X-Debbugs-CC: [email protected] Control: tags -1 +patch +pending Dear maintainer,
I've prepared an NMU for git-crypt (versioned as 0.7.0-0.1) and
uploaded it to DELAYED/5. Please feel free to tell me if I
should delay it longer.
Regards.
diff -Nru git-crypt-0.6.0/commands.cpp git-crypt-0.7.0/commands.cpp
--- git-crypt-0.6.0/commands.cpp 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/commands.cpp 2022-04-21 13:08:16.000000000 -0400
@@ -51,6 +51,12 @@
#include <exception>
#include <vector>
+enum {
+ // # of arguments per git checkout call; must be large enough to be
efficient but small
+ // enough to avoid operating system limits on argument length
+ GIT_CHECKOUT_BATCH_SIZE = 100
+};
+
static std::string attribute_name (const char* key_name)
{
if (key_name) {
@@ -183,15 +189,19 @@
}
}
-static bool git_checkout (const std::vector<std::string>& paths)
+static bool git_checkout_batch (std::vector<std::string>::const_iterator
paths_begin, std::vector<std::string>::const_iterator paths_end)
{
+ if (paths_begin == paths_end) {
+ return true;
+ }
+
std::vector<std::string> command;
command.push_back("git");
command.push_back("checkout");
command.push_back("--");
- for (std::vector<std::string>::const_iterator path(paths.begin());
path != paths.end(); ++path) {
+ for (auto path(paths_begin); path != paths_end; ++path) {
command.push_back(*path);
}
@@ -202,6 +212,18 @@
return true;
}
+static bool git_checkout (const std::vector<std::string>& paths)
+{
+ auto paths_begin(paths.begin());
+ while (paths.end() - paths_begin >= GIT_CHECKOUT_BATCH_SIZE) {
+ if (!git_checkout_batch(paths_begin, paths_begin +
GIT_CHECKOUT_BATCH_SIZE)) {
+ return false;
+ }
+ paths_begin += GIT_CHECKOUT_BATCH_SIZE;
+ }
+ return git_checkout_batch(paths_begin, paths.end());
+}
+
static bool same_key_name (const char* a, const char* b)
{
return (!a && !b) || (a && b && std::strcmp(a, b) == 0);
@@ -1171,7 +1193,7 @@
}
if (!git_checkout(encrypted_files)) {
std::clog << "Error: 'git checkout' failed" << std::endl;
- std::clog << "git-crypt has been locked but up but existing
decrypted files have not been encrypted" << std::endl;
+ std::clog << "git-crypt has been locked up but existing
decrypted files have not been encrypted" << std::endl;
return 1;
}
diff -Nru git-crypt-0.6.0/CONTRIBUTING.md git-crypt-0.7.0/CONTRIBUTING.md
--- git-crypt-0.6.0/CONTRIBUTING.md 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/CONTRIBUTING.md 2022-04-21 13:08:16.000000000 -0400
@@ -4,8 +4,7 @@
When contributing code, please consider the following guidelines:
- * You are encouraged to open an issue on GitHub or send mail to
- [email protected] to discuss any non-trivial
+ * You are encouraged to open an issue on GitHub to discuss any non-trivial
changes before you start coding.
* Please mimic the existing code style as much as possible. In
@@ -15,8 +14,7 @@
* To minimize merge commits, please rebase your changes before opening
a pull request.
- * To submit your patch, open a pull request on GitHub or send a
- properly-formatted patch to [email protected].
+ * To submit your patch, open a pull request on GitHub.
Finally, be aware that since git-crypt is security-sensitive software,
the bar for contributions is higher than average. Please don't be
diff -Nru git-crypt-0.6.0/debian/changelog git-crypt-0.7.0/debian/changelog
--- git-crypt-0.6.0/debian/changelog 2017-11-26 13:35:28.000000000 -0500
+++ git-crypt-0.7.0/debian/changelog 2022-05-14 11:20:28.000000000 -0400
@@ -1,3 +1,14 @@
+git-crypt (0.7.0-0.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * New upstream release.
+ * Cherry-pick Ubuntu patch to fix compatibility with OpenSSL 3.0.
+ (Closes: #996287)
+ * debian/control: Drop obsolete build-dependency libssl1.0-dev.
+ (Closes: #917346)
+
+ -- Boyuan Yang <[email protected]> Sat, 14 May 2022 11:20:28 -0400
+
git-crypt (0.6.0-1) unstable; urgency=medium
* New upstream release.
diff -Nru git-crypt-0.6.0/debian/control git-crypt-0.7.0/debian/control
--- git-crypt-0.6.0/debian/control 2017-11-26 13:32:28.000000000 -0500
+++ git-crypt-0.7.0/debian/control 2022-05-14 11:20:28.000000000 -0400
@@ -3,7 +3,7 @@
Section: vcs
Priority: optional
Standards-Version: 3.9.8
-Build-Depends: debhelper (>= 9), libssl-dev | libssl1.0-dev, xsltproc,
docbook-xml, docbook-xsl
+Build-Depends: debhelper (>= 9), libssl-dev, xsltproc, docbook-xml, docbook-
xsl
Vcs-Git: https://www.agwa.name/git/git-crypt.git -b debian
Homepage: https://www.agwa.name/projects/git-crypt
diff -Nru git-crypt-0.6.0/debian/patches/openssl-compat.patch git-crypt-
0.7.0/debian/patches/openssl-compat.patch
--- git-crypt-0.6.0/debian/patches/openssl-compat.patch 1969-12-31
19:00:00.000000000 -0500
+++ git-crypt-0.7.0/debian/patches/openssl-compat.patch 2022-05-14
11:18:22.000000000 -0400
@@ -0,0 +1,27 @@
+Subject: Use OpenSSL version numbers to pick the compat layer
+Author: Simon Chopin <[email protected]>
+
+OPENSSL_API_COMPAT doesn't ensure we have the necessary API exposed. Using
+OPENSSL_VERSION_NUMBER makes things a bit easier with new versions of
OpenSSL.
+--- a/crypto-openssl-11.cpp
++++ b/crypto-openssl-11.cpp
+@@ -30,7 +30,7 @@
+
+ #include <openssl/opensslconf.h>
+
+-#if defined(OPENSSL_API_COMPAT)
++#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+
+ #include "crypto.hpp"
+ #include "key.hpp"
+--- a/crypto-openssl-10.cpp
++++ b/crypto-openssl-10.cpp
+@@ -30,7 +30,7 @@
+
+ #include <openssl/opensslconf.h>
+
+-#if !defined(OPENSSL_API_COMPAT)
++#if OPENSSL_VERSION_NUMBER < 0x10100000L
+
+ #include "crypto.hpp"
+ #include "key.hpp"
diff -Nru git-crypt-0.6.0/debian/patches/series git-crypt-
0.7.0/debian/patches/series
--- git-crypt-0.6.0/debian/patches/series 1969-12-31 19:00:00.000000000
-0500
+++ git-crypt-0.7.0/debian/patches/series 2022-05-14 11:17:57.000000000
-0400
@@ -0,0 +1 @@
+openssl-compat.patch
diff -Nru git-crypt-0.6.0/debian/upstream/metadata git-crypt-
0.7.0/debian/upstream/metadata
--- git-crypt-0.6.0/debian/upstream/metadata 1969-12-31 19:00:00.000000000
-0500
+++ git-crypt-0.7.0/debian/upstream/metadata 2022-05-14 11:14:41.000000000
-0400
@@ -0,0 +1,2 @@
+---
+Repository-Browse: https://github.com/AGWA/git-crypt
diff -Nru git-crypt-0.6.0/git-crypt.hpp git-crypt-0.7.0/git-crypt.hpp
--- git-crypt-0.6.0/git-crypt.hpp 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/git-crypt.hpp 2022-04-21 13:08:16.000000000 -0400
@@ -31,7 +31,7 @@
#ifndef GIT_CRYPT_GIT_CRYPT_HPP
#define GIT_CRYPT_GIT_CRYPT_HPP
-#define VERSION "0.6.0"
+#define VERSION "0.7.0"
extern const char* argv0; // initialized in main() to argv[0]
diff -Nru git-crypt-0.6.0/man/git-crypt.xml git-crypt-0.7.0/man/git-crypt.xml
--- git-crypt-0.6.0/man/git-crypt.xml 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/man/git-crypt.xml 2022-04-21 13:08:16.000000000 -0400
@@ -7,8 +7,8 @@
-->
<refentryinfo>
<title>git-crypt</title>
- <date>2017-11-26</date>
- <productname>git-crypt 0.6.0</productname>
+ <date>2022-04-21</date>
+ <productname>git-crypt 0.7.0</productname>
<author>
<othername>Andrew Ayer</othername>
diff -Nru git-crypt-0.6.0/NEWS git-crypt-0.7.0/NEWS
--- git-crypt-0.6.0/NEWS 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/NEWS 2022-04-21 13:08:16.000000000 -0400
@@ -1,3 +1,8 @@
+v0.7.0 (2022-04-21)
+ * Avoid "argument list too long" errors on macOS.
+ * Fix handling of "-" arguments.
+ * Minor documentation improvements.
+
v0.6.0 (2017-11-26)
* Add support for OpenSSL 1.1 (still works with OpenSSL 1.0).
* Switch to C++11 (gcc 4.9 or higher now required to build).
diff -Nru git-crypt-0.6.0/NEWS.md git-crypt-0.7.0/NEWS.md
--- git-crypt-0.6.0/NEWS.md 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/NEWS.md 2022-04-21 13:08:16.000000000 -0400
@@ -1,6 +1,11 @@
News
====
+######v0.7.0 (2022-04-21)
+* Avoid "argument list too long" errors on macOS.
+* Fix handling of "-" arguments.
+* Minor documentation improvements.
+
######v0.6.0 (2017-11-26)
* Add support for OpenSSL 1.1 (still works with OpenSSL 1.0).
* Switch to C++11 (gcc 4.9 or higher now required to build).
diff -Nru git-crypt-0.6.0/parse_options.cpp git-crypt-0.7.0/parse_options.cpp
--- git-crypt-0.6.0/parse_options.cpp 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/parse_options.cpp 2022-04-21 13:08:16.000000000 -0400
@@ -43,7 +43,7 @@
{
int argi = 0;
- while (argi < argc && argv[argi][0] == '-') {
+ while (argi < argc && argv[argi][0] == '-' && argv[argi][1] != '\0')
{
if (std::strcmp(argv[argi], "--") == 0) {
++argi;
break;
diff -Nru git-crypt-0.6.0/README git-crypt-0.7.0/README
--- git-crypt-0.6.0/README 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/README 2022-04-21 13:08:16.000000000 -0400
@@ -30,6 +30,7 @@
secretfile filter=git-crypt diff=git-crypt
*.key filter=git-crypt diff=git-crypt
+ secretdir/** filter=git-crypt diff=git-crypt
Like a .gitignore file, it can match wildcards and should be checked into
the repository. See below for more information about .gitattributes.
@@ -54,7 +55,7 @@
$ git-crypt export-key /path/to/key
-After cloning a repository with encrypted files, unlock with with GPG:
+After cloning a repository with encrypted files, unlock with GPG:
$ git-crypt unlock
@@ -69,7 +70,7 @@
CURRENT STATUS
-The latest version of git-crypt is 0.6.0, released on 2017-11-26.
+The latest version of git-crypt is 0.7.0, released on 2022-04-21.
git-crypt aims to be bug-free and reliable, meaning it shouldn't
crash, malfunction, or expose your confidential data. However,
it has not yet reached maturity, meaning it is not as documented,
@@ -108,6 +109,16 @@
of a file, or the fact that two files are identical (see "Security"
section above).
+git-crypt does not support revoking access to an encrypted repository
+which was previously granted. This applies to both multi-user GPG
+mode (there's no del-gpg-user command to complement add-gpg-user)
+and also symmetric key mode (there's no support for rotating the key).
+This is because it is an inherently complex problem in the context
+of historical data. For example, even if a key was rotated at one
+point in history, a user having the previous key can still access
+previous repository history. This problem is discussed in more detail in
+<https://github.com/AGWA/git-crypt/issues/47>.
+
Files encrypted with git-crypt are not compressible. Even the smallest
change to an encrypted file requires git to store the entire changed file,
instead of just a delta.
@@ -138,20 +149,12 @@
encrypt all files beneath it.
Also note that the pattern `dir/*` does not match files under
-sub-directories of dir/. To encrypt an entire sub-tree dir/, place the
-following in dir/.gitattributes:
-
- * filter=git-crypt diff=git-crypt
- .gitattributes !filter !diff
+sub-directories of dir/. To encrypt an entire sub-tree dir/, use `dir/**`:
-The second pattern is essential for ensuring that .gitattributes itself
-is not encrypted.
+ dir/** filter=git-crypt diff=git-crypt
+The .gitattributes file must not be encrypted, so make sure wildcards don't
+match it accidentally. If necessary, you can exclude .gitattributes from
+encryption like this:
-MAILING LISTS
-
-To stay abreast of, and provide input to, git-crypt development, consider
-subscribing to one or both of our mailing lists:
-
-Announcements:
https://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce
-Discussion: https://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss
+ .gitattributes !filter !diff
diff -Nru git-crypt-0.6.0/README.md git-crypt-0.7.0/README.md
--- git-crypt-0.6.0/README.md 2017-11-26 13:24:03.000000000 -0500
+++ git-crypt-0.7.0/README.md 2022-04-21 13:08:16.000000000 -0400
@@ -31,6 +31,7 @@
secretfile filter=git-crypt diff=git-crypt
*.key filter=git-crypt diff=git-crypt
+ secretdir/** filter=git-crypt diff=git-crypt
Like a .gitignore file, it can match wildcards and should be checked into
the repository. See below for more information about .gitattributes.
@@ -55,7 +56,7 @@
git-crypt export-key /path/to/key
-After cloning a repository with encrypted files, unlock with with GPG:
+After cloning a repository with encrypted files, unlock with GPG:
git-crypt unlock
@@ -70,8 +71,8 @@
Current Status
--------------
-The latest version of git-crypt is [0.6.0](NEWS.md), released on
-2017-11-26. git-crypt aims to be bug-free and reliable, meaning it
+The latest version of git-crypt is [0.7.0](NEWS.md), released on
+2022-04-21. git-crypt aims to be bug-free and reliable, meaning it
shouldn't crash, malfunction, or expose your confidential data.
However, it has not yet reached maturity, meaning it is not as
documented, featureful, or easy-to-use as it should be. Additionally,
@@ -110,6 +111,16 @@
of a file, or the fact that two files are identical (see "Security"
section above).
+git-crypt does not support revoking access to an encrypted repository
+which was previously granted. This applies to both multi-user GPG
+mode (there's no del-gpg-user command to complement add-gpg-user)
+and also symmetric key mode (there's no support for rotating the key).
+This is because it is an inherently complex problem in the context
+of historical data. For example, even if a key was rotated at one
+point in history, a user having the previous key can still access
+previous repository history. This problem is discussed in more detail in
+<https://github.com/AGWA/git-crypt/issues/47>.
+
Files encrypted with git-crypt are not compressible. Even the smallest
change to an encrypted file requires git to store the entire changed file,
instead of just a delta.
@@ -140,20 +151,12 @@
encrypt all files beneath it.
Also note that the pattern `dir/*` does not match files under
-sub-directories of dir/. To encrypt an entire sub-tree dir/, place the
-following in dir/.gitattributes:
-
- * filter=git-crypt diff=git-crypt
- .gitattributes !filter !diff
+sub-directories of dir/. To encrypt an entire sub-tree dir/, use `dir/**`:
-The second pattern is essential for ensuring that .gitattributes itself
-is not encrypted.
+ dir/** filter=git-crypt diff=git-crypt
-Mailing Lists
--------------
+The .gitattributes file must not be encrypted, so make sure wildcards don't
+match it accidentally. If necessary, you can exclude .gitattributes from
+encryption like this:
-To stay abreast of, and provide input to, git-crypt development,
-consider subscribing to one or both of our mailing lists:
-
-*
[Announcements](https://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce
)
-*
[Discussion](https://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss)
+ .gitattributes !filter !diff
signature.asc
Description: This is a digitally signed message part
