+ various minor cleanups
+ fix longstanding pasto where the key server preference packets are
displayed with the correct ptag information
+ up until now, there has been an asymmetry in the command line
options for netpgp(1) - whilst a file may have signature information
added to it with the "--sign" command, there has been no way to
retrieve the contents of the file without the signature. The new
"--cat" option does this (there are synonyms of "--verify-show" and
"--verify-cat") - the signature is verified, and if it matches, the
original contents of the file are sent to the output file (which
defaults to stdout, and can be set with the --output option on the
command line). If the signature does not match, there is no output,
and an EXIT_FAILURE code is returned.
+ revamped netpgp(1) to make it clear what commands are available, how
these commands relate to each other, and which commands take custom
options
+ released and tagged version 1.0.0; development version now 1.99.1
+ get rid of some fields which are no longer needed
+ minor name changes
+ add mmapped field to ops_data_t struct to denote that the array needs an
munmap(2) and not a free(3)
+ add an __ops_mem_readfile() function, and use it for reading files.
The function does mmap(2), and then falls back to read(2) if that fails.
Retire unused __ops_fileread() which had an unusual interface
+ drop sign_detached() from netpgp.c down into signature.c as
__ops_sign_detached()
+ we've had the ability to sign files with a detached signature for
a while now. We can now verify the files using the detached signature
file.
+ in honour of this, update version numbers - 1.0.0/20090517
unsigned or not - just use a single character itself
+ misc cleanup
+ rename cinfo to "output" and ops_createinfo_t to "ops_output_t" to
be a bit more descriptive
+ shorten some long names
+ get rid of test for libgen.h - it's not needed anymore
+ bump to version 0.99.4, and 20090515 sources, regenerate configure and co
+ numerous name changes to be more consistent and more concise
+ add verbosity level to the variables that can be set and retrieved by
netpgp_setvar() and netpgp_getvar()
+ added --verbose option to netpgp(1)
+ add __RCSID() to all files
code was modified to all be in the same directory
+ added netpgp_getvar() and netpgp_setvar(), and use them to get and set the
user id and hash algorithm preference
+ get rid of <stdbool.h> usage - I'm still not sure this is the way we should
be going long term, but the bool changes got integrated with the others,
and are there in cvs history if we want to resurrect them. Correct autoconf
accordingly. Bump netpgp minimus version, and autoconf-based date version.
+ updated documentation to reflect these changes
+ minor name changes
+ remove duplicated code (commented out) in packet-print.c
+ original code contained abstraction violations for hash size - fix them
+ get rid of some magic constants related to length of hash arrays
+ allow a choice of hash algorithms for the signature digest (rather
than hardcoding SHA1 - it is looking as though collisions are easier
to manufacture based on recent findings)
+ move default signature RSA hash algorithm to SHA256 (from SHA1). This is
passed as a string parameter from the high-level interface. We'll
revisit this later after a good way to specify the algorithm has been
found.
+ display the size of the keys in --list-packets
+ display the keydata prior to file decryption
+ if setrlimit exists, set the core dump size to be 0
(with thanks to mrg for the reference implementation)
+ get rid of __ops_start_cleartext_sig/__ops_start_msg_sig abstractions
and just "export" the __ops_start_sig function - the function is not
actually exported, just usable by other __ops functions
+ bump internal version number to 0.99.2, autoconf version to 20090506
+ prettify usage message output
+ __ops_parser_content_t -> __ops_packet_t
+ rename some other long names
51 chars is the record function name length so far
+ preliminary moves to support detached signatures
as yet, incomplete
+ add back command line option to list packets in a signed or encrypted file
+ make __ops_parse() take an argument whether to print errors, and kill the
__ops_parse_and_print_errors() function
+ get rid of some assertions in the code - this is a library - about 100 to go
version of openpgpsdk, and will replace it. Differences between netpgp
and the NetBSD repository version of openpgpsdk are:
+ Wrap source code in GNU autoconf/configure
+ New high-level interface for libnetpgp(3) and netpgp(1)
+ Hide prolifery of local headers in the internal lib directory -
there is now one exported header called netpgp.h
+ Hide all ops_* functions and structs behind __ops_* names
+ Fix long-standing bug - make decryption work with files > 8192 bytes
(fix for signature verification of signed files > 8192 bytes was already
brought forward from the NetBSD repository of openpgpsdk)
+ Use mmap(2) to read files, falls back to read(2) if can't do mmap
+ Compile portable package using libtool
+ Rationalise the number of source files - merge a number of smaller ones
+ Case-insensitive matching of key ids
+ Use PRIsize throughout
+ Use calloc(3) throughout to zero memory
+ Get rid of global symbols which abused a macro
+ Use more descriptive names - remove "_arg_" components, name things for their
purpose, rather than what they are (their type)
+ No more --passphrase= argument to netpgp(1) - this is now always
done through callbacks
+ Report source code date and build date in version number, as well as the
version number itself
This will form the basis of the portable netpgp package.
