discontinued draft for hkp servers, in lieu of any official rfc.
the post method for adding keys to the server has not been implemented.
not until i've gone through all of the implications, anyway.
hkp servers serve up pgp public keys over http. the default port is 11371,
but it can be any port, specifiable at run time. whilst this hkpd will
return valid html to browsers, it is aimed at the ''machine readable''
side, using the ''&options=mr'' option to the http get string.
this hkpd server will get hooked into the build at a later date.
+ plug some memory leaks, from cppcheck via Thomas Klausner (thanks!)
+ make the singular of time units read correctly
+ print decryption key info properly when prompting for passphrase
small steps, but lots of them - this is the first one.
+ print out the correct key information when signing files and memory.
what used to be printed out was the copy of the public key which is
stored as part of the private key(!). does not address the info shown
when decrypting, since that is done in a different way, by callback.
this whole part needs to be re-written, but will have to wait for two
good hands.
Changes to 1.99.17/20100208
+ get rid of last 2 static variables - use the __ops_printstate_t struct
passed down, and add the indent variable here too
+ get rid of 3 occurrences in reader.c where an automatic buffer was
addressed (as part of a subsequent callback) by a struct field from
a calling scope, and only valid within the callback. Found by
Flexelint and phk - many thanks.
+ print filename/"memory" when time problems occur when validating signatures
+ minor simplifications to netpgp(1) internally
+ fix a bug in netpgp_verify_file where a non-existent file while listing
packets would cause a SIGSEGV
+ add duration arg to netpgp(1), and check for validity when verifying
signatures
+ add birthtime arg to netpgp(1), and check for validity when verifying
signatures
+ add netpgp commands to print pubkey, if desired
+ allow the passphrase for the signature to be taken from --pass-fd
+ get rid of static indent value when printing packet contents
+ print signature validity times when verifying a file's signature
instead of depending on the existance of struct winsize. Technically I should
bump the library version or version the symbol, but nothing seems to use this
outside the library!
it's "an OS dependent, generated file" configured for the target NetBSD
as noted in itself. Instead, include <roken-common.h>
(which is included from generated <roken.h> and required
for TRUE and fALSE definitions) and "nbtool_config.h" on tools build.
Fixes PR toolchain/41435 and makes cross build on Cygwin-1.7 work.
No particular comments in the PR.
commands with no file arguments, as input will now be taken from stdin,
and output will go to stdout, if no file arguments are given on the
command line.
+ some ssh host keys do not have the username of the generator included
in the key itself. If there is no username in there, create one.
+ added netpgp_encrypt_memory() and netpgp_decrypt_memory()
+ overhaul netpgp(1) to work with stdin/stdout if no filenames specified:
% netpgp --encrypt < a | netpgp --decrypt > b
netpgp: default key set to "C0596823"
netpgp: default key set to "C0596823"
pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
uid Alistair Crooks <agc@netbsd.org>
uid Alistair Crooks <agc@pkgsrc.org>
uid Alistair Crooks <agc@alistaircrooks.com>
uid Alistair Crooks <alistair@hockley-crooks.com>
netpgp passphrase:
% diff a b
% ls -al a b
-rw-r--r-- 1 agc agc 15243 Dec 20 08:55 a
-rw-r--r-- 1 agc agc 15243 Dec 21 17:15 b
%
% netpgp --sign < a | netpgp --cat > b
netpgp: default key set to "C0596823"
netpgp: default key set to "C0596823"
pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
uid Alistair Crooks <agc@netbsd.org>
uid Alistair Crooks <agc@pkgsrc.org>
uid Alistair Crooks <agc@alistaircrooks.com>
uid Alistair Crooks <alistair@hockley-crooks.com>
netpgp passphrase:
Good signature for <stdin> made Mon Dec 21 18:25:02 2009
using RSA (Encrypt or Sign) key 1b68dcfcc0596823
pub 2048/RSA (Encrypt or Sign) 1b68dcfcc0596823 2004-01-12
Key fingerprint: d415 9deb 336d e4cc cdfa 00cd 1b68 dcfc c059 6823
uid Alistair Crooks <alistair@hockley-crooks.com>
uid Alistair Crooks <agc@pkgsrc.org>
uid Alistair Crooks <agc@netbsd.org>
uid Alistair Crooks <agc@alistaircrooks.com>
uid Alistair Crooks (Yahoo!) <agcrooks@yahoo-inc.com>
%
+ add explanations of memory-based operations to manual pages
Apart from infrastructure changes, there are the following functional ones:
+ Update to version 20091210
+ provide a new netpgp_match_list_keys(3) function to perform a
regular-expression based search of all the keys in the keyring. If no
pattern is specified to match, then all keys are returned.
+ provide a new netpgp_set_homedir(3) function, and use it to set the
home directory from the library, rather than individually in all the
programs which use the library
+ provide a new netpgp_incvar(3) function which will add a constant
increment (which may be negative) to the value of an internal
variable. This is primarily used for the verbosity level within the
library, and is again a movement of the function into the library from
the individual programs which use the library
+ move to the specification of an ssh key file by internal variable,
rather than the directory holding an ssh key file
+ autoconf infrastructure changes
+ take a hammer to the _GNU_SOURCE definitions problems
+ don't rely on strnlen(3) being present everywhere
specified.
+ The internal variable "sshetcdir" has been renamed to "sshkeydir"
+ When matching the text fields in the username, use an ICASE, NOSUB, EXTENDED
regular expression. This allows more advanced ways of searching, such as:
% netpgpkeys --list-keys '\.de\>'
to find all the keys in the default keyring which have an email address
in Germany. This is actually surprisingly useful.
