Hola Michael Stapelberg!
I have a couple of comments regarding your patch:
----------------------------
/* from wrapbf.c */
-uLong BFEncrypt(char **input, char *key, uLong sz,
- BCoptions *options);
-uLong BFDecrypt(char **input, char *key, char *key2,
- uLong sz, BCoptions *options);
+off_t BFEncrypt(int infd, int outfd, char *key, BCoptions *options);
+off_t BFDecrypt(int infd, int outfd, char *key, char *key2, BCoptions
*options);
Please respect the original author indenting style.
+ if (outfd == -1) {
+ perror("open(infile)");
+ continue;
}
This should be perror("open(outfile)");
+ } else {
+ if ((sz = BFDecrypt(infd, outfd, key, key2, &options)) == 0) {
fprintf(stderr, "Invalid encryption key for file: %s\n", infile);
exit(1);
}
+ ftruncate(outfd, sz);
+ }
What's the point of the truncate there?
----------------------------
For the complicated part, I would need more time to review it, but I think
it's a too disruptive change to make it into wheezy's release. It's
basically a complete refactor of the whole encryption/decryption functions.
Also, I'm really not sure it makes much sense to have this tool. It could
easily be replaced by a shell script that calls openssl and shred
appropriately.
--
Regards,
Marga
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
