#
1.42 |
|
08-Mar-2014 |
agc |
Move netpgpkeys into the correct place in the reachover insfrastructure
|
#
1.41 |
|
20-Feb-2014 |
agc |
Update to version 20140220
Changes from previous version:
+ portability fixes from xtraeme for his Linux distribution: + add search for ar(1) into autoconf + define __printflike if it's not already defined + fix missing asprintf (I fixed this differently)
|
#
1.40 |
|
17-Feb-2014 |
agc |
Manual page fixes from Anthony J. Bentley, with many thanks!
Addresses PR/48395
|
#
1.39 |
|
16-Feb-2014 |
agc |
Update the autoconf-based infrastructure for another release.
The main change in this infrastructure is to get rid of the libnetpgp-based netpgpverify. This functionality is provided by the standalone netpgpverify and libnetpgpverify in pkgsrc, and verification can also be performed using "netpgp -v".
|
#
1.38 |
|
05-Nov-2010 |
agc |
branches: 1.38.6; 1.38.14; specify the libmj.la archive as a pre-req for libnetpgp.la in the correct way - tested on RHEL 6 and Mac OS X.
|
#
1.37 |
|
05-Nov-2010 |
agc |
re-run automake to pick up changes to Makefile.am files.
|
#
1.36 |
|
04-Nov-2010 |
agc |
Miscellaneous changes to bring the GNU autoconf framework into a state where a package can be build and install properly.
|
#
1.35 |
|
04-Nov-2010 |
agc |
run autoconf so we can generate a Makefile in src/libmj
|
#
1.34 |
|
04-Nov-2010 |
agc |
Update base version to 20101103
Add openssl/camellia.h to the list of header files we look for in autoconf
Re-generate configure scripts
|
#
1.33 |
|
02-Sep-2010 |
agc |
move the functions to parse the JSON from netpgpkeys(1) into libnetpgp(3)
update the version number for recent changes.
update the date for recent changes.
regenerate the autoconf files.
|
#
1.32 |
|
08-Jul-2010 |
agc |
minor changes to the ssh host key test invocations
|
#
1.31 |
|
31-May-2010 |
agc |
Update netpgp to 3.99.3
Changes since 3.99.2: + avoid possible free() of new value passed to netpgp_setvar(), with thanks to Anon Ymous. + netpgpkeys(1): print keys to stdout, not stderr - reported by Anon Ymous. + fix DSA signatures and verification + simplify and shorten the internals of packet processing by getting rid of the intermediate pseudo-abstraction layer, which detracted from understanding and had no benefit whatsoever. Rename some enums and some definitions. + add some checking to new key generation, and don't try to read in the keys after writing them - reported by Tyler Retzlaff
|
#
1.30 |
|
07-May-2010 |
agc |
regen for netpgp 3.99.2, 20100507 version
|
#
1.29 |
|
14-Apr-2010 |
agc |
Update netpgp to version 3.99.1
Changes to 3.99.1/20100413
+ bump major command versions to be compatible with shlib major + fixed a number of bugs in (RSA) key generation + modified netpgpkeys(1) to take an optional argument to --generate-key if the argument is provided, it is used as the equivalent of the gecos field for the newly-generated key.
|
#
1.28 |
|
15-Mar-2010 |
agc |
Changes to 2.99.2/20100315
+ make subkey sigs available by hkp as well as on the command line + use the sketchily-defined vindex option to the hkp protocol to return the subkey signature information + add a netpgp_unsetvar() function as a corollary to netpgp_setvar() + use a variable name of ''subkey sigs'' to denote that subkey signatures should be returned with the pubkey uids
|
#
1.27 |
|
13-Mar-2010 |
agc |
Changes to 2.99.1/20100313
+ add functionality to parse basic signature subkeys + in doing so, add expiration of keys + at the same time, add revocation of keys + recognise the primary user id, and use it when displaying user ids + recognise self signed keys and subkeys + rework the indentation of output + add the --list-sigs [userid] option to netpgpkeys(1) + use memcmp(3) rather than strcmp(3) when checking binary user ids to be exported + add expiration display to subkey signature output + update libnetpgp library version major number to 3
|
#
1.26 |
|
08-Mar-2010 |
agc |
Changes to 1.99.22/20100307 + add key expiry information to public key information display
|
#
1.25 |
|
05-Mar-2010 |
agc |
Changes to 1.99.21/20100305
+ clean up some lint + the obligatory ''build on mac os x fixes'' - <inttypes.h> header file
|
#
1.24 |
|
05-Mar-2010 |
agc |
Update netpgp to version 1.99.20/20100304 - portability improvements, and bug fixes:
Changes to 1.99.20/20100304
+ move args to some functions around to be consistent + use uint*_t where appropriate + fix bug in verify memory + add documentation to manual pages to show how to do combined signing/encryption and decryption/verification + make verification of ascii-armoured memory work the same as binary + eliminate use of strdup(3), strcasecmp(3), and strptime(3). NetBSD/pkgsrc PR 42922 applies - need to define _XOPEN_SOURCE and _BSD_SOURCE for newer linux platforms with glibc 2.10.1. solved a bit differently, by implementing strdup(3) and strcasecmp(3) independently, and using regexps to avoid calling strptime(3).
|
#
1.23 |
|
07-Feb-2010 |
agc |
Update netpgp to version 1.99.17/20100208
Changes to 1.99.17/20100208
+ get rid of last 2 static variables - use the __ops_printstate_t struct passed down, and add the indent variable here too + get rid of 3 occurrences in reader.c where an automatic buffer was addressed (as part of a subsequent callback) by a struct field from a calling scope, and only valid within the callback. Found by Flexelint and phk - many thanks. + print filename/"memory" when time problems occur when validating signatures
|
#
1.22 |
|
05-Feb-2010 |
agc |
Changes to 1.99.16/20100205
+ minor simplifications to netpgp(1) internally + fix a bug in netpgp_verify_file where a non-existent file while listing packets would cause a SIGSEGV + add duration arg to netpgp(1), and check for validity when verifying signatures + add birthtime arg to netpgp(1), and check for validity when verifying signatures + add netpgp commands to print pubkey, if desired + allow the passphrase for the signature to be taken from --pass-fd + get rid of static indent value when printing packet contents + print signature validity times when verifying a file's signature
|
#
1.21 |
|
21-Dec-2009 |
agc |
Netpgp changes to 1.99.15/20091221
+ some ssh host keys do not have the username of the generator included in the key itself. If there is no username in there, create one. + added netpgp_encrypt_memory() and netpgp_decrypt_memory() + overhaul netpgp(1) to work with stdin/stdout if no filenames specified:
% netpgp --encrypt < a | netpgp --decrypt > b netpgp: default key set to "C0596823" netpgp: default key set to "C0596823" pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 uid Alistair Crooks <agc@netbsd.org> uid Alistair Crooks <agc@pkgsrc.org> uid Alistair Crooks <agc@alistaircrooks.com> uid Alistair Crooks <alistair@hockley-crooks.com> netpgp passphrase: % diff a b % ls -al a b -rw-r--r-- 1 agc agc 15243 Dec 20 08:55 a -rw-r--r-- 1 agc agc 15243 Dec 21 17:15 b %
% netpgp --sign < a | netpgp --cat > b netpgp: default key set to "C0596823" netpgp: default key set to "C0596823" pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 uid Alistair Crooks <agc@netbsd.org> uid Alistair Crooks <agc@pkgsrc.org> uid Alistair Crooks <agc@alistaircrooks.com> uid Alistair Crooks <alistair@hockley-crooks.com> netpgp passphrase: Good signature for <stdin> made Mon Dec 21 18:25:02 2009 using RSA (Encrypt or Sign) key 1b68dcfcc0596823 pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12 Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823 uid Alistair Crooks <alistair@hockley-crooks.com> uid Alistair Crooks <agc@pkgsrc.org> uid Alistair Crooks <agc@netbsd.org> uid Alistair Crooks <agc@alistaircrooks.com> uid Alistair Crooks (Yahoo!) <agcrooks@yahoo-inc.com> %
+ add explanations of memory-based operations to manual pages
|
#
1.20 |
|
14-Dec-2009 |
agc |
Prepare for a new netpgp-20091210 portable release.
Apart from infrastructure changes, there are the following functional ones:
+ Update to version 20091210
+ provide a new netpgp_match_list_keys(3) function to perform a regular-expression based search of all the keys in the keyring. If no pattern is specified to match, then all keys are returned.
+ provide a new netpgp_set_homedir(3) function, and use it to set the home directory from the library, rather than individually in all the programs which use the library
+ provide a new netpgp_incvar(3) function which will add a constant increment (which may be negative) to the value of an internal variable. This is primarily used for the verbosity level within the library, and is again a movement of the function into the library from the individual programs which use the library
+ move to the specification of an ssh key file by internal variable, rather than the directory holding an ssh key file
+ autoconf infrastructure changes
+ take a hammer to the _GNU_SOURCE definitions problems
+ don't rely on strnlen(3) being present everywhere
|
#
1.19 |
|
11-Jun-2009 |
agc |
Update to version 1.99.12
CHANGES 1.99.11 -> 1.99.12
+ only prompt for the passphrase for the secret key if the secret key is protected by a passphrase + portability fix for Mac OS X
|
#
1.18 |
|
09-Jun-2009 |
agc |
CHANGES 1.99.9 -> 1.99.10
+ fix a bug in decryption whereby a bad passphrase would cause a segmentation violation + fix some regressions in key searching in the underlying find keys routines + add C++ declaration protection to the external interface in netpgp.h + split out the key management parts of netpgp(1) into netpgpkeys(1)
|
#
1.17 |
|
08-Jun-2009 |
agc |
CHANGES 1.99.8 -> 1.99.9
+ make more use of __ops_io_t structure + addition of standalone, stripped-down netpgpverify utility + addition of test for --list-packets on an empty file + bring forward some simplifications from netpgpverify + some name changes + get rid of the increment and then decrement keycount around accumulated data ("it's to do with counting") + then use unsigned integers for the size and counts for the dynamic array of keys, and use the common dynamic array macros for keys in a keyring + if it's a union, let's use it as a union, not a struct + modified documentation to correct the --list-packets command (sorry, ver) + add a new directory structure for both the distribution and the reachover Makefiles. The autotest framework has been partially overhauled but more TLC is needed here. + add a --pass-fd=n option so that external programs can provide the passphrase on a file descriptor without going through the callback, requested by joerg
|
#
1.16 |
|
27-May-2009 |
lukem |
regenerate
|
#
1.15 |
|
26-May-2009 |
agc |
CHANGES 1.99.4 -> 1.99.5
+ Luke Mewburn completely overhauled the auto tools infrastructure + changed signature (hah!) of some netpgp file management prototypes to use const char * for file names and user ids, not char * - suggested by christos + change some of the openpgpsdk display functions to return integer values, and send those values back from the netpgp functions - suggested by christos + rather than passing a shedload of variables to netpgp_init(), get rid of them, and set variables using the netpgp_[gs]etvar() interface + replace some magic constants with descriptive names + use a netpgp variable to skip userid checks if necessary + add ability to allow coredumps via --coredumps if (a) you have taken leave of your sanity, and (b) you have some magical persistent storage which doesn't spare sectors, and (c) you know how to remove a file securely + bumped library version on NetBSD to 1.0 for interface changes
|
#
1.14 |
|
25-May-2009 |
lukem |
regenerate
|
#
1.13 |
|
25-May-2009 |
lukem |
regen from configure.ac 1.13
|
#
1.12 |
|
25-May-2009 |
lukem |
Overhaul build infrastructure: - use automake to generate the Makefile.in - style reorg in configure.ac - ensure <openssl/sha.h> provides SHA256_CTX (openssl 0.9.8 or greater) - move the "build helpers" to buildaux - add a rudimentary (and not yet functional) test suite
(There's still more to do.)
Per chat with Alistair.
|
#
1.11 |
|
25-May-2009 |
agc |
CHANGES 1.99.3 -> 1.99.4
+ get rid of some magic constants + revamped regression test script to count number of tests passed + made checkhash array in ops_seckey_t dynamic, rather than statically allocated + made mdc array dynamic, and added a length field to mdc for future use + revamped usage message to match reality + made portable version again for the autoconfed package sources + add separate netpgpdigest.h file so that separate digest sizes can be used without having to include "packet.h" in everything
|
#
1.10 |
|
21-May-2009 |
agc |
CHANGES 1.99.2 -> 1.99.3
+ modified regression tests to make it easier to see status messages + modified --encrypt, --decrypt, --sign, and --clearsign as well as --cat to respect the --output argument for the output file. Default behaviour remains unchanged - if --output is not specified, standard file names and suffixes apply. Note that --verify has not been changed - this is for compatibility with gpg, POLA/POLS, and because --verify-cat/--cat provides this behaviour
|
#
1.9 |
|
20-May-2009 |
agc |
CHANGES 1.99.1 -> 1.99.2
+ various minor cleanups + fix longstanding pasto where the key server preference packets are displayed with the correct ptag information + up until now, there has been an asymmetry in the command line options for netpgp(1) - whilst a file may have signature information added to it with the "--sign" command, there has been no way to retrieve the contents of the file without the signature. The new "--cat" option does this (there are synonyms of "--verify-show" and "--verify-cat") - the signature is verified, and if it matches, the original contents of the file are sent to the output file (which defaults to stdout, and can be set with the --output option on the command line). If the signature does not match, there is no output, and an EXIT_FAILURE code is returned. + revamped netpgp(1) to make it clear what commands are available, how these commands relate to each other, and which commands take custom options
|
#
1.8 |
|
18-May-2009 |
agc |
CHANGES 1.0.0 -> 1.99.1
+ released and tagged version 1.0.0; development version now 1.99.1 + get rid of some fields which are no longer needed + minor name changes + add mmapped field to ops_data_t struct to denote that the array needs an munmap(2) and not a free(3) + add an __ops_mem_readfile() function, and use it for reading files. The function does mmap(2), and then falls back to read(2) if that fails. Retire unused __ops_fileread() which had an unusual interface + drop sign_detached() from netpgp.c down into signature.c as __ops_sign_detached()
|
#
1.7 |
|
17-May-2009 |
agc |
+ some more name changes + we've had the ability to sign files with a detached signature for a while now. We can now verify the files using the detached signature file. + in honour of this, update version numbers - 1.0.0/20090517
|
#
1.6 |
|
16-May-2009 |
agc |
+ don't use arrays of length 1 to hold single instances of characters, unsigned or not - just use a single character itself + misc cleanup + rename cinfo to "output" and ops_createinfo_t to "ops_output_t" to be a bit more descriptive + shorten some long names + get rid of test for libgen.h - it's not needed anymore + bump to version 0.99.4, and 20090515 sources, regenerate configure and co + numerous name changes to be more consistent and more concise + add verbosity level to the variables that can be set and retrieved by netpgp_setvar() and netpgp_getvar() + added --verbose option to netpgp(1) + add __RCSID() to all files
|
#
1.5 |
|
13-May-2009 |
agc |
+ got rid of "local" header files. These aren't necessary since the openpgpsdk code was modified to all be in the same directory + added netpgp_getvar() and netpgp_setvar(), and use them to get and set the user id and hash algorithm preference + get rid of <stdbool.h> usage - I'm still not sure this is the way we should be going long term, but the bool changes got integrated with the others, and are there in cvs history if we want to resurrect them. Correct autoconf accordingly. Bump netpgp minimus version, and autoconf-based date version. + updated documentation to reflect these changes
|
#
1.4 |
|
08-May-2009 |
agc |
branches: 1.4.2; + add a --help option + if setrlimit exists, set the core dump size to be 0 (with thanks to mrg for the reference implementation) + get rid of __ops_start_cleartext_sig/__ops_start_msg_sig abstractions and just "export" the __ops_start_sig function - the function is not actually exported, just usable by other __ops functions + bump internal version number to 0.99.2, autoconf version to 20090506 + prettify usage message output
|
#
1.3 |
|
05-May-2009 |
agc |
Don't bother searching for assert.h, it's not needed any more
|
#
1.2 |
|
24-Apr-2009 |
agc |
WARNS=4 changes
|
#
1.1 |
|
23-Apr-2009 |
agc |
branches: 1.1.1; Initial revision
|
#
1.1.1.1 |
|
23-Apr-2009 |
agc |
Import netpgp source into crypto/external - this is a heavily-modified version of openpgpsdk, and will replace it. Differences between netpgp and the NetBSD repository version of openpgpsdk are:
+ Wrap source code in GNU autoconf/configure + New high-level interface for libnetpgp(3) and netpgp(1) + Hide prolifery of local headers in the internal lib directory - there is now one exported header called netpgp.h + Hide all ops_* functions and structs behind __ops_* names + Fix long-standing bug - make decryption work with files > 8192 bytes (fix for signature verification of signed files > 8192 bytes was already brought forward from the NetBSD repository of openpgpsdk) + Use mmap(2) to read files, falls back to read(2) if can't do mmap + Compile portable package using libtool + Rationalise the number of source files - merge a number of smaller ones + Case-insensitive matching of key ids + Use PRIsize throughout + Use calloc(3) throughout to zero memory + Get rid of global symbols which abused a macro + Use more descriptive names - remove "_arg_" components, name things for their purpose, rather than what they are (their type) + No more --passphrase= argument to netpgp(1) - this is now always done through callbacks + Report source code date and build date in version number, as well as the version number itself
This will form the basis of the portable netpgp package.
|
#
1.4.2.2 |
|
13-May-2009 |
jym |
Sync with HEAD.
Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
|
#
1.4.2.1 |
|
08-May-2009 |
jym |
file configure was added on branch jym-xensuspend on 2009-05-13 19:16:01 +0000
|
#
1.38.14.1 |
|
19-Aug-2014 |
tls |
Rebase to HEAD as of a few days ago.
|
#
1.38.6.1 |
|
22-May-2014 |
yamt |
sync with head.
for a reference, the tree before this commit was tagged as yamt-pagecache-tag8.
this commit was splitted into small chunks to avoid a limitation of cvs. ("Protocol error: too many arguments")
|