Update for git-crypt 0.4.1

Add 'git-crypt version' command
Makefile: The install target should depend git-crypt.
2026-01-11 12:45:49 -08:00 · 2015-01-07 20:23:28 -08:00 · 2015-01-07 20:23:07 -08:00 · 2015-01-07 20:06:45 -08:00 · 2015-01-02 10:35:57 -08:00 · 2015-01-02 10:30:47 -08:00
9 changed files with 97 additions and 14 deletions
--- a/2
+++ b/2
@@ -25,7 +25,7 @@ util.o: util.cpp util-unix.cpp util-win32.cpp
 clean:
 	rm -f *.o git-crypt
-install:
+install: git-crypt
 	install -m 755 git-crypt $(DESTDIR)$(PREFIX)/bin/
 .PHONY: all clean install
--- a/5
+++ b/5
@@ -1,3 +1,8 @@
 v0.4.1 (2015-01-08)
  * Important usability fix to ensure that the .git-crypt directory
    can't be encrypted by accident (see RELEASE_NOTES-0.4.1.md for
    more information).
 v0.4 (2014-11-16)
  (See RELEASE_NOTES-0.4.md for important details.)
  * Add optional GPG support: GPG can be used to share the repository
--- a/NEWS.md
+++ b/NEWS.md
@@ -1,6 +1,11 @@
 News
 ====
 ######v0.4.1 (2015-01-08)
 * Important usability fix to ensure that the .git-crypt directory
  can't be encrypted by accident (see
  [the release notes](RELEASE_NOTES-0.4.1.md) for more information).
 ######v0.4 (2014-11-16)
 (See [the release notes](RELEASE_NOTES-0.4.md) for important details.)
 *   Add optional GPG support: GPG can be used to share the repository
--- a/6
+++ b/6
@@ -66,7 +66,7 @@ encryption and decryption happen transparently.
 CURRENT STATUS
-The latest version of git-crypt is 0.4, released on 2014-11-16.
+The latest version of git-crypt is 0.4.1, released on 2015-01-08.
 git-crypt aims to be bug-free and reliable, meaning it shouldn't
 crash, malfunction, or expose your confidential data.  However,
 it has not yet reached maturity, meaning it is not as documented,
@@ -145,5 +145,5 @@ MAILING LISTS
 To stay abreast of, and provide input to, git-crypt development, consider
 subscribing to one or both of our mailing lists:
-Announcements: http://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce
+Announcements: https://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce
-Discussion:    http://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss
+Discussion:    https://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss
--- a/README.md
+++ b/README.md
@@ -67,8 +67,8 @@ encryption and decryption happen transparently.
 Current Status
 --------------
-The latest version of git-crypt is [0.4](RELEASE_NOTES-0.4.md), released on
+The latest version of git-crypt is [0.4.1](RELEASE_NOTES-0.4.1.md), released on
-2014-11-16.  git-crypt aims to be bug-free and reliable, meaning it
+2015-01-08.  git-crypt aims to be bug-free and reliable, meaning it
 shouldn't crash, malfunction, or expose your confidential data.
 However, it has not yet reached maturity, meaning it is not as
 documented, featureful, or easy-to-use as it should be.  Additionally,
@@ -147,5 +147,5 @@ Mailing Lists
 To stay abreast of, and provide input to, git-crypt development,
 consider subscribing to one or both of our mailing lists:
-* [Announcements](http://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce)
+* [Announcements](https://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce)
-* [Discussion](http://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss)
+* [Discussion](https://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss)
--- a/RELEASE_NOTES-0.4.1.md
+++ b/RELEASE_NOTES-0.4.1.md
@@ -0,0 +1,21 @@
 git-crypt 0.4.1 is a bugfix-only release that contains an important
 usability fix for users who use GPG mode to encrypt an entire repository.
 Previously, if you used a '*' pattern in the top-level .gitattributes
 file, and you did not explicitly add a pattern to exclude the .git-crypt
 directory, the files contained therein would be encrypted, rendering
 the repository impossible to unlock with GPG.
 git-crypt now adds a .gitattributes file to the .git-crypt directory
 to prevent its contents from being encrypted, regardless of patterns in
 the top-level .gitattributes.
 If you are using git-crypt in GPG mode to encrypt an entire repository,
 and you do not already have a .gitattributes pattern to exclude the
 .git-crypt directory, you are strongly advised to upgrade.  After
 upgrading, you should do the following in each of your repositories to
 ensure that the information inside .git-crypt is properly stored:
 1. Remove existing key files: `rm .git-crypt/keys/*/0/*`
 2. Re-add GPG user(s): `git-crypt add-gpg-user GPG_USER_ID ...`
--- a/commands.cpp
+++ b/commands.cpp
@@ -146,7 +146,7 @@ static void validate_key_name_or_throw (const char* key_name)
 	}
 }
-static std::string get_internal_keys_path ()
+static std::string get_internal_state_path ()
 {
 	// git rev-parse --git-dir
 	std::vector<std::string>	command;
@@ -162,11 +162,21 @@ static std::string get_internal_keys_path ()
 	std::string			path;
 	std::getline(output, path);
-	path += "/git-crypt/keys";
+	path += "/git-crypt";
 	return path;
 }
 static std::string get_internal_keys_path (const std::string& internal_state_path)
 {
 	return internal_state_path + "/keys";
 }
 static std::string get_internal_keys_path ()
 {
 	return get_internal_keys_path(get_internal_state_path());
 }
 static std::string get_internal_key_path (const char* key_name)
 {
 	std::string		path(get_internal_keys_path());
@@ -176,7 +186,7 @@ static std::string get_internal_key_path (const char* key_name)
 	return path;
 }
-static std::string get_repo_keys_path ()
+static std::string get_repo_state_path ()
 {
 	// git rev-parse --show-toplevel
 	std::vector<std::string>	command;
@@ -198,10 +208,20 @@ static std::string get_repo_keys_path ()
 		throw Error("Could not determine Git working tree - is this a non-bare repo?");
 	}
-	path += "/.git-crypt/keys";
+	path += "/.git-crypt";
 	return path;
 }
 static std::string get_repo_keys_path (const std::string& repo_state_path)
 {
 	return repo_state_path + "/keys";
 }
 static std::string get_repo_keys_path ()
 {
 	return get_repo_keys_path(get_repo_state_path());
 }
 static std::string get_path_to_top ()
 {
 	// git rev-parse --show-cdup
@@ -1015,10 +1035,23 @@ int add_gpg_user (int argc, const char** argv)
 		return 1;
 	}
-	std::string			keys_path(get_repo_keys_path());
+	const std::string		state_path(get_repo_state_path());
 	std::vector<std::string>	new_files;
-	encrypt_repo_key(key_name, *key, collab_keys, keys_path, &new_files);
+	encrypt_repo_key(key_name, *key, collab_keys, get_repo_keys_path(state_path), &new_files);
 	// Add a .gitatributes file to the repo state directory to prevent files in it from being encrypted.
 	const std::string		state_gitattributes_path(state_path + "/.gitattributes");
 	if (access(state_gitattributes_path.c_str(), F_OK) != 0) {
 		std::ofstream		state_gitattributes_file(state_gitattributes_path.c_str());
 		state_gitattributes_file << "* !filter !diff\n";
 		state_gitattributes_file.close();
 		if (!state_gitattributes_file) {
 			std::clog << "Error: unable to write " << state_gitattributes_path << std::endl;
 			return 1;
 		}
 		new_files.push_back(state_gitattributes_path);
 	}
 	// add/commit the new files
 	if (!new_files.empty()) {
--- a/git-crypt.cpp
+++ b/git-crypt.cpp
@@ -78,6 +78,11 @@ static void print_usage (std::ostream& out)
 	out << "See 'git-crypt help COMMAND' for more information on a specific command." << std::endl;
 }
 static void print_version (std::ostream& out)
 {
 	out << "git-crypt " << VERSION << std::endl;
 }
 static bool help_for_command (const char* command, std::ostream& out)
 {
 	if (std::strcmp(command, "init") == 0) {
@@ -121,6 +126,12 @@ static int help (int argc, const char** argv)
 	return 0;
 }
 static int version (int argc, const char** argv)
 {
 	print_version(std::cout);
 	return 0;
 }
 int main (int argc, const char** argv)
 try {
@@ -141,6 +152,9 @@ try {
 		if (std::strcmp(argv[arg_index], "--help") == 0) {
 			print_usage(std::clog);
 			return 0;
 		} else if (std::strcmp(argv[arg_index], "--version") == 0) {
 			print_version(std::clog);
 			return 0;
 		} else if (std::strcmp(argv[arg_index], "--") == 0) {
 			++arg_index;
 			break;
@@ -171,6 +185,9 @@ try {
 		if (std::strcmp(command, "help") == 0) {
 			return help(argc, argv);
 		}
 		if (std::strcmp(command, "version") == 0) {
 			return version(argc, argv);
 		}
 		if (std::strcmp(command, "init") == 0) {
 			return init(argc, argv);
 		}
--- a/git-crypt.hpp
+++ b/git-crypt.hpp
@@ -31,6 +31,8 @@
 #ifndef GIT_CRYPT_GIT_CRYPT_HPP
 #define GIT_CRYPT_GIT_CRYPT_HPP
 #define VERSION "0.4.1"
 extern const char*	argv0;	// initialized in main() to argv[0]
 #endif
Author	SHA1	Message	Date
Andrew Ayer	849401d733	Update for git-crypt 0.4.1	2015-01-07 20:23:28 -08:00
Andrew Ayer	12881f65fd	Add 'git-crypt version' command	2015-01-07 20:23:07 -08:00
Wael M. Nasreddine	280bd43ac7	Makefile: The install target should depend git-crypt. Signed-off-by: Andrew Ayer <agwa@andrewayer.name>	2015-01-07 20:06:45 -08:00
Andrew Ayer	b7c608da25	Add .gitattributes file to .git-crypt dir to prevent encryption Previously, if you had a .gitattributes file in the root of your repository that matched ``, the files under .git-crypt would also be encrypted, rendering the repository un-decryptable, unless you explicitly excluded the .git-crypt directory, which was easy to overlook. Now, `git-crypt add-gpg-user` automatically adds a .gitattributes file to the .git-crypt directory to prevent its encryption. IMPORTANT: If you are currently using GPG mode to encrypt an entire repository, it is strongly advised that you upgrade git-crypt and then do the following to ensure that the files inside .git-crypt are stored properly: 1. Remove existing key files: `rm .git-crypt/keys//0/*` 2. Re-add GPG user(s): `git-crypt add-gpg-user GPG_USER_ID ...`	2015-01-02 10:35:57 -08:00
Andrew Ayer	9cb1ad3c33	Add some helpers for getting paths to state directories	2015-01-02 10:30:47 -08:00
Andrew Ayer	1b1715b5ec	README: use https URLs for mailing lists	2014-11-26 09:42:10 -08:00