summaryrefslogtreecommitdiff
path: root/usr.bin/signify
AgeCommit message (Collapse)Author
2016-09-01don't initialize variables with functionsTed Unangst
2016-09-01add a -t keytype option for untrusted comment automatic key extractionMarc Espie
(not in VERIFYONLY mode) to be documented and used shortly okay tedu@
2016-06-08use getprognameTed Unangst
2016-05-11signify should refer to the future keyTheo de Raadt
2016-01-06document the signify command for the next release, so that users canSebastian Benoit
verify before the netx upgrade. document that signify.1 needs an edit bump once in a while. ok tedu@ florian@
2016-01-05Bump example pubkey filenames for 5.9Florian Obser
OK benno@
2015-12-04polishingTed Unangst
2015-11-02Make signify's stdout line buffered. This allows to run the verboseAlexander Bluhm
output through a pipe and still see the progress immediately. OK tedu@
2015-10-30mark usage __deadTed Unangst
2015-10-09Change all tame callers to namechange to pledge(2).Theo de Raadt
2015-10-08add some tame calls. we may need a bunch of permissions to create filesTed Unangst
and manipulate the tty for readpassphrase, but once we've parsed options and have some idea of what's going to happen next, we can reduce down quite a bit more. particular use case of "signify | patch" is limited to feeding garbage to patch.
2015-07-14Bump example pubkey filenames for 5.8Florian Obser
OK benno@
2015-02-16Declare ge25519_base as extern, to prevent it from becoming a common. Gets usMiod Vallat
rid of ``lignment 4 of symbol `crypto_sign_ed25519_ref_ge25519_base' in mod_ge25519.o is smaller than 16 in mod_ed25519.o'' warnings at link time.
2015-01-20i wrote thisTed Unangst
2015-01-16improve checksum parsing slightly. now handles filenames with spaces.Ted Unangst
(though not names with ')'; sorry.)
2015-01-16just to be careful, add a cpp guard that the sscanf sizes are okTed Unangst
2015-01-15use PATH_MAX for path buffers. in case, you know...Ted Unangst
2015-01-09absurd optimization. reduce initial space by one to avoid leaving one byteTed Unangst
hanging off on a page by itself.
2015-01-07bcallah noticed the ifndef guard for headers was wrong. don't fix, justTed Unangst
remove it, and put these includes up with their friends.
2015-01-07Bump example pubkey filenames for 5.7Florian Obser
OK benno@
2014-12-29useless change. overwriting the nul byte with a newline means b64_ntopTed Unangst
can use the whole buffer, even the last byte.
2014-12-29rename fingerprint struct field. no longer exposed to users, but since it'sTed Unangst
not technically a fingerprint as others understand the term, pick another. now it's a keynum! after an email from Florian Weimer
2014-12-29remove the inspect debug command. should not be used by users, who are notTed Unangst
supposed to know what fingerprints are or that they exist.
2014-11-20Yet more #include de-duplication.Kenneth R Westerback
ok deraadt@ tedu@
2014-08-22don't need this file, only the mod versionTed Unangst
2014-08-07Bump example pubkey filenames to /etc/signify/openbsd-56-base.pub forLawrence Teo
5.6. ok deraadt@
2014-07-22Pull in all the parts. Let's face the facts -- .PATH from otherTheo de Raadt
parts of the tree is PAINFUL for basically everyone upstream, not just for us in our own tree.
2014-07-13compare snprintf return value with -1. this isn't really necessary becauseTed Unangst
int promotion rules guarantee the correct result when compared with sizeof, but it is perhaps easier for some people to understand it this way. from Doug Hogan.
2014-05-30don't assign variables in if() that's not error checkingTed Unangst
2014-05-30a little style consistency with error checkingTed Unangst
2014-05-16save up the failures for the end in the argc == 0.Ted Unangst
help ok espie
2014-05-16a few changes for new code to match local styleTed Unangst
2014-05-16checksum mode can use magic pubkey finder tooTed Unangst
2014-05-16rework -C (perfect candidate for using hash tables, really):Marc Espie
insert files we want to check into a hash, parse SHA256 message on the fly, delete entries whose checksum match, then display entries that failed. This completely avoids allocating temporary storage for file names and checksums and removes the quadratic match (argv[i] vs line[n]). okay tedu@
2014-05-15fix the band-aid error.Marc Espie
tedu was bitten by the RETARDED interface in sha2.h (who names string LENGTH things that are actually buffer SIZES) ? make -C mode work again. okay beck@
2014-05-14let cpp do some of the workTed Unangst
2014-05-14spell out base64 in error messagesTed Unangst
2014-05-14save some memory by reducing buffer sizesTed Unangst
2014-05-14recode base64 hashes if necessaryTed Unangst
2014-05-14realloc like a boss, so checksum verification doesn't take minutes.Ted Unangst
2014-05-06temp variable for a bit of clarityTed Unangst
2014-05-06remove unneeded variableTed Unangst
2014-05-06factor out the safepathTed Unangst
2014-05-06be more explicit about what's a stringTed Unangst
2014-05-06better alloc idiomTed Unangst
2014-05-06factor max message sizeTed Unangst
2014-04-22use reallocarrayTed Unangst
2014-04-22errx when errno won't be set.Ted Unangst
2014-04-14confirm passwords when generating keysTed Unangst
2014-03-17quiet time is overTed Unangst