: 1.000
+%%EndComments
+/CIDInit /ProcSet findresource begin
+12 dict begin
+begincmap
+/CIDSystemInfo
+<< /Registry (TeX)
+/Ordering (OT1TT)
+/Supplement 0
+>> def
+/CMapName /TeX-OT1TT-0 def
+/CMapType 2 def
+1 begincodespacerange
+<00> <7F>
+endcodespacerange
+5 beginbfrange
+<00> <01> <0393>
+<09> <0A> <03A8>
+<21> <26> <0021>
+<28> <5F> <0028>
+<61> <7E> <0061>
+endbfrange
+32 beginbfchar
+<02> <0398>
+<03> <039B>
+<04> <039E>
+<05> <03A0>
+<06> <03A3>
+<07> <03D2>
+<08> <03A6>
+<0B> <2191>
+<0C> <2193>
+<0D> <0027>
+<0E> <00A1>
+<0F> <00BF>
+<10> <0131>
+<11> <0237>
+<12> <0060>
+<13> <00B4>
+<14> <02C7>
+<15> <02D8>
+<16> <00AF>
+<17> <02DA>
+<18> <00B8>
+<19> <00DF>
+<1A> <00E6>
+<1B> <0153>
+<1C> <00F8>
+<1D> <00C6>
+<1E> <0152>
+<1F> <00D8>
+<20> <2423>
+<27> <2019>
+<60> <2018>
+<7F> <00A8>
+endbfchar
+endcmap
+CMapName currentdict /CMap defineresource pop
+end
+end
+%%EndResource
+%%EOF
+    }\endgroup
+  \expandafter\edef\csname cmapOT1TT\endcsname#1{%
+    \pdffontattr#1{/ToUnicode \the\pdflastobj\space 0 R}%
+  }%
+\fi\fi
+
+
 % Set the font macro #1 to the font named #2, adding on the
 % specified font prefix (normally `cm').
-% #3 is the font's design size, #4 is a scale factor
-\def\setfont#1#2#3#4{\font#1=\fontprefix#2#3 scaled #4}
+% #3 is the font's design size, #4 is a scale factor, #5 is the CMap
+% encoding (currently only OT1, OT1IT and OT1TT are allowed, pass
+% empty to omit).
+\def\setfont#1#2#3#4#5{%
+  \font#1=\fontprefix#2#3 scaled #4
+  \csname cmap#5\endcsname#1%
+}
+% This is what gets called when #5 of \setfont is empty.
+\let\cmap\gobble
+% emacs-page end of cmaps
 
 % Use cm as the default font prefix.
 % To specify the font prefix, you must define \fontprefix
@@ -1468,118 +1939,297 @@ where each line of input produces a line of output.}
 \def\scshape{csc}
 \def\scbshape{csc}
 
+% Definitions for a main text size of 11pt.  This is the default in
+% Texinfo.
+% 
+\def\definetextfontsizexi{%
 % Text fonts (11.2pt, magstep1).
 \def\textnominalsize{11pt}
 \edef\mainmagstep{\magstephalf}
-\setfont\textrm\rmshape{10}{\mainmagstep}
-\setfont\texttt\ttshape{10}{\mainmagstep}
-\setfont\textbf\bfshape{10}{\mainmagstep}
-\setfont\textit\itshape{10}{\mainmagstep}
-\setfont\textsl\slshape{10}{\mainmagstep}
-\setfont\textsf\sfshape{10}{\mainmagstep}
-\setfont\textsc\scshape{10}{\mainmagstep}
-\setfont\textttsl\ttslshape{10}{\mainmagstep}
+\setfont\textrm\rmshape{10}{\mainmagstep}{OT1}
+\setfont\texttt\ttshape{10}{\mainmagstep}{OT1TT}
+\setfont\textbf\bfshape{10}{\mainmagstep}{OT1}
+\setfont\textit\itshape{10}{\mainmagstep}{OT1IT}
+\setfont\textsl\slshape{10}{\mainmagstep}{OT1}
+\setfont\textsf\sfshape{10}{\mainmagstep}{OT1}
+\setfont\textsc\scshape{10}{\mainmagstep}{OT1}
+\setfont\textttsl\ttslshape{10}{\mainmagstep}{OT1TT}
 \font\texti=cmmi10 scaled \mainmagstep
 \font\textsy=cmsy10 scaled \mainmagstep
+\def\textecsize{1095}
 
 % A few fonts for @defun names and args.
-\setfont\defbf\bfshape{10}{\magstep1}
-\setfont\deftt\ttshape{10}{\magstep1}
-\setfont\defttsl\ttslshape{10}{\magstep1}
+\setfont\defbf\bfshape{10}{\magstep1}{OT1}
+\setfont\deftt\ttshape{10}{\magstep1}{OT1TT}
+\setfont\defttsl\ttslshape{10}{\magstep1}{OT1TT}
 \def\df{\let\tentt=\deftt \let\tenbf = \defbf \let\tenttsl=\defttsl \bf}
 
 % Fonts for indices, footnotes, small examples (9pt).
 \def\smallnominalsize{9pt}
-\setfont\smallrm\rmshape{9}{1000}
-\setfont\smalltt\ttshape{9}{1000}
-\setfont\smallbf\bfshape{10}{900}
-\setfont\smallit\itshape{9}{1000}
-\setfont\smallsl\slshape{9}{1000}
-\setfont\smallsf\sfshape{9}{1000}
-\setfont\smallsc\scshape{10}{900}
-\setfont\smallttsl\ttslshape{10}{900}
+\setfont\smallrm\rmshape{9}{1000}{OT1}
+\setfont\smalltt\ttshape{9}{1000}{OT1TT}
+\setfont\smallbf\bfshape{10}{900}{OT1}
+\setfont\smallit\itshape{9}{1000}{OT1IT}
+\setfont\smallsl\slshape{9}{1000}{OT1}
+\setfont\smallsf\sfshape{9}{1000}{OT1}
+\setfont\smallsc\scshape{10}{900}{OT1}
+\setfont\smallttsl\ttslshape{10}{900}{OT1TT}
 \font\smalli=cmmi9
 \font\smallsy=cmsy9
+\def\smallecsize{0900}
 
 % Fonts for small examples (8pt).
 \def\smallernominalsize{8pt}
-\setfont\smallerrm\rmshape{8}{1000}
-\setfont\smallertt\ttshape{8}{1000}
-\setfont\smallerbf\bfshape{10}{800}
-\setfont\smallerit\itshape{8}{1000}
-\setfont\smallersl\slshape{8}{1000}
-\setfont\smallersf\sfshape{8}{1000}
-\setfont\smallersc\scshape{10}{800}
-\setfont\smallerttsl\ttslshape{10}{800}
+\setfont\smallerrm\rmshape{8}{1000}{OT1}
+\setfont\smallertt\ttshape{8}{1000}{OT1TT}
+\setfont\smallerbf\bfshape{10}{800}{OT1}
+\setfont\smallerit\itshape{8}{1000}{OT1IT}
+\setfont\smallersl\slshape{8}{1000}{OT1}
+\setfont\smallersf\sfshape{8}{1000}{OT1}
+\setfont\smallersc\scshape{10}{800}{OT1}
+\setfont\smallerttsl\ttslshape{10}{800}{OT1TT}
 \font\smalleri=cmmi8
 \font\smallersy=cmsy8
+\def\smallerecsize{0800}
 
 % Fonts for title page (20.4pt):
 \def\titlenominalsize{20pt}
-\setfont\titlerm\rmbshape{12}{\magstep3}
-\setfont\titleit\itbshape{10}{\magstep4}
-\setfont\titlesl\slbshape{10}{\magstep4}
-\setfont\titlett\ttbshape{12}{\magstep3}
-\setfont\titlettsl\ttslshape{10}{\magstep4}
-\setfont\titlesf\sfbshape{17}{\magstep1}
+\setfont\titlerm\rmbshape{12}{\magstep3}{OT1}
+\setfont\titleit\itbshape{10}{\magstep4}{OT1IT}
+\setfont\titlesl\slbshape{10}{\magstep4}{OT1}
+\setfont\titlett\ttbshape{12}{\magstep3}{OT1TT}
+\setfont\titlettsl\ttslshape{10}{\magstep4}{OT1TT}
+\setfont\titlesf\sfbshape{17}{\magstep1}{OT1}
 \let\titlebf=\titlerm
-\setfont\titlesc\scbshape{10}{\magstep4}
+\setfont\titlesc\scbshape{10}{\magstep4}{OT1}
 \font\titlei=cmmi12 scaled \magstep3
 \font\titlesy=cmsy10 scaled \magstep4
 \def\authorrm{\secrm}
 \def\authortt{\sectt}
+\def\titleecsize{2074}
 
 % Chapter (and unnumbered) fonts (17.28pt).
 \def\chapnominalsize{17pt}
-\setfont\chaprm\rmbshape{12}{\magstep2}
-\setfont\chapit\itbshape{10}{\magstep3}
-\setfont\chapsl\slbshape{10}{\magstep3}
-\setfont\chaptt\ttbshape{12}{\magstep2}
-\setfont\chapttsl\ttslshape{10}{\magstep3}
-\setfont\chapsf\sfbshape{17}{1000}
+\setfont\chaprm\rmbshape{12}{\magstep2}{OT1}
+\setfont\chapit\itbshape{10}{\magstep3}{OT1IT}
+\setfont\chapsl\slbshape{10}{\magstep3}{OT1}
+\setfont\chaptt\ttbshape{12}{\magstep2}{OT1TT}
+\setfont\chapttsl\ttslshape{10}{\magstep3}{OT1TT}
+\setfont\chapsf\sfbshape{17}{1000}{OT1}
 \let\chapbf=\chaprm
-\setfont\chapsc\scbshape{10}{\magstep3}
+\setfont\chapsc\scbshape{10}{\magstep3}{OT1}
 \font\chapi=cmmi12 scaled \magstep2
 \font\chapsy=cmsy10 scaled \magstep3
+\def\chapecsize{1728}
 
 % Section fonts (14.4pt).
 \def\secnominalsize{14pt}
-\setfont\secrm\rmbshape{12}{\magstep1}
-\setfont\secit\itbshape{10}{\magstep2}
-\setfont\secsl\slbshape{10}{\magstep2}
-\setfont\sectt\ttbshape{12}{\magstep1}
-\setfont\secttsl\ttslshape{10}{\magstep2}
-\setfont\secsf\sfbshape{12}{\magstep1}
+\setfont\secrm\rmbshape{12}{\magstep1}{OT1}
+\setfont\secit\itbshape{10}{\magstep2}{OT1IT}
+\setfont\secsl\slbshape{10}{\magstep2}{OT1}
+\setfont\sectt\ttbshape{12}{\magstep1}{OT1TT}
+\setfont\secttsl\ttslshape{10}{\magstep2}{OT1TT}
+\setfont\secsf\sfbshape{12}{\magstep1}{OT1}
 \let\secbf\secrm
-\setfont\secsc\scbshape{10}{\magstep2}
+\setfont\secsc\scbshape{10}{\magstep2}{OT1}
 \font\seci=cmmi12 scaled \magstep1
 \font\secsy=cmsy10 scaled \magstep2
+\def\sececsize{1440}
 
 % Subsection fonts (13.15pt).
 \def\ssecnominalsize{13pt}
-\setfont\ssecrm\rmbshape{12}{\magstephalf}
-\setfont\ssecit\itbshape{10}{1315}
-\setfont\ssecsl\slbshape{10}{1315}
-\setfont\ssectt\ttbshape{12}{\magstephalf}
-\setfont\ssecttsl\ttslshape{10}{1315}
-\setfont\ssecsf\sfbshape{12}{\magstephalf}
+\setfont\ssecrm\rmbshape{12}{\magstephalf}{OT1}
+\setfont\ssecit\itbshape{10}{1315}{OT1IT}
+\setfont\ssecsl\slbshape{10}{1315}{OT1}
+\setfont\ssectt\ttbshape{12}{\magstephalf}{OT1TT}
+\setfont\ssecttsl\ttslshape{10}{1315}{OT1TT}
+\setfont\ssecsf\sfbshape{12}{\magstephalf}{OT1}
 \let\ssecbf\ssecrm
-\setfont\ssecsc\scbshape{10}{1315}
+\setfont\ssecsc\scbshape{10}{1315}{OT1}
 \font\sseci=cmmi12 scaled \magstephalf
 \font\ssecsy=cmsy10 scaled 1315
+\def\ssececsize{1200}
 
 % Reduced fonts for @acro in text (10pt).
 \def\reducednominalsize{10pt}
-\setfont\reducedrm\rmshape{10}{1000}
-\setfont\reducedtt\ttshape{10}{1000}
-\setfont\reducedbf\bfshape{10}{1000}
-\setfont\reducedit\itshape{10}{1000}
-\setfont\reducedsl\slshape{10}{1000}
-\setfont\reducedsf\sfshape{10}{1000}
-\setfont\reducedsc\scshape{10}{1000}
-\setfont\reducedttsl\ttslshape{10}{1000}
+\setfont\reducedrm\rmshape{10}{1000}{OT1}
+\setfont\reducedtt\ttshape{10}{1000}{OT1TT}
+\setfont\reducedbf\bfshape{10}{1000}{OT1}
+\setfont\reducedit\itshape{10}{1000}{OT1IT}
+\setfont\reducedsl\slshape{10}{1000}{OT1}
+\setfont\reducedsf\sfshape{10}{1000}{OT1}
+\setfont\reducedsc\scshape{10}{1000}{OT1}
+\setfont\reducedttsl\ttslshape{10}{1000}{OT1TT}
 \font\reducedi=cmmi10
 \font\reducedsy=cmsy10
+\def\reducedecsize{1000}
+
+% reset the current fonts
+\textfonts
+\rm
+} % end of 11pt text font size definitions
+
+
+% Definitions to make the main text be 10pt Computer Modern, with
+% section, chapter, etc., sizes following suit.  This is for the GNU
+% Press printing of the Emacs 22 manual.  Maybe other manuals in the
+% future.  Used with @smallbook, which sets the leading to 12pt.
+% 
+\def\definetextfontsizex{%
+% Text fonts (10pt).
+\def\textnominalsize{10pt}
+\edef\mainmagstep{1000}
+\setfont\textrm\rmshape{10}{\mainmagstep}{OT1}
+\setfont\texttt\ttshape{10}{\mainmagstep}{OT1TT}
+\setfont\textbf\bfshape{10}{\mainmagstep}{OT1}
+\setfont\textit\itshape{10}{\mainmagstep}{OT1IT}
+\setfont\textsl\slshape{10}{\mainmagstep}{OT1}
+\setfont\textsf\sfshape{10}{\mainmagstep}{OT1}
+\setfont\textsc\scshape{10}{\mainmagstep}{OT1}
+\setfont\textttsl\ttslshape{10}{\mainmagstep}{OT1TT}
+\font\texti=cmmi10 scaled \mainmagstep
+\font\textsy=cmsy10 scaled \mainmagstep
+\def\textecsize{1000}
+
+% A few fonts for @defun names and args.
+\setfont\defbf\bfshape{10}{\magstephalf}{OT1}
+\setfont\deftt\ttshape{10}{\magstephalf}{OT1TT}
+\setfont\defttsl\ttslshape{10}{\magstephalf}{OT1TT}
+\def\df{\let\tentt=\deftt \let\tenbf = \defbf \let\tenttsl=\defttsl \bf}
+
+% Fonts for indices, footnotes, small examples (9pt).
+\def\smallnominalsize{9pt}
+\setfont\smallrm\rmshape{9}{1000}{OT1}
+\setfont\smalltt\ttshape{9}{1000}{OT1TT}
+\setfont\smallbf\bfshape{10}{900}{OT1}
+\setfont\smallit\itshape{9}{1000}{OT1IT}
+\setfont\smallsl\slshape{9}{1000}{OT1}
+\setfont\smallsf\sfshape{9}{1000}{OT1}
+\setfont\smallsc\scshape{10}{900}{OT1}
+\setfont\smallttsl\ttslshape{10}{900}{OT1TT}
+\font\smalli=cmmi9
+\font\smallsy=cmsy9
+\def\smallecsize{0900}
+
+% Fonts for small examples (8pt).
+\def\smallernominalsize{8pt}
+\setfont\smallerrm\rmshape{8}{1000}{OT1}
+\setfont\smallertt\ttshape{8}{1000}{OT1TT}
+\setfont\smallerbf\bfshape{10}{800}{OT1}
+\setfont\smallerit\itshape{8}{1000}{OT1IT}
+\setfont\smallersl\slshape{8}{1000}{OT1}
+\setfont\smallersf\sfshape{8}{1000}{OT1}
+\setfont\smallersc\scshape{10}{800}{OT1}
+\setfont\smallerttsl\ttslshape{10}{800}{OT1TT}
+\font\smalleri=cmmi8
+\font\smallersy=cmsy8
+\def\smallerecsize{0800}
+
+% Fonts for title page (20.4pt):
+\def\titlenominalsize{20pt}
+\setfont\titlerm\rmbshape{12}{\magstep3}{OT1}
+\setfont\titleit\itbshape{10}{\magstep4}{OT1IT}
+\setfont\titlesl\slbshape{10}{\magstep4}{OT1}
+\setfont\titlett\ttbshape{12}{\magstep3}{OT1TT}
+\setfont\titlettsl\ttslshape{10}{\magstep4}{OT1TT}
+\setfont\titlesf\sfbshape{17}{\magstep1}{OT1}
+\let\titlebf=\titlerm
+\setfont\titlesc\scbshape{10}{\magstep4}{OT1}
+\font\titlei=cmmi12 scaled \magstep3
+\font\titlesy=cmsy10 scaled \magstep4
+\def\authorrm{\secrm}
+\def\authortt{\sectt}
+\def\titleecsize{2074}
+
+% Chapter fonts (14.4pt).
+\def\chapnominalsize{14pt}
+\setfont\chaprm\rmbshape{12}{\magstep1}{OT1}
+\setfont\chapit\itbshape{10}{\magstep2}{OT1IT}
+\setfont\chapsl\slbshape{10}{\magstep2}{OT1}
+\setfont\chaptt\ttbshape{12}{\magstep1}{OT1TT}
+\setfont\chapttsl\ttslshape{10}{\magstep2}{OT1TT}
+\setfont\chapsf\sfbshape{12}{\magstep1}{OT1}
+\let\chapbf\chaprm
+\setfont\chapsc\scbshape{10}{\magstep2}{OT1}
+\font\chapi=cmmi12 scaled \magstep1
+\font\chapsy=cmsy10 scaled \magstep2
+\def\chapecsize{1440}
+
+% Section fonts (12pt).
+\def\secnominalsize{12pt}
+\setfont\secrm\rmbshape{12}{1000}{OT1}
+\setfont\secit\itbshape{10}{\magstep1}{OT1IT}
+\setfont\secsl\slbshape{10}{\magstep1}{OT1}
+\setfont\sectt\ttbshape{12}{1000}{OT1TT}
+\setfont\secttsl\ttslshape{10}{\magstep1}{OT1TT}
+\setfont\secsf\sfbshape{12}{1000}{OT1}
+\let\secbf\secrm
+\setfont\secsc\scbshape{10}{\magstep1}{OT1}
+\font\seci=cmmi12 
+\font\secsy=cmsy10 scaled \magstep1
+\def\sececsize{1200}
+
+% Subsection fonts (10pt).
+\def\ssecnominalsize{10pt}
+\setfont\ssecrm\rmbshape{10}{1000}{OT1}
+\setfont\ssecit\itbshape{10}{1000}{OT1IT}
+\setfont\ssecsl\slbshape{10}{1000}{OT1}
+\setfont\ssectt\ttbshape{10}{1000}{OT1TT}
+\setfont\ssecttsl\ttslshape{10}{1000}{OT1TT}
+\setfont\ssecsf\sfbshape{10}{1000}{OT1}
+\let\ssecbf\ssecrm
+\setfont\ssecsc\scbshape{10}{1000}{OT1}
+\font\sseci=cmmi10
+\font\ssecsy=cmsy10
+\def\ssececsize{1000}
+
+% Reduced fonts for @acro in text (9pt).
+\def\reducednominalsize{9pt}
+\setfont\reducedrm\rmshape{9}{1000}{OT1}
+\setfont\reducedtt\ttshape{9}{1000}{OT1TT}
+\setfont\reducedbf\bfshape{10}{900}{OT1}
+\setfont\reducedit\itshape{9}{1000}{OT1IT}
+\setfont\reducedsl\slshape{9}{1000}{OT1}
+\setfont\reducedsf\sfshape{9}{1000}{OT1}
+\setfont\reducedsc\scshape{10}{900}{OT1}
+\setfont\reducedttsl\ttslshape{10}{900}{OT1TT}
+\font\reducedi=cmmi9
+\font\reducedsy=cmsy9
+\def\reducedecsize{0900}
+
+% reduce space between paragraphs
+\divide\parskip by 2
+
+% reset the current fonts
+\textfonts
+\rm
+} % end of 10pt text font size definitions
+
+
+% We provide the user-level command
+%   @fonttextsize 10
+% (or 11) to redefine the text font size.  pt is assumed.
+% 
+\def\xword{10}
+\def\xiword{11}
+%
+\parseargdef\fonttextsize{%
+  \def\textsizearg{#1}%
+  \wlog{doing @fonttextsize \textsizearg}%
+  %
+  % Set \globaldefs so that documents can use this inside @tex, since
+  % makeinfo 4.8 does not support it, but we need it nonetheless.
+  % 
+ \begingroup \globaldefs=1
+  \ifx\textsizearg\xword \definetextfontsizex
+  \else \ifx\textsizearg\xiword \definetextfontsizexi
+  \else
+    \errhelp=\EMsimple
+    \errmessage{@fonttextsize only supports `10' or `11', not `\textsizearg'}
+  \fi\fi
+ \endgroup
+}
+
 
 % In order for the font changes to affect most math symbols and letters,
 % we have to define the \textfont of the standard families.  Since
@@ -1691,7 +2341,7 @@ where each line of input produces a line of output.}
 
 % Set up the default fonts, so we can use them for creating boxes.
 %
-\textfonts \rm
+\definetextfontsizexi
 
 % Define these so they can be easily changed for other fonts.
 \def\angleleft{$\langle$}
@@ -1701,10 +2351,10 @@ where each line of input produces a line of output.}
 \newcount\fontdepth \fontdepth=0
 
 % Fonts for short table of contents.
-\setfont\shortcontrm\rmshape{12}{1000}
-\setfont\shortcontbf\bfshape{10}{\magstep1}  % no cmb12
-\setfont\shortcontsl\slshape{12}{1000}
-\setfont\shortconttt\ttshape{12}{1000}
+\setfont\shortcontrm\rmshape{12}{1000}{OT1}
+\setfont\shortcontbf\bfshape{10}{\magstep1}{OT1}  % no cmb12
+\setfont\shortcontsl\slshape{12}{1000}{OT1}
+\setfont\shortconttt\ttshape{12}{1000}{OT1TT}
 
 %% Add scribe-like font environments, plus @l for inline lisp (usually sans
 %% serif) and @ii for TeX italic
@@ -1749,18 +2399,25 @@ where each line of input produces a line of output.}
 % sometimes \x has an active definition that messes things up.
 %
 \catcode`@=11
-  \def\frenchspacing{%
+  \def\plainfrenchspacing{%
     \sfcode\dotChar  =\@m \sfcode\questChar=\@m \sfcode\exclamChar=\@m
     \sfcode\colonChar=\@m \sfcode\semiChar =\@m \sfcode\commaChar =\@m
+    \def\endofsentencespacefactor{1000}% for @. and friends
+  }
+  \def\plainnonfrenchspacing{%
+    \sfcode`\.3000\sfcode`\?3000\sfcode`\!3000
+    \sfcode`\:2000\sfcode`\;1500\sfcode`\,1250
+    \def\endofsentencespacefactor{3000}% for @. and friends
   }
 \catcode`@=\other
+\def\endofsentencespacefactor{3000}% default
 
 \def\t#1{%
-  {\tt \rawbackslash \frenchspacing #1}%
+  {\tt \rawbackslash \plainfrenchspacing #1}%
   \null
 }
 \def\samp#1{`\tclose{#1}'\null}
-\setfont\keyrm\rmshape{8}{1000}
+\setfont\keyrm\rmshape{8}{1000}{OT1}
 \font\keysy=cmsy9
 \def\key#1{{\keyrm\textfont2=\keysy \leavevmode\hbox{%
   \raise0.4pt\hbox{\angleleft}\kern-.08em\vtop{%
@@ -1768,6 +2425,7 @@ where each line of input produces a line of output.}
      \hbox{\raise0.4pt\hbox{\vphantom{\angleleft}}#1}}%
     \kern-0.4pt\hrule}%
   \kern-.06em\raise0.4pt\hbox{\angleright}}}}
+\def\key #1{{\nohyphenation \uppercase{#1}}\null}
 % The old definition, with no lozenge:
 %\def\key #1{{\ttsl \nohyphenation \uppercase{#1}}\null}
 \def\ctrl #1{{\tt \rawbackslash \hat}#1}
@@ -1793,7 +2451,7 @@ where each line of input produces a line of output.}
     \nohyphenation
     %
     \rawbackslash
-    \frenchspacing
+    \plainfrenchspacing
     #1%
   }%
   \null
@@ -1809,12 +2467,21 @@ where each line of input produces a line of output.}
 % and arrange explicitly to hyphenate at a dash.
 %  -- rms.
 {
-  \catcode`\-=\active
-  \catcode`\_=\active
+  \catcode`\-=\active \catcode`\_=\active
+  \catcode`\'=\active \catcode`\`=\active
   %
   \global\def\code{\begingroup
-    \catcode`\-=\active \let-\codedash
-    \catcode`\_=\active \let_\codeunder
+    \catcode\rquoteChar=\active \catcode\lquoteChar=\active
+    \let'\codequoteright \let`\codequoteleft
+    %
+    \catcode\dashChar=\active  \catcode\underChar=\active
+    \ifallowcodebreaks
+     \let-\codedash
+     \let_\codeunder
+    \else
+     \let-\realdash
+     \let_\realunder
+    \fi
     \codex
   }
 }
@@ -1834,6 +2501,28 @@ where each line of input produces a line of output.}
 }
 \def\codex #1{\tclose{#1}\endgroup}
 
+% An additional complication: the above will allow breaks after, e.g.,
+% each of the four underscores in __typeof__.  This is undesirable in
+% some manuals, especially if they don't have long identifiers in
+% general.  @allowcodebreaks provides a way to control this.
+% 
+\newif\ifallowcodebreaks  \allowcodebreakstrue
+
+\def\keywordtrue{true}
+\def\keywordfalse{false}
+
+\parseargdef\allowcodebreaks{%
+  \def\txiarg{#1}%
+  \ifx\txiarg\keywordtrue
+    \allowcodebreakstrue
+  \else\ifx\txiarg\keywordfalse
+    \allowcodebreaksfalse
+  \else
+    \errhelp = \EMsimple
+    \errmessage{Unknown @allowcodebreaks option `\txiarg'}%
+  \fi\fi
+}
+
 % @kbd is like @code, except that if the argument is just one @key command,
 % then @kbd has no effect.
 
@@ -1841,16 +2530,16 @@ where each line of input produces a line of output.}
 %   `example' (@kbd uses ttsl only inside of @example and friends),
 %   or `code' (@kbd uses normal tty font always).
 \parseargdef\kbdinputstyle{%
-  \def\arg{#1}%
-  \ifx\arg\worddistinct
+  \def\txiarg{#1}%
+  \ifx\txiarg\worddistinct
     \gdef\kbdexamplefont{\ttsl}\gdef\kbdfont{\ttsl}%
-  \else\ifx\arg\wordexample
+  \else\ifx\txiarg\wordexample
     \gdef\kbdexamplefont{\ttsl}\gdef\kbdfont{\tt}%
-  \else\ifx\arg\wordcode
+  \else\ifx\txiarg\wordcode
     \gdef\kbdexamplefont{\tt}\gdef\kbdfont{\tt}%
   \else
     \errhelp = \EMsimple
-    \errmessage{Unknown @kbdinputstyle option `\arg'}%
+    \errmessage{Unknown @kbdinputstyle option `\txiarg'}%
   \fi\fi\fi
 }
 \def\worddistinct{distinct}
@@ -1962,7 +2651,7 @@ where each line of input produces a line of output.}
 % 
 \def\abbr#1{\doabbr #1,,\finish}
 \def\doabbr#1,#2,#3\finish{%
-  {\frenchspacing #1}%
+  {\plainfrenchspacing #1}%
   \def\temp{#2}%
   \ifx\temp\empty \else
     \space ({\unsepspaces \ignorespaces \temp \unskip})%
@@ -2000,7 +2689,7 @@ where each line of input produces a line of output.}
 \def\eurofont{%
   % We set the font at each command, rather than predefining it in
   % \textfonts and the other font-switching commands, so that
-  % installations which never need the symbold don't have to have the
+  % installations which never need the symbol don't have to have the
   % font installed.
   % 
   % There is only one designed size (nominal 10pt), so we always scale
@@ -2021,6 +2710,35 @@ where each line of input produces a line of output.}
   \thiseurofont
 }
 
+% Hacks for glyphs from the EC fonts similar to \euro.  We don't
+% use \let for the aliases, because sometimes we redefine the original
+% macro, and the alias should reflect the redefinition.
+\def\guillemetleft{{\ecfont \char"13}}
+\def\guillemotleft{\guillemetleft}
+\def\guillemetright{{\ecfont \char"14}}
+\def\guillemotright{\guillemetright}
+\def\guilsinglleft{{\ecfont \char"0E}}
+\def\guilsinglright{{\ecfont \char"0F}}
+\def\quotedblbase{{\ecfont \char"12}}
+\def\quotesinglbase{{\ecfont \char"0D}}
+%
+\def\ecfont{%
+  % We can't distinguish serif/sanserif and italic/slanted, but this
+  % is used for crude hacks anyway (like adding French and German
+  % quotes to documents typeset with CM, where we lose kerning), so
+  % hopefully nobody will notice/care.
+  \edef\ecsize{\csname\curfontsize ecsize\endcsname}%
+  \edef\nominalsize{\csname\curfontsize nominalsize\endcsname}%
+  \ifx\curfontstyle\bfstylename
+    % bold:
+    \font\thisecfont = ecb\ifusingit{i}{x}\ecsize \space at \nominalsize
+  \else
+    % regular:
+    \font\thisecfont = ec\ifusingit{ti}{rm}\ecsize \space at \nominalsize
+  \fi
+  \thisecfont
+}
+
 % @registeredsymbol - R in a circle.  The font for the R should really
 % be smaller yet, but lllsize is the best we can do for now.
 % Adapted from the plain.tex definition of \copyright.
@@ -2031,6 +2749,10 @@ where each line of input produces a line of output.}
     }$%
 }
 
+% @textdegree - the normal degrees sign.
+%
+\def\textdegree{$^\circ$}
+
 % Laurent Siebenmann reports \Orb undefined with:
 %  Textures 1.7.7 (preloaded format=plain 93.10.14)  (68K)  16 APR 2004 02:38
 % so we'll define it if necessary.
@@ -2039,6 +2761,12 @@ where each line of input produces a line of output.}
 \def\Orb{\mathhexbox20D}
 \fi
 
+% Quotes.
+\chardef\quotedblleft="5C
+\chardef\quotedblright=`\"
+\chardef\quoteleft=`\`
+\chardef\quoteright=`\'
+
 
 \message{page headings,}
 
@@ -2202,12 +2930,39 @@ where each line of input produces a line of output.}
   %
   % Leave some space for the footline.  Hopefully ok to assume
   % @evenfooting will not be used by itself.
-  \global\advance\pageheight by -\baselineskip
-  \global\advance\vsize by -\baselineskip
+  \global\advance\pageheight by -12pt
+  \global\advance\vsize by -12pt
 }
 
 \parseargdef\everyfooting{\oddfootingxxx{#1}\evenfootingxxx{#1}}
 
+% @evenheadingmarks top     \thischapter <- chapter at the top of a page
+% @evenheadingmarks bottom  \thischapter <- chapter at the bottom of a page
+%
+% The same set of arguments for:
+%
+% @oddheadingmarks
+% @evenfootingmarks
+% @oddfootingmarks
+% @everyheadingmarks
+% @everyfootingmarks
+
+\def\evenheadingmarks{\headingmarks{even}{heading}}
+\def\oddheadingmarks{\headingmarks{odd}{heading}}
+\def\evenfootingmarks{\headingmarks{even}{footing}}
+\def\oddfootingmarks{\headingmarks{odd}{footing}}
+\def\everyheadingmarks#1 {\headingmarks{even}{heading}{#1}
+                          \headingmarks{odd}{heading}{#1} }
+\def\everyfootingmarks#1 {\headingmarks{even}{footing}{#1}
+                          \headingmarks{odd}{footing}{#1} }
+% #1 = even/odd, #2 = heading/footing, #3 = top/bottom.
+\def\headingmarks#1#2#3 {%
+  \expandafter\let\expandafter\temp \csname get#3headingmarks\endcsname
+  \global\expandafter\let\csname get#1#2marks\endcsname \temp
+}
+
+\everyheadingmarks bottom
+\everyfootingmarks bottom
 
 % @headings double      turns headings on for double-sided printing.
 % @headings single      turns headings on for single-sided printing.
@@ -2862,6 +3617,7 @@ where each line of input produces a line of output.}
 
 \def\doignore#1{\begingroup
   % Scan in ``verbatim'' mode:
+  \obeylines
   \catcode`\@ = \other
   \catcode`\{ = \other
   \catcode`\} = \other
@@ -2882,16 +3638,16 @@ where each line of input produces a line of output.}
   \gdef\dodoignore#1{%
     % #1 contains the command name as a string, e.g., `ifinfo'.
     %
-    % Define a command to find the next `@end #1', which must be on a line
-    % by itself.
-    \long\def\doignoretext##1^^M@end #1{\doignoretextyyy##1^^M@#1\_STOP_}%
+    % Define a command to find the next `@end #1'.
+    \long\def\doignoretext##1^^M@end #1{%
+      \doignoretextyyy##1^^M@#1\_STOP_}%
+    %
     % And this command to find another #1 command, at the beginning of a
     % line.  (Otherwise, we would consider a line `@c @ifset', for
     % example, to count as an @ifset for nesting.)
     \long\def\doignoretextyyy##1^^M@#1##2\_STOP_{\doignoreyyy{##2}\_STOP_}%
     %
     % And now expand that command.
-    \obeylines %
     \doignoretext ^^M%
   }%
 }
@@ -2921,7 +3677,12 @@ where each line of input produces a line of output.}
 }
 
 % Finish off ignored text.
-\def\enddoignore{\endgroup\ignorespaces}
+{ \obeylines%
+  % Ignore anything after the last `@end #1'; this matters in verbatim
+  % environments, where otherwise the newline after an ignored conditional
+  % would result in a blank line in the output.
+  \gdef\enddoignore#1^^M{\endgroup\ignorespaces}%
+}
 
 
 % @set VAR sets the variable VAR to an empty value.
@@ -3121,42 +3882,50 @@ where each line of input produces a line of output.}
 % we have to laboriously prevent expansion for those that we don't.
 %
 \def\indexdummies{%
+  \escapechar = `\\     % use backslash in output files.
   \def\@{@}% change to @@ when we switch to @ as escape char in index files.
   \def\ {\realbackslash\space }%
+  %
   % Need these in case \tex is in effect and \{ is a \delimiter again.
   % But can't use \lbracecmd and \rbracecmd because texindex assumes
   % braces and backslashes are used only as delimiters.
   \let\{ = \mylbrace
   \let\} = \myrbrace
   %
-  % \definedummyword defines \#1 as \realbackslash #1\space, thus
-  % effectively preventing its expansion.  This is used only for control
-  % words, not control letters, because the \space would be incorrect
-  % for control characters, but is needed to separate the control word
-  % from whatever follows.
-  %
-  % For control letters, we have \definedummyletter, which omits the
-  % space.
-  %
-  % These can be used both for control words that take an argument and
-  % those that do not.  If it is followed by {arg} in the input, then
-  % that will dutifully get written to the index (or wherever).
-  %
-  \def\definedummyword##1{%
-    \expandafter\def\csname ##1\endcsname{\realbackslash ##1\space}%
-  }%
-  \def\definedummyletter##1{%
-    \expandafter\def\csname ##1\endcsname{\realbackslash ##1}%
-  }%
-  \let\definedummyaccent\definedummyletter
+  % I don't entirely understand this, but when an index entry is
+  % generated from a macro call, the \endinput which \scanmacro inserts
+  % causes processing to be prematurely terminated.  This is,
+  % apparently, because \indexsorttmp is fully expanded, and \endinput
+  % is an expandable command.  The redefinition below makes \endinput
+  % disappear altogether for that purpose -- although logging shows that
+  % processing continues to some further point.  On the other hand, it
+  % seems \endinput does not hurt in the printed index arg, since that
+  % is still getting written without apparent harm.
+  % 
+  % Sample source (mac-idx3.tex, reported by Graham Percival to
+  % help-texinfo, 22may06):
+  % @macro funindex {WORD}
+  % @findex xyz
+  % @end macro
+  % ...
+  % @funindex commtest
+  % 
+  % The above is not enough to reproduce the bug, but it gives the flavor.
+  % 
+  % Sample whatsit resulting:
+  % .@write3{\entry{xyz}{@folio }{@code {xyz@endinput }}}
+  % 
+  % So:
+  \let\endinput = \empty
   %
   % Do the redefinitions.
   \commondummies
 }
 
-% For the aux file, @ is the escape character.  So we want to redefine
-% everything using @ instead of \realbackslash.  When everything uses
-% @, this will be simpler.
+% For the aux and toc files, @ is the escape character.  So we want to
+% redefine everything using @ as the escape character (instead of
+% \realbackslash, still used for index files).  When everything uses @,
+% this will be simpler.
 %
 \def\atdummies{%
   \def\@{@@}%
@@ -3164,147 +3933,162 @@ where each line of input produces a line of output.}
   \let\{ = \lbraceatcmd
   \let\} = \rbraceatcmd
   %
-  % (See comments in \indexdummies.)
-  \def\definedummyword##1{%
-    \expandafter\def\csname ##1\endcsname{@##1\space}%
-  }%
-  \def\definedummyletter##1{%
-    \expandafter\def\csname ##1\endcsname{@##1}%
-  }%
-  \let\definedummyaccent\definedummyletter
-  %
   % Do the redefinitions.
   \commondummies
+  \otherbackslash
 }
 
-% Called from \indexdummies and \atdummies.  \definedummyword and
-% \definedummyletter must be defined first.
+% Called from \indexdummies and \atdummies.
 %
 \def\commondummies{%
   %
-  \normalturnoffactive
+  % \definedummyword defines \#1 as \string\#1\space, thus effectively
+  % preventing its expansion.  This is used only for control% words,
+  % not control letters, because the \space would be incorrect for
+  % control characters, but is needed to separate the control word
+  % from whatever follows.
+  %
+  % For control letters, we have \definedummyletter, which omits the
+  % space.
+  %
+  % These can be used both for control words that take an argument and
+  % those that do not.  If it is followed by {arg} in the input, then
+  % that will dutifully get written to the index (or wherever).
+  %
+  \def\definedummyword  ##1{\def##1{\string##1\space}}%
+  \def\definedummyletter##1{\def##1{\string##1}}%
+  \let\definedummyaccent\definedummyletter
   %
   \commondummiesnofonts
   %
-  \definedummyletter{_}%
+  \definedummyletter\_%
   %
   % Non-English letters.
-  \definedummyword{AA}%
-  \definedummyword{AE}%
-  \definedummyword{L}%
-  \definedummyword{OE}%
-  \definedummyword{O}%
-  \definedummyword{aa}%
-  \definedummyword{ae}%
-  \definedummyword{l}%
-  \definedummyword{oe}%
-  \definedummyword{o}%
-  \definedummyword{ss}%
-  \definedummyword{exclamdown}%
-  \definedummyword{questiondown}%
-  \definedummyword{ordf}%
-  \definedummyword{ordm}%
+  \definedummyword\AA
+  \definedummyword\AE
+  \definedummyword\L
+  \definedummyword\OE
+  \definedummyword\O
+  \definedummyword\aa
+  \definedummyword\ae
+  \definedummyword\l
+  \definedummyword\oe
+  \definedummyword\o
+  \definedummyword\ss
+  \definedummyword\exclamdown
+  \definedummyword\questiondown
+  \definedummyword\ordf
+  \definedummyword\ordm
   %
   % Although these internal commands shouldn't show up, sometimes they do.
-  \definedummyword{bf}%
-  \definedummyword{gtr}%
-  \definedummyword{hat}%
-  \definedummyword{less}%
-  \definedummyword{sf}%
-  \definedummyword{sl}%
-  \definedummyword{tclose}%
-  \definedummyword{tt}%
-  %
-  \definedummyword{LaTeX}%
-  \definedummyword{TeX}%
+  \definedummyword\bf
+  \definedummyword\gtr
+  \definedummyword\hat
+  \definedummyword\less
+  \definedummyword\sf
+  \definedummyword\sl
+  \definedummyword\tclose
+  \definedummyword\tt
+  %
+  \definedummyword\LaTeX
+  \definedummyword\TeX
   %
   % Assorted special characters.
-  \definedummyword{bullet}%
-  \definedummyword{comma}%
-  \definedummyword{copyright}%
-  \definedummyword{registeredsymbol}%
-  \definedummyword{dots}%
-  \definedummyword{enddots}%
-  \definedummyword{equiv}%
-  \definedummyword{error}%
-  \definedummyword{euro}%
-  \definedummyword{expansion}%
-  \definedummyword{minus}%
-  \definedummyword{pounds}%
-  \definedummyword{point}%
-  \definedummyword{print}%
-  \definedummyword{result}%
+  \definedummyword\bullet
+  \definedummyword\comma
+  \definedummyword\copyright
+  \definedummyword\registeredsymbol
+  \definedummyword\dots
+  \definedummyword\enddots
+  \definedummyword\equiv
+  \definedummyword\error
+  \definedummyword\euro
+  \definedummyword\guillemetleft
+  \definedummyword\guillemetright
+  \definedummyword\guilsinglleft
+  \definedummyword\guilsinglright
+  \definedummyword\expansion
+  \definedummyword\minus
+  \definedummyword\pounds
+  \definedummyword\point
+  \definedummyword\print
+  \definedummyword\quotedblbase
+  \definedummyword\quotedblleft
+  \definedummyword\quotedblright
+  \definedummyword\quoteleft
+  \definedummyword\quoteright
+  \definedummyword\quotesinglbase
+  \definedummyword\result
+  \definedummyword\textdegree
+  %
+  % We want to disable all macros so that they are not expanded by \write.
+  \macrolist
+  %
+  \normalturnoffactive
   %
   % Handle some cases of @value -- where it does not contain any
   % (non-fully-expandable) commands.
   \makevalueexpandable
-  %
-  % Normal spaces, not active ones.
-  \unsepspaces
-  %
-  % No macro expansion.
-  \turnoffmacros
 }
 
 % \commondummiesnofonts: common to \commondummies and \indexnofonts.
 %
-% Better have this without active chars.
-{
-  \catcode`\~=\other
-  \gdef\commondummiesnofonts{%
-    % Control letters and accents.
-    \definedummyletter{!}%
-    \definedummyaccent{"}%
-    \definedummyaccent{'}%
-    \definedummyletter{*}%
-    \definedummyaccent{,}%
-    \definedummyletter{.}%
-    \definedummyletter{/}%
-    \definedummyletter{:}%
-    \definedummyaccent{=}%
-    \definedummyletter{?}%
-    \definedummyaccent{^}%
-    \definedummyaccent{`}%
-    \definedummyaccent{~}%
-    \definedummyword{u}%
-    \definedummyword{v}%
-    \definedummyword{H}%
-    \definedummyword{dotaccent}%
-    \definedummyword{ringaccent}%
-    \definedummyword{tieaccent}%
-    \definedummyword{ubaraccent}%
-    \definedummyword{udotaccent}%
-    \definedummyword{dotless}%
-    %
-    % Texinfo font commands.
-    \definedummyword{b}%
-    \definedummyword{i}%
-    \definedummyword{r}%
-    \definedummyword{sc}%
-    \definedummyword{t}%
-    %
-    % Commands that take arguments.
-    \definedummyword{acronym}%
-    \definedummyword{cite}%
-    \definedummyword{code}%
-    \definedummyword{command}%
-    \definedummyword{dfn}%
-    \definedummyword{emph}%
-    \definedummyword{env}%
-    \definedummyword{file}%
-    \definedummyword{kbd}%
-    \definedummyword{key}%
-    \definedummyword{math}%
-    \definedummyword{option}%
-    \definedummyword{samp}%
-    \definedummyword{strong}%
-    \definedummyword{tie}%
-    \definedummyword{uref}%
-    \definedummyword{url}%
-    \definedummyword{var}%
-    \definedummyword{verb}%
-    \definedummyword{w}%
-  }
+\def\commondummiesnofonts{%
+  % Control letters and accents.
+  \definedummyletter\!%
+  \definedummyaccent\"%
+  \definedummyaccent\'%
+  \definedummyletter\*%
+  \definedummyaccent\,%
+  \definedummyletter\.%
+  \definedummyletter\/%
+  \definedummyletter\:%
+  \definedummyaccent\=%
+  \definedummyletter\?%
+  \definedummyaccent\^%
+  \definedummyaccent\`%
+  \definedummyaccent\~%
+  \definedummyword\u
+  \definedummyword\v
+  \definedummyword\H
+  \definedummyword\dotaccent
+  \definedummyword\ringaccent
+  \definedummyword\tieaccent
+  \definedummyword\ubaraccent
+  \definedummyword\udotaccent
+  \definedummyword\dotless
+  %
+  % Texinfo font commands.
+  \definedummyword\b
+  \definedummyword\i
+  \definedummyword\r
+  \definedummyword\sc
+  \definedummyword\t
+  %
+  % Commands that take arguments.
+  \definedummyword\acronym
+  \definedummyword\cite
+  \definedummyword\code
+  \definedummyword\command
+  \definedummyword\dfn
+  \definedummyword\emph
+  \definedummyword\env
+  \definedummyword\file
+  \definedummyword\kbd
+  \definedummyword\key
+  \definedummyword\math
+  \definedummyword\option
+  \definedummyword\pxref
+  \definedummyword\ref
+  \definedummyword\samp
+  \definedummyword\strong
+  \definedummyword\tie
+  \definedummyword\uref
+  \definedummyword\url
+  \definedummyword\var
+  \definedummyword\verb
+  \definedummyword\w
+  \definedummyword\xref
 }
 
 % \indexnofonts is used when outputting the strings to sort the index
@@ -3314,13 +4098,9 @@ where each line of input produces a line of output.}
 %
 \def\indexnofonts{%
   % Accent commands should become @asis.
-  \def\definedummyaccent##1{%
-    \expandafter\let\csname ##1\endcsname\asis
-  }%
+  \def\definedummyaccent##1{\let##1\asis}%
   % We can just ignore other control letters.
-  \def\definedummyletter##1{%
-    \expandafter\def\csname ##1\endcsname{}%
-  }%
+  \def\definedummyletter##1{\let##1\empty}%
   % Hopefully, all control words can become @asis.
   \let\definedummyword\definedummyaccent
   %
@@ -3367,15 +4147,35 @@ where each line of input produces a line of output.}
   \def\equiv{==}%
   \def\error{error}%
   \def\euro{euro}%
+  \def\guillemetleft{<<}%
+  \def\guillemetright{>>}%
+  \def\guilsinglleft{<}%
+  \def\guilsinglright{>}%
   \def\expansion{==>}%
   \def\minus{-}%
   \def\pounds{pounds}%
   \def\point{.}%
   \def\print{-|}%
+  \def\quotedblbase{"}%
+  \def\quotedblleft{"}%
+  \def\quotedblright{"}%
+  \def\quoteleft{`}%
+  \def\quoteright{'}%
+  \def\quotesinglbase{,}%
   \def\result{=>}%
+  \def\textdegree{degrees}%
   %
-  % Don't write macro names.
-  \emptyusermacros
+  % We need to get rid of all macros, leaving only the arguments (if present).
+  % Of course this is not nearly correct, but it is the best we can do for now.
+  % makeinfo does not expand macros in the argument to @deffn, which ends up
+  % writing an index entry, and texindex isn't prepared for an index sort entry
+  % that starts with \.
+  % 
+  % Since macro invocations are followed by braces, we can just redefine them
+  % to take a single TeX argument.  The case of a macro invocation that
+  % goes to end-of-line is not handled.
+  % 
+  \macrolist
 }
 
 \let\indexbackslash=0  %overridden during \printindex.
@@ -3403,11 +4203,7 @@ where each line of input produces a line of output.}
     %
     \edef\writeto{\csname#1indfile\endcsname}%
     %
-    \ifvmode
-      \dosubindsanitize
-    \else
-      \dosubindwrite
-    \fi
+    \safewhatsit\dosubindwrite
   }%
   \fi
 }
@@ -3422,7 +4218,6 @@ where each line of input produces a line of output.}
   %
   % Remember, we are within a group.
   \indexdummies % Must do this here, since \bf, etc expand at this stage
-  \escapechar=`\\
   \def\backslashcurfont{\indexbackslash}% \indexbackslash isn't defined now
       % so it will be output as is; and it will print as backslash.
   %
@@ -3445,13 +4240,13 @@ where each line of input produces a line of output.}
   \temp
 }
 
-% Take care of unwanted page breaks:
+% Take care of unwanted page breaks/skips around a whatsit:
 %
 % If a skip is the last thing on the list now, preserve it
 % by backing up by \lastskip, doing the \write, then inserting
 % the skip again.  Otherwise, the whatsit generated by the
-% \write will make \lastskip zero.  The result is that sequences
-% like this:
+% \write or \pdfdest will make \lastskip zero.  The result is that
+% sequences like this:
 % @end defun
 % @tindex whatever
 % @defun ...
@@ -3475,25 +4270,31 @@ where each line of input produces a line of output.}
 %
 \edef\zeroskipmacro{\expandafter\the\csname z@skip\endcsname}
 %
+\newskip\whatsitskip
+\newcount\whatsitpenalty
+%
 % ..., ready, GO:
 %
-\def\dosubindsanitize{%
+\def\safewhatsit#1{%
+\ifhmode
+  #1%
+\else
   % \lastskip and \lastpenalty cannot both be nonzero simultaneously.
-  \skip0 = \lastskip
+  \whatsitskip = \lastskip
   \edef\lastskipmacro{\the\lastskip}%
-  \count255 = \lastpenalty
+  \whatsitpenalty = \lastpenalty
   %
   % If \lastskip is nonzero, that means the last item was a
   % skip.  And since a skip is discardable, that means this
-  % -\skip0 glue we're inserting is preceded by a
+  % -\whatsitskip glue we're inserting is preceded by a
   % non-discardable item, therefore it is not a potential
   % breakpoint, therefore no \nobreak needed.
   \ifx\lastskipmacro\zeroskipmacro
   \else
-    \vskip-\skip0
+    \vskip-\whatsitskip
   \fi
   %
-  \dosubindwrite
+  #1%
   %
   \ifx\lastskipmacro\zeroskipmacro
     % If \lastskip was zero, perhaps the last item was a penalty, and
@@ -3507,13 +4308,14 @@ where each line of input produces a line of output.}
     %   Description.
     % would allow a break between the index-whatever whatsit
     % and the "Description." paragraph.
-    \ifnum\count255>9999 \penalty\count255 \fi
+    \ifnum\whatsitpenalty>9999 \penalty\whatsitpenalty \fi
   \else
     % On the other hand, if we had a nonzero \lastskip,
     % this make-up glue would be preceded by a non-discardable item
     % (the whatsit from the \write), so we must insert a \nobreak.
-    \nobreak\vskip\skip0
+    \nobreak\vskip\whatsitskip
   \fi
+\fi
 }
 
 % The index entry written in the file actually looks like
@@ -3556,6 +4358,7 @@ where each line of input produces a line of output.}
   %
   \smallfonts \rm
   \tolerance = 9500
+  \plainfrenchspacing
   \everypar = {}% don't want the \kern\-parindent from indentation suppression.
   %
   % See if the index file exists and is nonempty.
@@ -3685,11 +4488,8 @@ where each line of input produces a line of output.}
     % The following is kludged to not output a line of dots in the index if
     % there are no page numbers.  The next person who breaks this will be
     % cursed by a Unix daemon.
-    \def\tempa{{\rm }}%
-    \def\tempb{#1}%
-    \edef\tempc{\tempa}%
-    \edef\tempd{\tempb}%
-    \ifx\tempc\tempd
+    \setbox\boxA = \hbox{#1}%
+    \ifdim\wd\boxA = 0pt
       \ %
     \else
       %
@@ -3713,9 +4513,9 @@ where each line of input produces a line of output.}
   \endgroup
 }
 
-% Like \dotfill except takes at least 1 em.
+% Like plain.tex's \dotfill, except uses up at least 1 em.
 \def\indexdotfill{\cleaders
-  \hbox{$\mathsurround=0pt \mkern1.5mu ${\it .}$ \mkern1.5mu$}\hskip 1em plus 1fill}
+  \hbox{$\mathsurround=0pt \mkern1.5mu.\mkern1.5mu$}\hskip 1em plus 1fill}
 
 \def\primary #1{\line{#1\hfil}}
 
@@ -3825,6 +4625,34 @@ where each line of input produces a line of output.}
 %
 % All done with double columns.
 \def\enddoublecolumns{%
+  % The following penalty ensures that the page builder is exercised
+  % _before_ we change the output routine.  This is necessary in the
+  % following situation:
+  %
+  % The last section of the index consists only of a single entry.
+  % Before this section, \pagetotal is less than \pagegoal, so no
+  % break occurs before the last section starts.  However, the last
+  % section, consisting of \initial and the single \entry, does not
+  % fit on the page and has to be broken off.  Without the following
+  % penalty the page builder will not be exercised until \eject
+  % below, and by that time we'll already have changed the output
+  % routine to the \balancecolumns version, so the next-to-last
+  % double-column page will be processed with \balancecolumns, which
+  % is wrong:  The two columns will go to the main vertical list, with
+  % the broken-off section in the recent contributions.  As soon as
+  % the output routine finishes, TeX starts reconsidering the page
+  % break.  The two columns and the broken-off section both fit on the
+  % page, because the two columns now take up only half of the page
+  % goal.  When TeX sees \eject from below which follows the final
+  % section, it invokes the new output routine that we've set after
+  % \balancecolumns below; \onepageout will try to fit the two columns
+  % and the final section into the vbox of \pageheight (see
+  % \pagebody), causing an overfull box.
+  %
+  % Note that glue won't work here, because glue does not exercise the
+  % page builder, unlike penalties (see The TeXbook, pp. 280-281).
+  \penalty0
+  %
   \output = {%
     % Split the last of the double-column material.  Leave it on the
     % current page, no automatic page break.
@@ -3934,11 +4762,15 @@ where each line of input produces a line of output.}
   \fi\fi\fi\fi\fi\fi\fi\fi\fi\fi\fi\fi\fi
   \fi\fi\fi\fi\fi\fi\fi\fi\fi\fi\fi\fi\fi}
 
-% Each @chapter defines this as the name of the chapter.
-% page headings and footings can use it.  @section does likewise.
-% However, they are not reliable, because we don't use marks.
+% Each @chapter defines these (using marks) as the number+name, number
+% and name of the chapter.  Page headings and footings can use
+% these.  @section does likewise.
 \def\thischapter{}
+\def\thischapternum{}
+\def\thischaptername{}
 \def\thissection{}
+\def\thissectionnum{}
+\def\thissectionname{}
 
 \newcount\absseclevel % used to calculate proper heading level
 \newcount\secbase\secbase=0 % @raisesections/@lowersections modify this count
@@ -4239,7 +5071,20 @@ where each line of input produces a line of output.}
 
 \def\chapbreak{\dobreak \chapheadingskip {-4000}}
 \def\chappager{\par\vfill\supereject}
-\def\chapoddpage{\chappager \ifodd\pageno \else \hbox to 0pt{} \chappager\fi}
+% Because \domark is called before \chapoddpage, the filler page will
+% get the headings for the next chapter, which is wrong.  But we don't
+% care -- we just disable all headings on the filler page.
+\def\chapoddpage{%
+  \chappager
+  \ifodd\pageno \else
+    \begingroup
+      \evenheadline={\hfil}\evenfootline={\hfil}%
+      \oddheadline={\hfil}\oddfootline={\hfil}%
+      \hbox to 0pt{}%
+      \chappager
+    \endgroup
+  \fi
+}
 
 \def\setchapternewpage #1 {\csname CHAPPAG#1\endcsname}
 
@@ -4273,41 +5118,72 @@ where each line of input produces a line of output.}
 \def\Yappendixkeyword{Yappendix}
 %
 \def\chapmacro#1#2#3{%
+  % Insert the first mark before the heading break (see notes for \domark).
+  \let\prevchapterdefs=\lastchapterdefs
+  \let\prevsectiondefs=\lastsectiondefs
+  \gdef\lastsectiondefs{\gdef\thissectionname{}\gdef\thissectionnum{}%
+                        \gdef\thissection{}}%
+  %
+  \def\temptype{#2}%
+  \ifx\temptype\Ynothingkeyword
+    \gdef\lastchapterdefs{\gdef\thischaptername{#1}\gdef\thischapternum{}%
+                          \gdef\thischapter{\thischaptername}}%
+  \else\ifx\temptype\Yomitfromtockeyword
+    \gdef\lastchapterdefs{\gdef\thischaptername{#1}\gdef\thischapternum{}%
+                          \gdef\thischapter{}}%
+  \else\ifx\temptype\Yappendixkeyword
+    \toks0={#1}%
+    \xdef\lastchapterdefs{%
+      \gdef\noexpand\thischaptername{\the\toks0}%
+      \gdef\noexpand\thischapternum{\appendixletter}%
+      \gdef\noexpand\thischapter{\putwordAppendix{} \noexpand\thischapternum:
+                                 \noexpand\thischaptername}%
+    }%
+  \else
+    \toks0={#1}%
+    \xdef\lastchapterdefs{%
+      \gdef\noexpand\thischaptername{\the\toks0}%
+      \gdef\noexpand\thischapternum{\the\chapno}%
+      \gdef\noexpand\thischapter{\putwordChapter{} \noexpand\thischapternum:
+                                 \noexpand\thischaptername}%
+    }%
+  \fi\fi\fi
+  %
+  % Output the mark.  Pass it through \safewhatsit, to take care of
+  % the preceding space.
+  \safewhatsit\domark
+  %
+  % Insert the chapter heading break.
   \pchapsepmacro
+  %
+  % Now the second mark, after the heading break.  No break points
+  % between here and the heading.
+  \let\prevchapterdefs=\lastchapterdefs
+  \let\prevsectiondefs=\lastsectiondefs
+  \domark
+  %
   {%
     \chapfonts \rm
     %
-    % Have to define \thissection before calling \donoderef, because the
+    % Have to define \lastsection before calling \donoderef, because the
     % xref code eventually uses it.  On the other hand, it has to be called
     % after \pchapsepmacro, or the headline will change too soon.
-    \gdef\thissection{#1}%
-    \gdef\thischaptername{#1}%
+    \gdef\lastsection{#1}%
     %
     % Only insert the separating space if we have a chapter/appendix
     % number, and don't print the unnumbered ``number''.
-    \def\temptype{#2}%
     \ifx\temptype\Ynothingkeyword
       \setbox0 = \hbox{}%
       \def\toctype{unnchap}%
-      \def\thischapter{#1}%
     \else\ifx\temptype\Yomitfromtockeyword
       \setbox0 = \hbox{}% contents like unnumbered, but no toc entry
       \def\toctype{omit}%
-      \xdef\thischapter{}%
     \else\ifx\temptype\Yappendixkeyword
       \setbox0 = \hbox{\putwordAppendix{} #3\enspace}%
       \def\toctype{app}%
-      % We don't substitute the actual chapter name into \thischapter
-      % because we don't want its macros evaluated now.  And we don't
-      % use \thissection because that changes with each section.
-      %
-      \xdef\thischapter{\putwordAppendix{} \appendixletter:
-                        \noexpand\thischaptername}%
     \else
       \setbox0 = \hbox{#3\enspace}%
       \def\toctype{numchap}%
-      \xdef\thischapter{\putwordChapter{} \the\chapno:
-                        \noexpand\thischaptername}%
     \fi\fi\fi
     %
     % Write the toc entry for this chapter.  Must come before the
@@ -4323,6 +5199,7 @@ where each line of input produces a line of output.}
     \donoderef{#2}%
     %
     % Typeset the actual heading.
+    \nobreak % Avoid page breaks at the interline glue.
     \vbox{\hyphenpenalty=10000 \tolerance=5000 \parindent=0pt \raggedright
           \hangindent=\wd0 \centerparametersmaybe
           \unhbox0 #1\par}%
@@ -4385,45 +5262,95 @@ where each line of input produces a line of output.}
 % the section type for xrefs (Ynumbered, Ynothing, Yappendix), #4 is the
 % section number.
 %
+\def\seckeyword{sec}
+%
 \def\sectionheading#1#2#3#4{%
   {%
     % Switch to the right set of fonts.
     \csname #2fonts\endcsname \rm
     %
+    \def\sectionlevel{#2}%
+    \def\temptype{#3}%
+    %
+    % Insert first mark before the heading break (see notes for \domark).
+    \let\prevsectiondefs=\lastsectiondefs
+    \ifx\temptype\Ynothingkeyword
+      \ifx\sectionlevel\seckeyword
+        \gdef\lastsectiondefs{\gdef\thissectionname{#1}\gdef\thissectionnum{}%
+                              \gdef\thissection{\thissectionname}}%
+      \fi
+    \else\ifx\temptype\Yomitfromtockeyword
+      % Don't redefine \thissection.
+    \else\ifx\temptype\Yappendixkeyword
+      \ifx\sectionlevel\seckeyword
+        \toks0={#1}%
+        \xdef\lastsectiondefs{%
+          \gdef\noexpand\thissectionname{\the\toks0}%
+          \gdef\noexpand\thissectionnum{#4}%
+          \gdef\noexpand\thissection{\putwordSection{} \noexpand\thissectionnum:
+                                     \noexpand\thissectionname}%
+        }%
+      \fi
+    \else
+      \ifx\sectionlevel\seckeyword
+        \toks0={#1}%
+        \xdef\lastsectiondefs{%
+          \gdef\noexpand\thissectionname{\the\toks0}%
+          \gdef\noexpand\thissectionnum{#4}%
+          \gdef\noexpand\thissection{\putwordSection{} \noexpand\thissectionnum:
+                                     \noexpand\thissectionname}%
+        }%
+      \fi
+    \fi\fi\fi
+    %
+    % Output the mark.  Pass it through \safewhatsit, to take care of
+    % the preceding space.
+    \safewhatsit\domark
+    %
     % Insert space above the heading.
     \csname #2headingbreak\endcsname
     %
-    % Only insert the space after the number if we have a section number.
-    \def\sectionlevel{#2}%
-    \def\temptype{#3}%
+    % Now the second mark, after the heading break.  No break points
+    % between here and the heading.
+    \let\prevsectiondefs=\lastsectiondefs
+    \domark
     %
+    % Only insert the space after the number if we have a section number.
     \ifx\temptype\Ynothingkeyword
       \setbox0 = \hbox{}%
       \def\toctype{unn}%
-      \gdef\thissection{#1}%
+      \gdef\lastsection{#1}%
     \else\ifx\temptype\Yomitfromtockeyword
       % for @headings -- no section number, don't include in toc,
-      % and don't redefine \thissection.
+      % and don't redefine \lastsection.
       \setbox0 = \hbox{}%
       \def\toctype{omit}%
       \let\sectionlevel=\empty
     \else\ifx\temptype\Yappendixkeyword
       \setbox0 = \hbox{#4\enspace}%
       \def\toctype{app}%
-      \gdef\thissection{#1}%
+      \gdef\lastsection{#1}%
     \else
       \setbox0 = \hbox{#4\enspace}%
       \def\toctype{num}%
-      \gdef\thissection{#1}%
+      \gdef\lastsection{#1}%
     \fi\fi\fi
     %
-    % Write the toc entry (before \donoderef).  See comments in \chfplain.
+    % Write the toc entry (before \donoderef).  See comments in \chapmacro.
     \writetocentry{\toctype\sectionlevel}{#1}{#4}%
     %
     % Write the node reference (= pdf destination for pdftex).
-    % Again, see comments in \chfplain.
+    % Again, see comments in \chapmacro.
     \donoderef{#3}%
     %
+    % Interline glue will be inserted when the vbox is completed.
+    % That glue will be a valid breakpoint for the page, since it'll be
+    % preceded by a whatsit (usually from the \donoderef, or from the
+    % \writetocentry if there was no node).  We don't want to allow that
+    % break, since then the whatsits could end up on page n while the
+    % section is on page n+1, thus toc/etc. are wrong.  Debian bug 276000.
+    \nobreak
+    %
     % Output the actual section heading.
     \vbox{\hyphenpenalty=10000 \tolerance=5000 \parindent=0pt \raggedright
           \hangindent=\wd0  % zero if no section number
@@ -4482,11 +5409,11 @@ where each line of input produces a line of output.}
     \fi
     %
     \iflinks
-      \toks0 = {#2}%
-      \toks2 = \expandafter{\lastnode}%
-      \edef\temp{\write\tocfile{\realbackslash #1entry{\the\toks0}{#3}%
-                               {\the\toks2}{\noexpand\folio}}}%
-      \temp
+      {\atdummies
+       \edef\temp{%
+         \write\tocfile{@#1entry{#2}{#3}{\lastnode}{\noexpand\folio}}}%
+       \temp
+      }%
     \fi
   \fi
   %
@@ -4499,6 +5426,31 @@ where each line of input produces a line of output.}
   \ifpdf \global\pdfmakepagedesttrue \fi
 }
 
+
+% These characters do not print properly in the Computer Modern roman
+% fonts, so we must take special care.  This is more or less redundant
+% with the Texinfo input format setup at the end of this file.
+% 
+\def\activecatcodes{%
+  \catcode`\"=\active
+  \catcode`\$=\active
+  \catcode`\<=\active
+  \catcode`\>=\active
+  \catcode`\\=\active
+  \catcode`\^=\active
+  \catcode`\_=\active
+  \catcode`\|=\active
+  \catcode`\~=\active
+}
+
+
+% Read the toc file, which is essentially Texinfo input.
+\def\readtocfile{%
+  \setupdatafile
+  \activecatcodes
+  \input \tocreadfilename
+}
+
 \newskip\contentsrightmargin \contentsrightmargin=1in
 \newcount\savepageno
 \newcount\lastnegativepageno \lastnegativepageno = -1
@@ -4515,29 +5467,29 @@ where each line of input produces a line of output.}
   %
   % Don't need to put `Contents' or `Short Contents' in the headline.
   % It is abundantly clear what they are.
-  \def\thischapter{}%
   \chapmacro{#1}{Yomitfromtoc}{}%
   %
   \savepageno = \pageno
   \begingroup                  % Set up to handle contents files properly.
-    \catcode`\\=0  \catcode`\{=1  \catcode`\}=2  \catcode`\@=11
-    % We can't do this, because then an actual ^ in a section
-    % title fails, e.g., @chapter ^ -- exponentiation.  --karl, 9jul97.
-    %\catcode`\^=7 % to see ^^e4 as \"a etc. juha@piuha.ydi.vtt.fi
-    \raggedbottom             % Worry more about breakpoints than the bottom.
+    \raggedbottom              % Worry more about breakpoints than the bottom.
     \advance\hsize by -\contentsrightmargin % Don't use the full line length.
     %
     % Roman numerals for page numbers.
     \ifnum \pageno>0 \global\pageno = \lastnegativepageno \fi
 }
 
+% redefined for the two-volume lispref.  We always output on
+% \jobname.toc even if this is redefined.
+% 
+\def\tocreadfilename{\jobname.toc}
 
 % Normal (long) toc.
+%
 \def\contents{%
   \startcontents{\putwordTOC}%
-    \openin 1 \jobname.toc
+    \openin 1 \tocreadfilename\space
     \ifeof 1 \else
-      \input \jobname.toc
+      \readtocfile
     \fi
     \vfill \eject
     \contentsalignmacro % in case @setchapternewpage odd is in effect
@@ -4573,9 +5525,9 @@ where each line of input produces a line of output.}
     \let\numsubsubsecentry = \numsecentry
     \let\appsubsubsecentry = \numsecentry
     \let\unnsubsubsecentry = \numsecentry
-    \openin 1 \jobname.toc
+    \openin 1 \tocreadfilename\space
     \ifeof 1 \else
-      \input \jobname.toc
+      \readtocfile
     \fi
     \closein 1
     \vfill \eject
@@ -4717,7 +5669,7 @@ where each line of input produces a line of output.}
 {\tentt \global\dimen0 = 3em}% Width of the box.
 \dimen2 = .55pt % Thickness of rules
 % The text. (`r' is open on the right, `e' somewhat less so on the left.)
-\setbox0 = \hbox{\kern-.75pt \tensf error\kern-1.5pt}
+\setbox0 = \hbox{\kern-.75pt \reducedsf error\kern-1.5pt}
 %
 \setbox\errorbox=\hbox to \dimen0{\hfil
    \hsize = \dimen0 \advance\hsize by -5.8pt % Space to left+right.
@@ -4765,6 +5717,7 @@ where each line of input produces a line of output.}
   \let\/=\ptexslash
   \let\*=\ptexstar
   \let\t=\ptext
+  \let\frenchspacing=\plainfrenchspacing
   %
   \def\endldots{\mathinner{\ldots\ldots\ldots\ldots}}%
   \def\enddots{\relax\ifmmode\endldots\else$\mathsurround=0pt \endldots\,$\fi}%
@@ -4810,7 +5763,8 @@ where each line of input produces a line of output.}
 
 \let\afterenvbreak = \aboveenvbreak
 
-% \nonarrowing is a flag.  If "set", @lisp etc don't narrow margins.
+% \nonarrowing is a flag.  If "set", @lisp etc don't narrow margins; it will
+% also clear it, so that its embedded environments do the narrowing again.
 \let\nonarrowing=\relax
 
 % @cartouche ... @end cartouche: draw rectangle w/rounded corners around
@@ -4847,7 +5801,7 @@ where each line of input produces a line of output.}
                                % each corner char, and rule thickness
   \normbskip=\baselineskip \normpskip=\parskip \normlskip=\lineskip
   % Flag to tell @lisp, etc., not to narrow margin.
-  \let\nonarrowing=\comment
+  \let\nonarrowing = t%
   \vbox\bgroup
       \baselineskip=0pt\parskip=0pt\lineskip=0pt
       \carttop
@@ -4887,11 +5841,11 @@ where each line of input produces a line of output.}
   \parskip = 0pt
   \parindent = 0pt
   \emergencystretch = 0pt % don't try to avoid overfull boxes
-  % @cartouche defines \nonarrowing to inhibit narrowing
-  % at next level down.
   \ifx\nonarrowing\relax
     \advance \leftskip by \lispnarrowing
     \exdentamount=\lispnarrowing
+  \else
+    \let\nonarrowing = \relax
   \fi
   \let\exdent=\nofillexdent
 }
@@ -4906,12 +5860,18 @@ where each line of input produces a line of output.}
 \let\SETdispenvsize\relax
 \def\setnormaldispenv{%
   \ifx\SETdispenvsize\smallword
+    % end paragraph for sake of leading, in case document has no blank
+    % line.  This is redundant with what happens in \aboveenvbreak, but
+    % we need to do it before changing the fonts, and it's inconvenient
+    % to change the fonts afterward.
+    \ifnum \lastpenalty=10000 \else \endgraf \fi
     \smallexamplefonts \rm
   \fi
 }
 \def\setsmalldispenv{%
   \ifx\SETdispenvsize\nosmallword
   \else
+    \ifnum \lastpenalty=10000 \else \endgraf \fi
     \smallexamplefonts \rm
   \fi
 }
@@ -4938,11 +5898,10 @@ where each line of input produces a line of output.}
 %
 \maketwodispenvs {lisp}{example}{%
   \nonfillstart
-  \tt
+  \tt\quoteexpand
   \let\kbdfont = \kbdexamplefont % Allow @kbd to do something special.
   \gobble       % eat return
 }
-
 % @display/@smalldisplay: same as @lisp except keep current font.
 %
 \makedispenv {display}{%
@@ -4991,6 +5950,7 @@ where each line of input produces a line of output.}
     \advance\leftskip by \lispnarrowing
     \advance\rightskip by \lispnarrowing
     \exdentamount = \lispnarrowing
+  \else
     \let\nonarrowing = \relax
   \fi
   \parsearg\quotationlabel
@@ -5069,6 +6029,34 @@ where each line of input produces a line of output.}
 \newdimen\tabw \setbox0=\hbox{\tt\space} \tabw=8\wd0 % tab amount
 %
 \def\starttabbox{\setbox0=\hbox\bgroup}
+
+% Allow an option to not replace quotes with a regular directed right
+% quote/apostrophe (char 0x27), but instead use the undirected quote
+% from cmtt (char 0x0d).  The undirected quote is ugly, so don't make it
+% the default, but it works for pasting with more pdf viewers (at least
+% evince), the lilypond developers report.  xpdf does work with the
+% regular 0x27.  
+% 
+\def\codequoteright{%
+  \expandafter\ifx\csname SETtxicodequoteundirected\endcsname\relax
+    \expandafter\ifx\csname SETcodequoteundirected\endcsname\relax