The original code had dynamic arrays indexed by unsigned indices,
except for the array of keys, which was indexed by a signed integer,
and initialised to -1. Subsequently, when a new id was created, the
index was pre-incremented, and later on, in a different call, the
userid (a different packet) was assigned to the current index. This
has implications for growing the array, for signed comparison checks,
and just general cleanliness.
This change overhauls the construct: don't special case anything,
just address the array from 0, use unsigned indices same as everything
else, and complain if we get a user id for which we haven't received a
public or secret key.
+ fix a bug in decryption whereby a bad passphrase would cause a segmentation
violation
+ fix some regressions in key searching in the underlying find keys routines
+ add C++ declaration protection to the external interface in netpgp.h
+ split out the key management parts of netpgp(1) into netpgpkeys(1)
+ make more use of __ops_io_t structure
+ addition of standalone, stripped-down netpgpverify utility
+ addition of test for --list-packets on an empty file
+ bring forward some simplifications from netpgpverify
+ some name changes
+ get rid of the increment and then decrement keycount around
accumulated data ("it's to do with counting")
+ then use unsigned integers for the size and counts for the
dynamic array of keys, and use the common dynamic array macros
for keys in a keyring
+ if it's a union, let's use it as a union, not a struct
+ modified documentation to correct the --list-packets command (sorry, ver)
+ add a new directory structure for both the distribution and the
reachover Makefiles. The autotest framework has been partially overhauled
but more TLC is needed here.
+ add a --pass-fd=n option so that external programs can provide the
passphrase on a file descriptor without going through the callback,
requested by joerg
+ get rid of __ops_malloc_passphrase() - strdup() works just as well
+ generalise __ops_seckey_forget() to become __ops_forget(), give it a size
parameter, and make it work on things other than secret keys (passphrases
for instance)
+ minor struct field enum renaming
+ minor function call renaming
+ add ops_io_t struct to hold pointers to IO streams, and pass it down
where necessary
+ added to the regression tests
+ get rid of some magic constants, replace with more obvious names
+ zero out the memory used for a passphrase before freeing it in one place
+ made --homedir=d consistent with POLS. Default is $HOME/.gnupg, and
if a directory is specified with --homedir=d, the directory containing
conf file and keyrings is taken to be "d".
+ Luke Mewburn completely overhauled the auto tools infrastructure
+ changed signature (hah!) of some netpgp file management prototypes to
use const char * for file names and user ids, not char * - suggested by
christos
+ change some of the openpgpsdk display functions to return integer values,
and send those values back from the netpgp functions - suggested by
christos
+ rather than passing a shedload of variables to netpgp_init(), get rid
of them, and set variables using the netpgp_[gs]etvar() interface
+ replace some magic constants with descriptive names
+ use a netpgp variable to skip userid checks if necessary
+ add ability to allow coredumps via --coredumps if (a) you have taken
leave of your sanity, and (b) you have some magical persistent
storage which doesn't spare sectors, and (c) you know how to remove
a file securely
+ bumped library version on NetBSD to 1.0 for interface changes
- use automake to generate the Makefile.in
- style reorg in configure.ac
- ensure <openssl/sha.h> provides SHA256_CTX (openssl 0.9.8 or greater)
- move the "build helpers" to buildaux
- add a rudimentary (and not yet functional) test suite
(There's still more to do.)
Per chat with Alistair.
