Update debian/changelog for 0.4.2-1~agwa1

debian packaging: install additional docs
Merge tag '0.4.2' into debian
2026-01-17 23:35:53 -08:00 · 2015-01-31 19:44:08 -08:00 · 2015-01-31 19:42:45 -08:00 · 2015-01-31 19:41:21 -08:00 · 2015-01-27 21:36:55 -08:00 · 2014-03-29 17:39:53 -07:00
46 changed files with 915 additions and 2327 deletions
--- a/.github/workflows/release-linux-arm64.yml
+++ b/.github/workflows/release-linux-arm64.yml
@@ -1,46 +0,0 @@
 on:
  release:
    types: [published]
 name: Build Release Binary (Linux ARM64)
 jobs:
  build:
    name: Build Release Binary
    runs-on: ubuntu-22.04-arm
    permissions:
      contents: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      - name: Install dependencies
        run: sudo apt install libssl-dev
      - name: Build binary
        run: make
      - name: Upload release artifact
        uses: actions/upload-artifact@v4
        with:
          name: git-crypt-artifacts
          path: git-crypt
  upload:
    name: Upload Release Binary
    runs-on: ubuntu-latest
    needs: build
    permissions:
      contents: write
    steps:
      - name: Download release artifact
        uses: actions/download-artifact@v4
        with:
          name: git-crypt-artifacts
      - name: Upload release asset
        uses: actions/github-script@v6
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const fs = require("fs").promises;
            const { repo: { owner, repo }, sha } = context;
            await github.rest.repos.uploadReleaseAsset({
              owner, repo,
              release_id: ${{ github.event.release.id }},
              name: 'git-crypt-${{ github.event.release.name }}-linux-aarch64',
              data: await fs.readFile('git-crypt'),
            });
--- a/.github/workflows/release-linux.yml
+++ b/.github/workflows/release-linux.yml
@@ -1,46 +0,0 @@
 on:
  release:
    types: [published]
 name: Build Release Binary (Linux)
 jobs:
  build:
    name: Build Release Binary
    runs-on: ubuntu-22.04
    permissions:
      contents: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      - name: Install dependencies
        run: sudo apt install libssl-dev
      - name: Build binary
        run: make
      - name: Upload release artifact
        uses: actions/upload-artifact@v4
        with:
          name: git-crypt-artifacts
          path: git-crypt
  upload:
    name: Upload Release Binary
    runs-on: ubuntu-latest
    needs: build
    permissions:
      contents: write
    steps:
      - name: Download release artifact
        uses: actions/download-artifact@v4
        with:
          name: git-crypt-artifacts
      - name: Upload release asset
        uses: actions/github-script@v6
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const fs = require("fs").promises;
            const { repo: { owner, repo }, sha } = context;
            await github.rest.repos.uploadReleaseAsset({
              owner, repo,
              release_id: ${{ github.event.release.id }},
              name: 'git-crypt-${{ github.event.release.name }}-linux-x86_64',
              data: await fs.readFile('git-crypt'),
            });
--- a/.github/workflows/release-windows.yml
+++ b/.github/workflows/release-windows.yml
@@ -1,56 +0,0 @@
 on:
  release:
    types: [published]
 name: Build Release Binary (Windows)
 jobs:
  build:
    name: Build Release Binary
    runs-on: windows-2022
    permissions:
      contents: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v3
      - name: Setup msys2
        uses: msys2/setup-msys2@v2
        with:
          msystem: MINGW64
          update: true
          install: >-
            base-devel
            msys2-devel
            mingw-w64-x86_64-toolchain
            mingw-w64-x86_64-openssl
            openssl-devel
      - name: Build binary
        shell: msys2 {0}
        run: make LDFLAGS="-static-libstdc++ -static -lcrypto -lws2_32 -lcrypt32"
      - name: Upload release artifact
        uses: actions/upload-artifact@v4
        with:
          name: git-crypt-artifacts
          path: git-crypt.exe
  upload:
    name: Upload Release Binary
    runs-on: ubuntu-latest
    needs: build
    permissions:
      contents: write
    steps:
      - name: Download release artifact
        uses: actions/download-artifact@v4
        with:
          name: git-crypt-artifacts
      - name: Upload release asset
        uses: actions/github-script@v6
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const fs = require("fs").promises;
            const { repo: { owner, repo }, sha } = context;
            await github.rest.repos.uploadReleaseAsset({
              owner, repo,
              release_id: ${{ github.event.release.id }},
              name: 'git-crypt-${{ github.event.release.name }}-x86_64.exe',
              data: await fs.readFile('git-crypt.exe'),
            });
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -4,7 +4,8 @@ documentation, bug reports, or anything else that improves git-crypt.
 When contributing code, please consider the following guidelines:
- * You are encouraged to open an issue on GitHub to discuss any non-trivial
+ * You are encouraged to open an issue on GitHub or send mail to
   git-crypt-discuss@lists.cloudmutt.com to discuss any non-trivial
   changes before you start coding.
 * Please mimic the existing code style as much as possible.  In
@@ -14,7 +15,8 @@ When contributing code, please consider the following guidelines:
 * To minimize merge commits, please rebase your changes before opening
   a pull request.
- * To submit your patch, open a pull request on GitHub.
+ * To submit your patch, open a pull request on GitHub or send a
   properly-formatted patch to git-crypt-discuss@lists.cloudmutt.com.
 Finally, be aware that since git-crypt is security-sensitive software,
 the bar for contributions is higher than average.  Please don't be
--- a/41
+++ b/41
@@ -1,48 +1,23 @@
 DEPENDENCIES
 To build git-crypt, you need:
                                    Debian/Ubuntu package   RHEL/CentOS package
  -----------------------------------------------------------------------------
  Make                              make                    make
  A C++11 compiler (e.g. gcc 4.9+)  g++                     gcc-c++
  OpenSSL development files         libssl-dev              openssl-devel
 To use git-crypt, you need:
-                                    Debian/Ubuntu package   RHEL/CentOS package
+	* Git 1.7.2 or newer
-  -----------------------------------------------------------------------------
+	* OpenSSL
  Git 1.7.2 or newer                git                     git
  OpenSSL                           openssl                 openssl
-Note: Git 1.8.5 or newer is recommended for best performance.
+To build git-crypt, you need a C++ compiler and OpenSSL development
 headers.
 BUILDING GIT-CRYPT
-Run:
+The Makefile is tailored for g++, but should work with other compilers.
 	$ make
-	$ make install
+	$ cp git-crypt /usr/local/bin/
-To install to a specific location:
+It doesn't matter where you install the git-crypt binary - choose wherever
-
+is most convenient for you.
 	$ make install PREFIX=/usr/local
 Or, just copy the git-crypt binary to wherever is most convenient for you.
 BUILDING THE MAN PAGE
 To build and install the git-crypt(1) man page, pass ENABLE_MAN=yes to make:
 	$ make ENABLE_MAN=yes
 	$ make ENABLE_MAN=yes install
 xsltproc is required to build the man page.  Note that xsltproc will access
 the Internet to retrieve its stylesheet unless the Docbook stylesheet is
 installed locally and registered in the system's XML catalog.
 BUILDING A DEBIAN PACKAGE
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -1,51 +1,29 @@
-### Dependencies
+Dependencies
-
+------------
 To build git-crypt, you need:
 | Software                        | Debian/Ubuntu package | RHEL/CentOS package|
 |---------------------------------|-----------------------|--------------------|
 |Make                             | make                  | make               |
 |A C++11 compiler (e.g. gcc 4.9+) | g++                   | gcc-c++            |
 |OpenSSL development files        | libssl-dev            | openssl-devel      |
 To use git-crypt, you need:
-| Software                        | Debian/Ubuntu package | RHEL/CentOS package|
+*   Git 1.7.2 or newer
-|---------------------------------|-----------------------|--------------------|
+*   OpenSSL
 |Git 1.7.2 or newer               | git                   | git                |
 |OpenSSL                          | openssl               | openssl            |
-Note: Git 1.8.5 or newer is recommended for best performance.
+To build git-crypt, you need a C++ compiler and OpenSSL development
 headers.
-### Building git-crypt
+Building git-crypt
 ------------------
-Run:
+The Makefile is tailored for g++, but should work with other compilers.
    make
-    make install
+    cp git-crypt /usr/local/bin/
-To install to a specific location:
+It doesn't matter where you install the git-crypt binary - choose
-
+wherever is most convenient for you.
    make install PREFIX=/usr/local
 Or, just copy the git-crypt binary to wherever is most convenient for you.
-### Building The Man Page
+Building A Debian Package
-
+-------------------------
 To build and install the git-crypt(1) man page, pass `ENABLE_MAN=yes` to make:
    make ENABLE_MAN=yes
    make ENABLE_MAN=yes install
 xsltproc is required to build the man page.  Note that xsltproc will access
 the Internet to retrieve its stylesheet unless the Docbook stylesheet is
 installed locally and registered in the system's XML catalog.
 ### Building A Debian Package
 Debian packaging can be found in the 'debian' branch of the project Git
 repository.  The package is built using git-buildpackage as follows:
@@ -54,13 +32,15 @@ repository.  The package is built using git-buildpackage as follows:
    git-buildpackage -uc -us
-### Installing On Mac OS X
+Installing On Mac OS X
 ----------------------
 Using the brew package manager, simply run:
    brew install git-crypt
-### Experimental Windows Support
+Experimental Windows Support
 ----------------------------
 git-crypt should build on Windows with MinGW, although the build system
 is not yet finalized so you will need to pass your own CXX, CXXFLAGS, and
--- a/88
+++ b/88
@@ -1,17 +1,7 @@
-#
+CXX := c++
-# Copyright (c) 2015 Andrew Ayer
+CXXFLAGS := -Wall -pedantic -Wno-long-long -O2
-#
+LDFLAGS :=
-# See COPYING file for license information.
+PREFIX := /usr/local
 #
 CXXFLAGS ?= -Wall -pedantic -Wno-long-long -O2
 CXXFLAGS += -std=c++11
 PREFIX ?= /usr/local
 BINDIR ?= $(PREFIX)/bin
 MANDIR ?= $(PREFIX)/share/man
 ENABLE_MAN ?= no
 DOCBOOK_XSL ?= http://cdn.docbook.org/release/xsl-nons/current/manpages/docbook.xsl
 OBJFILES = \
    git-crypt.o \
@@ -20,76 +10,22 @@ OBJFILES = \
    gpg.o \
    key.o \
    util.o \
-    parse_options.o \
+    parse_options.o
    coprocess.o \
    fhstream.o
-OBJFILES += crypto-openssl-11.o
+OBJFILES += crypto-openssl.o
 LDFLAGS += -lcrypto
-XSLTPROC ?= xsltproc
+all: git-crypt
 DOCBOOK_FLAGS += --param man.output.in.separate.dir 1 \
 		 --stringparam man.output.base.dir man/ \
 		 --param man.output.subdirs.enabled 1 \
 		 --param man.authors.section.enabled 1
 all: build
 #
 # Build
 #
 BUILD_MAN_TARGETS-yes = build-man
 BUILD_MAN_TARGETS-no =
 BUILD_TARGETS := build-bin $(BUILD_MAN_TARGETS-$(ENABLE_MAN))
 build: $(BUILD_TARGETS)
 build-bin: git-crypt
 git-crypt: $(OBJFILES)
 	$(CXX) $(CXXFLAGS) -o $@ $(OBJFILES) $(LDFLAGS)
 util.o: util.cpp util-unix.cpp util-win32.cpp
 coprocess.o: coprocess.cpp coprocess-unix.cpp coprocess-win32.cpp
-build-man: man/man1/git-crypt.1
+clean:
 	rm -f *.o git-crypt
-man/man1/git-crypt.1: man/git-crypt.xml
+install: git-crypt
-	$(XSLTPROC) $(DOCBOOK_FLAGS) $(DOCBOOK_XSL) man/git-crypt.xml
+	install -m 755 git-crypt $(DESTDIR)$(PREFIX)/bin/
-#
+.PHONY: all clean install
 # Clean
 #
 CLEAN_MAN_TARGETS-yes = clean-man
 CLEAN_MAN_TARGETS-no =
 CLEAN_TARGETS := clean-bin $(CLEAN_MAN_TARGETS-$(ENABLE_MAN))
 clean: $(CLEAN_TARGETS)
 clean-bin:
 	rm -f $(OBJFILES) git-crypt
 clean-man:
 	rm -f man/man1/git-crypt.1
 #
 # Install
 #
 INSTALL_MAN_TARGETS-yes = install-man
 INSTALL_MAN_TARGETS-no =
 INSTALL_TARGETS := install-bin $(INSTALL_MAN_TARGETS-$(ENABLE_MAN))
 install: $(INSTALL_TARGETS)
 install-bin: build-bin
 	install -d $(DESTDIR)$(BINDIR)
 	install -m 755 git-crypt $(DESTDIR)$(BINDIR)/
 install-man: build-man
 	install -d $(DESTDIR)$(MANDIR)/man1
 	install -m 644 man/man1/git-crypt.1 $(DESTDIR)$(MANDIR)/man1/
 .PHONY: all \
 	build build-bin build-man \
 	clean clean-bin clean-man \
 	install install-bin install-man
--- a/46
+++ b/46
@@ -0,0 +1,46 @@
 v0.4.2 (2015-01-31)
  * Fix unlock and lock under Git 2.2.2 and higher.
  * Drop support for versions of Git older than 1.7.2.
  * Minor improvements to some help/error messages.
 v0.4.1 (2015-01-08)
  * Important usability fix to ensure that the .git-crypt directory
    can't be encrypted by accident (see RELEASE_NOTES-0.4.1.md for
    more information).
 v0.4 (2014-11-16)
  (See RELEASE_NOTES-0.4.md for important details.)
  * Add optional GPG support: GPG can be used to share the repository
    between one or more users in lieu of sharing a secret key.
  * New workflow: the symmetric key is now stored inside the .git
    directory.  Although backwards compatibility has been preserved
    with repositories created by old versions of git-crypt, the
    commands for setting up a repository have changed.  See the
    release notes file for details.
  * Multiple key support: it's now possible to encrypt different parts
    of a repository with different keys.
  * Initial 'git-crypt status' command to report which files are
    encrypted and to fix problems that are detected.
  * Numerous usability, documentation, and error reporting improvements.
  * Major internal code improvements that will make future development
    easier.
  * Initial experimental Windows support.
 v0.3 (2013-04-05)
  * Fix 'git-crypt init' on newer versions of Git.  Previously,
    encrypted files were not being automatically decrypted after
    running 'git-crypt init' with recent versions of Git.
  * Allow 'git-crypt init' to be run even if the working tree contains
    untracked files.
  * 'git-crypt init' now properly escapes arguments to the filter
    commands it configures, allowing both the path to git-crypt and the
    path to the key file to contain arbitrary characters such as spaces.
 v0.2 (2013-01-25)
  * Numerous improvements to 'git-crypt init' usability.
  * Fix gitattributes example in README: the old example showed a colon
    after the filename where there shouldn't be one.
  * Various build fixes and improvements.
 v0.1 (2012-11-29)
  * Initial release.
--- a/NEWS.md
+++ b/NEWS.md
@@ -1,81 +1,49 @@
-# Change Log
+News
 ====
-## v0.8.0 (2025-09-23)
+######v0.4.2 (2015-01-31)
 * Remove OpenSSL 1.0 support, fix compilation with OpenSSL 3.
 * Avoid use of problematic short GPG key IDs.
 ## v0.7.0 (2022-04-21)
 * Avoid "argument list too long" errors on macOS.
 * Fix handling of "-" arguments.
 * Minor documentation improvements.
 ## v0.6.0 (2017-11-26)
 * Add support for OpenSSL 1.1 (still works with OpenSSL 1.0).
 * Switch to C++11 (gcc 4.9 or higher now required to build).
 * Allow GPG to fail on some keys (makes unlock work better if there are
  multiple keys that can unlock the repo but only some are available).
 * Allow the repo state directory to be configured with the
  git-crypt.repoStateDir git config option.
 * Respect the gpg.program git config option.
 * Don't hard code path to git-crypt in .git/config on Linux (ensures
  repo continues to work if git-crypt is moved).
 * Ensure git-crypt's gpg files won't be treated as text by Git.
 * Minor improvements to build system, documentation.
 ## v0.5.0 (2015-05-30)
 * Drastically speed up lock/unlock when used with Git 1.8.5 or newer.
 * Add git-crypt(1) man page (pass `ENABLE_MAN=yes` to make to build).
 * Add --trusted option to `git-crypt gpg-add-user` to add user even if
  GPG doesn't trust user's key.
 * Improve `git-crypt lock` usability, add --force option.
 * Ignore symlinks and other non-files when running `git-crypt status`.
 * Fix compilation on old versions of Mac OS X.
 * Fix GPG mode when with-fingerprint enabled in gpg.conf.
 * Minor bug fixes and improvements to help/error messages.
 ## v0.4.2 (2015-01-31)
 * Fix unlock and lock under Git 2.2.2 and higher.
 * Drop support for versions of Git older than 1.7.2.
 * Minor improvements to some help/error messages.
-## v0.4.1 (2015-01-08)
+######v0.4.1 (2015-01-08)
 * Important usability fix to ensure that the .git-crypt directory
  can't be encrypted by accident (see
  [the release notes](RELEASE_NOTES-0.4.1.md) for more information).
-## v0.4 (2014-11-16)
+######v0.4 (2014-11-16)
 (See [the release notes](RELEASE_NOTES-0.4.md) for important details.)
-* Add optional GPG support: GPG can be used to share the repository
+*   Add optional GPG support: GPG can be used to share the repository
-  between one or more users in lieu of sharing a secret key.
+    between one or more users in lieu of sharing a secret key.
-* New workflow: the symmetric key is now stored inside the .git
+*   New workflow: the symmetric key is now stored inside the .git
-  directory.  Although backwards compatibility has been preserved
+    directory.  Although backwards compatibility has been preserved
-  with repositories created by old versions of git-crypt, the
+    with repositories created by old versions of git-crypt, the
-  commands for setting up a repository have changed.  See the
+    commands for setting up a repository have changed.  See the
-  release notes file for details.
+    release notes file for details.
-* Multiple key support: it's now possible to encrypt different parts
+*   Multiple key support: it's now possible to encrypt different parts
-  of a repository with different keys.
+    of a repository with different keys.
-* Initial `git-crypt status` command to report which files are
+*   Initial `git-crypt status` command to report which files are
-  encrypted and to fix problems that are detected.
+    encrypted and to fix problems that are detected.
-* Numerous usability, documentation, and error reporting improvements.
+*   Numerous usability, documentation, and error reporting improvements.
-* Major internal code improvements that will make future development
+*   Major internal code improvements that will make future development
-  easier.
+    easier.
-* Initial experimental Windows support.
+*   Initial experimental Windows support.
-## v0.3 (2013-04-05)
+######v0.3 (2013-04-05)
-* Fix `git-crypt init` on newer versions of Git.  Previously,
+*   Fix `git-crypt init` on newer versions of Git.  Previously,
-  encrypted files were not being automatically decrypted after running
+    encrypted files were not being automatically decrypted after running
-  `git-crypt init` with recent versions of Git.
+    `git-crypt init` with recent versions of Git.
-* Allow `git-crypt init` to be run even if the working tree contains
+*   Allow `git-crypt init` to be run even if the working tree contains
-  untracked files.
+    untracked files.
-* `git-crypt init` now properly escapes arguments to the filter
+*   `git-crypt init` now properly escapes arguments to the filter
-  commands it configures, allowing both the path to git-crypt and the
+    commands it configures, allowing both the path to git-crypt and the
-  path to the key file to contain arbitrary characters such as spaces.
+    path to the key file to contain arbitrary characters such as spaces.
-## v0.2 (2013-01-25)
+######v0.2 (2013-01-25)
-* Numerous improvements to `git-crypt init` usability.
+*   Numerous improvements to `git-crypt init` usability.
-* Fix gitattributes example in [README](README.md): the old example
+*   Fix gitattributes example in [README](README.md): the old example
-  showed a colon after the filename where there shouldn't be one.
+    showed a colon after the filename where there shouldn't be one.
-* Various build fixes and improvements.
+*   Various build fixes and improvements.
-## v0.1 (2012-11-29)
+######v0.1 (2012-11-29)
-* Initial release.
+*   Initial release.
--- a/149
+++ b/149
@@ -0,0 +1,149 @@
 ABOUT GIT-CRYPT
 git-crypt enables transparent encryption and decryption of files in a
 git repository.  Files which you choose to protect are encrypted when
 committed, and decrypted when checked out.  git-crypt lets you freely
 share a repository containing a mix of public and private content.
 git-crypt gracefully degrades, so developers without the secret key can
 still clone and commit to a repository with encrypted files.  This lets
 you store your secret material (such as keys or passwords) in the same
 repository as your code, without requiring you to lock down your entire
 repository.
 git-crypt was written by Andrew Ayer <agwa@andrewayer.name>.  For more
 information, see <https://www.agwa.name/projects/git-crypt>.
 BUILDING GIT-CRYPT
 See the INSTALL file.
 USING GIT-CRYPT
 Configure a repository to use git-crypt:
 	$ cd repo
 	$ git-crypt init
 Specify files to encrypt by creating a .gitattributes file:
 	secretfile filter=git-crypt diff=git-crypt
 	*.key filter=git-crypt diff=git-crypt
 Like a .gitignore file, it can match wildcards and should be checked into
 the repository.  See below for more information about .gitattributes.
 Make sure you don't accidentally encrypt the .gitattributes file itself!
 Share the repository with others (or with yourself) using GPG:
 	$ git-crypt add-gpg-user USER_ID
 USER_ID can be a key ID, a full fingerprint, an email address, or anything
 else that uniquely identifies a public key to GPG (see "HOW TO SPECIFY
 A USER ID" in the gpg man page).  Note: `git-crypt add-gpg-user` will
 add and commit a GPG-encrypted key file in the .git-crypt directory of
 the root of your repository.
 Alternatively, you can export a symmetric secret key, which you must
 securely convey to collaborators (GPG is not required, and no files
 are added to your repository):
 	$ git-crypt export-key /path/to/key
 After cloning a repository with encrypted files, unlock with with GPG:
 	$ git-crypt unlock
 Or with a symmetric key:
 	$ git-crypt unlock /path/to/key
 That's all you need to do - after git-crypt is set up (either with
 `git-crypt init` or `git-crypt unlock`), you can use git normally -
 encryption and decryption happen transparently.
 CURRENT STATUS
 The latest version of git-crypt is 0.4.2, released on 2015-01-31.
 git-crypt aims to be bug-free and reliable, meaning it shouldn't
 crash, malfunction, or expose your confidential data.  However,
 it has not yet reached maturity, meaning it is not as documented,
 featureful, or easy-to-use as it should be.  Additionally, there may be
 backwards-incompatible changes introduced before version 1.0.
 SECURITY
 git-crypt is more secure that other transparent git encryption systems.
 git-crypt encrypts files using AES-256 in CTR mode with a synthetic IV
 derived from the SHA-1 HMAC of the file.  This is provably semantically
 secure under deterministic chosen-plaintext attack.  That means that
 although the encryption is deterministic (which is required so git can
 distinguish when a file has and hasn't changed), it leaks no information
 beyond whether two files are identical or not.  Other proposals for
 transparent git encryption use ECB or CBC with a fixed IV.  These systems
 are not semantically secure and leak information.
 LIMITATIONS
 git-crypt relies on git filters, which were not designed with encryption
 in mind.  As such, git-crypt is not the best tool for encrypting most or
 all of the files in a repository. Where git-crypt really shines is where
 most of your repository is public, but you have a few files (perhaps
 private keys named *.key, or a file with API credentials) which you
 need to encrypt.  For encrypting an entire repository, consider using a
 system like git-remote-gcrypt <https://github.com/joeyh/git-remote-gcrypt>
 instead.  (Note: no endorsement is made of git-remote-gcrypt's security.)
 git-crypt does not encrypt file names, commit messages, or other metadata.
 Files encrypted with git-crypt are not compressible.  Even the smallest
 change to an encrypted file requires git to store the entire changed file,
 instead of just a delta.
 Although git-crypt protects individual file contents with a SHA-1
 HMAC, git-crypt cannot be used securely unless the entire repository is
 protected against tampering (an attacker who can mutate your repository
 can alter your .gitattributes file to disable encryption).  If necessary,
 use git features such as signed tags instead of relying solely on
 git-crypt for integrity.
 Files encrypted with git-crypt cannot be patched with git-apply, unless
 the patch itself is encrypted.  To generate an encrypted patch, use `git
 diff --no-textconv --binary`.  Alternatively, you can apply a plaintext
 patch outside of git using the patch command.
 git-crypt does not work reliably with Atlassian SourceTree.
 Files might be left in an unencrypted state.  See
 <https://jira.atlassian.com/browse/SRCTREE-2511>.
 GITATTRIBUTES FILE
 The .gitattributes file is documented in the gitattributes(5) man page.
 The file pattern format is the same as the one used by .gitignore,
 as documented in the gitignore(5) man page, with the exception that
 specifying merely a directory (e.g. `/dir/`) is NOT sufficient to
 encrypt all files beneath it.
 Also note that the pattern `dir/*` does not match files under
 sub-directories of dir/.  To encrypt an entire sub-tree dir/, place the
 following in dir/.gitattributes:
 	* filter=git-crypt diff=git-crypt
 	.gitattributes !filter !diff
 The second pattern is essential for ensuring that .gitattributes itself
 is not encrypted.
 MAILING LISTS
 To stay abreast of, and provide input to, git-crypt development, consider
 subscribing to one or both of our mailing lists:
 Announcements: https://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce
 Discussion:    https://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss
--- a/README.md
+++ b/README.md
@@ -31,14 +31,10 @@ Specify files to encrypt by creating a .gitattributes file:
    secretfile filter=git-crypt diff=git-crypt
    *.key filter=git-crypt diff=git-crypt
    secretdir/** filter=git-crypt diff=git-crypt
 Like a .gitignore file, it can match wildcards and should be checked into
 the repository.  See below for more information about .gitattributes.
-Make sure you don't accidentally encrypt the .gitattributes file itself
+Make sure you don't accidentally encrypt the .gitattributes file itself!
 (or other git files like .gitignore or .gitmodules).  Make sure your
 .gitattributes rules are in place *before* you add sensitive files, or
 those files won't be encrypted!
 Share the repository with others (or with yourself) using GPG:
@@ -56,7 +52,7 @@ are added to your repository):
    git-crypt export-key /path/to/key
-After cloning a repository with encrypted files, unlock with GPG:
+After cloning a repository with encrypted files, unlock with with GPG:
    git-crypt unlock
@@ -71,8 +67,8 @@ encryption and decryption happen transparently.
 Current Status
 --------------
-The latest version of git-crypt is [0.8.0](NEWS.md), released on
+The latest version of git-crypt is [0.4.2](NEWS.md), released on
-2025-09-23.  git-crypt aims to be bug-free and reliable, meaning it
+2015-01-31.  git-crypt aims to be bug-free and reliable, meaning it
 shouldn't crash, malfunction, or expose your confidential data.
 However, it has not yet reached maturity, meaning it is not as
 documented, featureful, or easy-to-use as it should be.  Additionally,
@@ -82,15 +78,15 @@ there may be backwards-incompatible changes introduced before version
 Security
 --------
-git-crypt is more secure than other transparent git encryption systems.
+git-crypt is more secure that other transparent git encryption systems.
 git-crypt encrypts files using AES-256 in CTR mode with a synthetic IV
-derived from the SHA-1 HMAC of the file.  This mode of operation is
+derived from the SHA-1 HMAC of the file.  This is provably semantically
-provably semantically secure under deterministic chosen-plaintext attack.
+secure under deterministic chosen-plaintext attack.  That means that
-That means that although the encryption is deterministic (which is
+although the encryption is deterministic (which is required so git can
-required so git can distinguish when a file has and hasn't changed),
+distinguish when a file has and hasn't changed), it leaks no information
-it leaks no information beyond whether two files are identical or not.
+beyond whether two files are identical or not.  Other proposals for
-Other proposals for transparent git encryption use ECB or CBC with a
+transparent git encryption use ECB or CBC with a fixed IV.  These
-fixed IV.  These systems are not semantically secure and leak information.
+systems are not semantically secure and leak information.
 Limitations
 -----------
@@ -101,25 +97,10 @@ all of the files in a repository. Where git-crypt really shines is where
 most of your repository is public, but you have a few files (perhaps
 private keys named *.key, or a file with API credentials) which you
 need to encrypt.  For encrypting an entire repository, consider using a
-system like [git-remote-gcrypt](https://spwhitton.name/tech/code/git-remote-gcrypt/)
+system like [git-remote-gcrypt](https://github.com/joeyh/git-remote-gcrypt)
 instead.  (Note: no endorsement is made of git-remote-gcrypt's security.)
-git-crypt does not encrypt file names, commit messages, symlink targets,
+git-crypt does not encrypt file names, commit messages, or other metadata.
 gitlinks, or other metadata.
 git-crypt does not hide when a file does or doesn't change, the length
 of a file, or the fact that two files are identical (see "Security"
 section above).
 git-crypt does not support revoking access to an encrypted repository
 which was previously granted. This applies to both multi-user GPG
 mode (there's no del-gpg-user command to complement add-gpg-user)
 and also symmetric key mode (there's no support for rotating the key).
 This is because it is an inherently complex problem in the context
 of historical data. For example, even if a key was rotated at one
 point in history, a user having the previous key can still access
 previous repository history. This problem is discussed in more detail in
 <https://github.com/AGWA/git-crypt/issues/47>.
 Files encrypted with git-crypt are not compressible.  Even the smallest
 change to an encrypted file requires git to store the entire changed file,
@@ -137,9 +118,9 @@ the patch itself is encrypted.  To generate an encrypted patch, use `git
 diff --no-textconv --binary`.  Alternatively, you can apply a plaintext
 patch outside of git using the patch command.
-git-crypt does not work reliably with some third-party git GUIs, such
+git-crypt does [not work reliably with Atlassian
-as [Atlassian SourceTree](https://jira.atlassian.com/browse/SRCTREE-2511)
+SourceTree](https://jira.atlassian.com/browse/SRCTREE-2511).  Files might
-and GitHub for Mac.  Files might be left in an unencrypted state.
+be left in an unencrypted state.
 Gitattributes File
 ------------------
@@ -151,12 +132,20 @@ specifying merely a directory (e.g. `/dir/`) is *not* sufficient to
 encrypt all files beneath it.
 Also note that the pattern `dir/*` does not match files under
-sub-directories of dir/.  To encrypt an entire sub-tree dir/, use `dir/**`:
+sub-directories of dir/.  To encrypt an entire sub-tree dir/, place the
-
+following in dir/.gitattributes:
    dir/** filter=git-crypt diff=git-crypt
 The .gitattributes file must not be encrypted, so make sure wildcards don't
 match it accidentally.  If necessary, you can exclude .gitattributes from
 encryption like this:
    * filter=git-crypt diff=git-crypt
    .gitattributes !filter !diff
 The second pattern is essential for ensuring that .gitattributes itself
 is not encrypted.
 Mailing Lists
 -------------
 To stay abreast of, and provide input to, git-crypt development,
 consider subscribing to one or both of our mailing lists:
 * [Announcements](https://lists.cloudmutt.com/mailman/listinfo/git-crypt-announce)
 * [Discussion](https://lists.cloudmutt.com/mailman/listinfo/git-crypt-discuss)
--- a/THANKS.md
+++ b/THANKS.md
@@ -12,10 +12,6 @@ For their contributions to git-crypt, I thank:
   * Linus G Thiel
   * Michael Schout
   * Simon Kotlinski
   * Kevin Menard
   * Wael M. Nasreddine
   * Kevin Borgolte
   * Adrian Cohea
 * And everyone who has tested git-crypt, provided feedback, reported
   bugs, and participated in discussions about new features.
--- a/commands.cpp
+++ b/commands.cpp
@@ -34,7 +34,6 @@
 #include "key.hpp"
 #include "gpg.hpp"
 #include "parse_options.hpp"
 #include "coprocess.hpp"
 #include <unistd.h>
 #include <stdint.h>
 #include <algorithm>
@@ -48,15 +47,8 @@
 #include <stdio.h>
 #include <string.h>
 #include <errno.h>
 #include <exception>
 #include <vector>
 enum {
 	// # of arguments per git checkout call; must be large enough to be efficient but small
 	// enough to avoid operating system limits on argument length
 	GIT_CHECKOUT_BATCH_SIZE = 100
 };
 static std::string attribute_name (const char* key_name)
 {
 	if (key_name) {
@@ -68,49 +60,6 @@ static std::string attribute_name (const char* key_name)
 	}
 }
 static std::string git_version_string ()
 {
 	std::vector<std::string>	command;
 	command.push_back("git");
 	command.push_back("version");
 	std::stringstream		output;
 	if (!successful_exit(exec_command(command, output))) {
 		throw Error("'git version' failed - is Git installed?");
 	}
 	std::string			word;
 	output >> word; // "git"
 	output >> word; // "version"
 	output >> word; // "1.7.10.4"
 	return word;
 }
 static std::vector<int> parse_version (const std::string& str)
 {
 	std::istringstream	in(str);
 	std::vector<int>	version;
 	std::string		component;
 	while (std::getline(in, component, '.')) {
 		version.push_back(std::atoi(component.c_str()));
 	}
 	return version;
 }
 static const std::vector<int>& git_version ()
 {
 	static const std::vector<int> version(parse_version(git_version_string()));
 	return version;
 }
 static std::vector<int> make_version (int a, int b, int c)
 {
 	std::vector<int>	version;
 	version.push_back(a);
 	version.push_back(b);
 	version.push_back(c);
 	return version;
 }
 static void git_config (const std::string& name, const std::string& value)
 {
 	std::vector<std::string>	command;
@@ -124,23 +73,7 @@ static void git_config (const std::string& name, const std::string& value)
 	}
 }
-static bool git_has_config (const std::string& name)
+static void git_unconfig (const std::string& name)
 {
 	std::vector<std::string>	command;
 	command.push_back("git");
 	command.push_back("config");
 	command.push_back("--get-all");
 	command.push_back(name);
 	std::stringstream		output;
 	switch (exit_status(exec_command(command, output))) {
 		case 0:  return true;
 		case 1:  return false;
 		default: throw Error("'git config' failed");
 	}
 }
 static void git_deconfig (const std::string& name)
 {
 	std::vector<std::string>	command;
 	command.push_back("git");
@@ -174,34 +107,22 @@ static void configure_git_filters (const char* key_name)
 	}
 }
-static void deconfigure_git_filters (const char* key_name)
+static void unconfigure_git_filters (const char* key_name)
 {
-	// deconfigure the git-crypt filters
+	// unconfigure the git-crypt filters
-	if (git_has_config("filter." + attribute_name(key_name) + ".smudge") ||
+	git_unconfig("filter." + attribute_name(key_name));
-			git_has_config("filter." + attribute_name(key_name) + ".clean") ||
+	git_unconfig("diff." + attribute_name(key_name));
 			git_has_config("filter." + attribute_name(key_name) + ".required")) {
 		git_deconfig("filter." + attribute_name(key_name));
 	}
 	if (git_has_config("diff." + attribute_name(key_name) + ".textconv")) {
 		git_deconfig("diff." + attribute_name(key_name));
 	}
 }
-static bool git_checkout_batch (std::vector<std::string>::const_iterator paths_begin, std::vector<std::string>::const_iterator paths_end)
+static bool git_checkout (const std::vector<std::string>& paths)
 {
 	if (paths_begin == paths_end) {
 		return true;
 	}
 	std::vector<std::string>	command;
 	command.push_back("git");
 	command.push_back("checkout");
 	command.push_back("--");
-	for (auto path(paths_begin); path != paths_end; ++path) {
+	for (std::vector<std::string>::const_iterator path(paths.begin()); path != paths.end(); ++path) {
 		command.push_back(*path);
 	}
@@ -212,18 +133,6 @@ static bool git_checkout_batch (std::vector<std::string>::const_iterator paths_b
 	return true;
 }
 static bool git_checkout (const std::vector<std::string>& paths)
 {
 	auto paths_begin(paths.begin());
 	while (paths.end() - paths_begin >= GIT_CHECKOUT_BATCH_SIZE) {
 		if (!git_checkout_batch(paths_begin, paths_begin + GIT_CHECKOUT_BATCH_SIZE)) {
 			return false;
 		}
 		paths_begin += GIT_CHECKOUT_BATCH_SIZE;
 	}
 	return git_checkout_batch(paths_begin, paths.end());
 }
 static bool same_key_name (const char* a, const char* b)
 {
 	return (!a && !b) || (a && b && std::strcmp(a, b) == 0);
@@ -277,27 +186,6 @@ static std::string get_internal_key_path (const char* key_name)
 	return path;
 }
 std::string get_git_config (const std::string& name)
 {
 	// git config --get
 	std::vector<std::string>	command;
 	command.push_back("git");
 	command.push_back("config");
 	command.push_back("--get");
 	command.push_back(name);
 	std::stringstream	output;
 	if (!successful_exit(exec_command(command, output))) {
 		throw Error("'git config' missing value for key '" + name +"'");
 	}
 	std::string		value;
 	std::getline(output, value);
 	return value;
 }
 static std::string get_repo_state_path ()
 {
 	// git rev-parse --show-toplevel
@@ -320,18 +208,7 @@ static std::string get_repo_state_path ()
 		throw Error("Could not determine Git working tree - is this a non-bare repo?");
 	}
-	// Check if the repo state dir has been explicitly configured. If so, use that in path construction.
+	path += "/.git-crypt";
 	if (git_has_config("git-crypt.repoStateDir")) {
 		std::string		repoStateDir = get_git_config("git-crypt.repoStateDir");
 		// The repoStateDir value must always be relative to git work tree to ensure the repoStateDir can be committed
 		// along with the remainder of the repository.
 		path += '/' + repoStateDir;
 	} else {
 		// There is no explicitly configured repo state dir configured, so use the default.
 		path += "/.git-crypt";
 	}
 	return path;
 }
@@ -383,6 +260,7 @@ static void get_git_status (std::ostream& output)
 static std::pair<std::string, std::string> get_file_attributes (const std::string& filename)
 {
 	// git check-attr filter diff -- filename
 	// TODO: pass -z to get machine-parseable output (this requires Git 1.8.5 or higher, which was released on 27 Nov 2013)
 	std::vector<std::string>	command;
 	command.push_back("git");
 	command.push_back("check-attr");
@@ -431,36 +309,6 @@ static std::pair<std::string, std::string> get_file_attributes (const std::strin
 	return std::make_pair(filter_attr, diff_attr);
 }
 // returns filter and diff attributes as a pair
 static std::pair<std::string, std::string> get_file_attributes (const std::string& filename, std::ostream& check_attr_stdin, std::istream& check_attr_stdout)
 {
 	check_attr_stdin << filename << '\0' << std::flush;
 	std::string			filter_attr;
 	std::string			diff_attr;
 	// Example output:
 	// filename\0filter\0git-crypt\0filename\0diff\0git-crypt\0
 	for (int i = 0; i < 2; ++i) {
 		std::string		filename;
 		std::string		attr_name;
 		std::string		attr_value;
 		std::getline(check_attr_stdout, filename, '\0');
 		std::getline(check_attr_stdout, attr_name, '\0');
 		std::getline(check_attr_stdout, attr_value, '\0');
 		if (attr_value != "unspecified" && attr_value != "unset" && attr_value != "set") {
 			if (attr_name == "filter") {
 				filter_attr = attr_value;
 			} else if (attr_name == "diff") {
 				diff_attr = attr_value;
 			}
 		}
 	}
 	return std::make_pair(filter_attr, diff_attr);
 }
 static bool check_if_blob_is_encrypted (const std::string& object_id)
 {
 	// git cat-file blob object_id
@@ -508,80 +356,31 @@ static bool check_if_file_is_encrypted (const std::string& filename)
 	return check_if_blob_is_encrypted(object_id);
 }
 static bool is_git_file_mode (const std::string& mode)
 {
 	return (std::strtoul(mode.c_str(), nullptr, 8) & 0170000) == 0100000;
 }
 static void get_encrypted_files (std::vector<std::string>& files, const char* key_name)
 {
 	// git ls-files -cz -- path_to_top
-	std::vector<std::string>	ls_files_command;
+	std::vector<std::string>	command;
-	ls_files_command.push_back("git");
+	command.push_back("git");
-	ls_files_command.push_back("ls-files");
+	command.push_back("ls-files");
-	ls_files_command.push_back("-csz");
+	command.push_back("-cz");
-	ls_files_command.push_back("--");
+	command.push_back("--");
 	const std::string		path_to_top(get_path_to_top());
 	if (!path_to_top.empty()) {
-		ls_files_command.push_back(path_to_top);
+		command.push_back(path_to_top);
 	}
-	Coprocess			ls_files;
+	std::stringstream		output;
-	std::istream*			ls_files_stdout = ls_files.stdout_pipe();
+	if (!successful_exit(exec_command(command, output))) {
 	ls_files.spawn(ls_files_command);
 	Coprocess			check_attr;
 	std::ostream*			check_attr_stdin = nullptr;
 	std::istream*			check_attr_stdout = nullptr;
 	if (git_version() >= make_version(1, 8, 5)) {
 		// In Git 1.8.5 (released 27 Nov 2013) and higher, we use a single `git check-attr` process
 		// to get the attributes of all files at once.  In prior versions, we have to fork and exec
 		// a separate `git check-attr` process for each file, since -z and --stdin aren't supported.
 		// In a repository with thousands of files, this results in an almost 100x speedup.
 		std::vector<std::string>	check_attr_command;
 		check_attr_command.push_back("git");
 		check_attr_command.push_back("check-attr");
 		check_attr_command.push_back("--stdin");
 		check_attr_command.push_back("-z");
 		check_attr_command.push_back("filter");
 		check_attr_command.push_back("diff");
 		check_attr_stdin = check_attr.stdin_pipe();
 		check_attr_stdout = check_attr.stdout_pipe();
 		check_attr.spawn(check_attr_command);
 	}
 	while (ls_files_stdout->peek() != -1) {
 		std::string		mode;
 		std::string		object_id;
 		std::string		stage;
 		std::string		filename;
 		*ls_files_stdout >> mode >> object_id >> stage >> std::ws;
 		std::getline(*ls_files_stdout, filename, '\0');
 		if (is_git_file_mode(mode)) {
 			std::string	filter_attribute;
 			if (check_attr_stdin) {
 				filter_attribute = get_file_attributes(filename, *check_attr_stdin, *check_attr_stdout).first;
 			} else {
 				filter_attribute = get_file_attributes(filename).first;
 			}
 			if (filter_attribute == attribute_name(key_name)) {
 				files.push_back(filename);
 			}
 		}
 	}
 	if (!successful_exit(ls_files.wait())) {
 		throw Error("'git ls-files' failed - is this a Git repository?");
 	}
-	if (check_attr_stdin) {
+	while (output.peek() != -1) {
-		check_attr.close_stdin();
+		std::string		filename;
-		if (!successful_exit(check_attr.wait())) {
+		std::getline(output, filename, '\0');
-			throw Error("'git check-attr' failed - is this a Git repository?");
+
 		// TODO: get file attributes en masse for efficiency... unfortunately this requires machine-parseable output from git check-attr to be workable, and this is only supported in Git 1.8.5 and above (released 27 Nov 2013)
 		if (get_file_attributes(filename).first == attribute_name(key_name)) {
 			files.push_back(filename);
 		}
 	}
 }
@@ -612,20 +411,13 @@ static void load_key (Key_file& key_file, const char* key_name, const char* key_
 static bool decrypt_repo_key (Key_file& key_file, const char* key_name, uint32_t key_version, const std::vector<std::string>& secret_keys, const std::string& keys_path)
 {
 	std::exception_ptr gpg_error;
 	for (std::vector<std::string>::const_iterator seckey(secret_keys.begin()); seckey != secret_keys.end(); ++seckey) {
 		std::ostringstream		path_builder;
 		path_builder << keys_path << '/' << (key_name ? key_name : "default") << '/' << key_version << '/' << *seckey << ".gpg";
 		std::string			path(path_builder.str());
 		if (access(path.c_str(), F_OK) == 0) {
 			std::stringstream	decrypted_contents;
-			try {
+			gpg_decrypt_from_file(path, decrypted_contents);
 				gpg_decrypt_from_file(path, decrypted_contents);
 			} catch (const Gpg_error&) {
 				gpg_error = std::current_exception();
 				continue;
 			}
 			Key_file		this_version_key_file;
 			this_version_key_file.load(decrypted_contents);
 			const Key_file::Entry*	this_version_entry = this_version_key_file.get(key_version);
@@ -640,11 +432,6 @@ static bool decrypt_repo_key (Key_file& key_file, const char* key_name, uint32_t
 			return true;
 		}
 	}
 	if (gpg_error) {
 		std::rethrow_exception(gpg_error);
 	}
 	return false;
 }
@@ -675,7 +462,7 @@ static bool decrypt_repo_keys (std::vector<Key_file>& key_files, uint32_t key_ve
 	return successful;
 }
-static void encrypt_repo_key (const char* key_name, const Key_file::Entry& key, const std::vector<std::pair<std::string, bool> >& collab_keys, const std::string& keys_path, std::vector<std::string>* new_files)
+static void encrypt_repo_key (const char* key_name, const Key_file::Entry& key, const std::vector<std::string>& collab_keys, const std::string& keys_path, std::vector<std::string>* new_files)
 {
 	std::string	key_file_data;
 	{
@@ -685,11 +472,9 @@ static void encrypt_repo_key (const char* key_name, const Key_file::Entry& key,
 		key_file_data = this_version_key_file.store_to_string();
 	}
-	for (std::vector<std::pair<std::string, bool> >::const_iterator collab(collab_keys.begin()); collab != collab_keys.end(); ++collab) {
+	for (std::vector<std::string>::const_iterator collab(collab_keys.begin()); collab != collab_keys.end(); ++collab) {
 		const std::string&	fingerprint(collab->first);
 		const bool		key_is_trusted(collab->second);
 		std::ostringstream	path_builder;
-		path_builder << keys_path << '/' << (key_name ? key_name : "default") << '/' << key.version << '/' << fingerprint << ".gpg";
+		path_builder << keys_path << '/' << (key_name ? key_name : "default") << '/' << key.version << '/' << *collab << ".gpg";
 		std::string		path(path_builder.str());
 		if (access(path.c_str(), F_OK) == 0) {
@@ -697,7 +482,7 @@ static void encrypt_repo_key (const char* key_name, const Key_file::Entry& key,
 		}
 		mkdir_parent(path);
-		gpg_encrypt_to_file(path, fingerprint, key_is_trusted, key_file_data.data(), key_file_data.size());
+		gpg_encrypt_to_file(path, *collab, key_file_data.data(), key_file_data.size());
 		new_files->push_back(path);
 	}
 }
@@ -1028,7 +813,12 @@ int unlock (int argc, const char** argv)
 		return 1;
 	}
-	// 2. Load the key(s)
+	// 2. Determine the path to the top of the repository.  We pass this as the argument
 	// to 'git checkout' below. (Determine the path now so in case it fails we haven't already
 	// mucked with the git config.)
 	std::string		path_to_top(get_path_to_top());
 	// 3. Load the key(s)
 	std::vector<Key_file>	key_files;
 	if (argc > 0) {
 		// Read from the symmetric key file(s)
@@ -1076,7 +866,7 @@ int unlock (int argc, const char** argv)
 	}
-	// 3. Install the key(s) and configure the git filters
+	// 4. Install the key(s) and configure the git filters
 	std::vector<std::string>	encrypted_files;
 	for (std::vector<Key_file>::iterator key_file(key_files.begin()); key_file != key_files.end(); ++key_file) {
 		std::string		internal_key_path(get_internal_key_path(key_file->get_key_name()));
@@ -1091,7 +881,7 @@ int unlock (int argc, const char** argv)
 		get_encrypted_files(encrypted_files, key_file->get_key_name());
 	}
-	// 4. Check out the files that are currently encrypted.
+	// 5. Check out the files that are currently encrypted.
 	// Git won't check out a file if its mtime hasn't changed, so touch every file first.
 	for (std::vector<std::string>::const_iterator file(encrypted_files.begin()); file != encrypted_files.end(); ++file) {
 		touch_file(*file);
@@ -1110,23 +900,19 @@ void help_lock (std::ostream& out)
 	//     |--------------------------------------------------------------------------------| 80 chars
 	out << "Usage: git-crypt lock [OPTIONS]" << std::endl;
 	out << std::endl;
-	out << "    -a, --all                Lock all keys, instead of just the default" << std::endl;
+	out << "    -a, --all                   Lock all keys, instead of just the default" << std::endl;
-	out << "    -k, --key-name KEYNAME   Lock the given key, instead of the default" << std::endl;
+	out << "    -k, --key-name KEYNAME      Lock the given key, instead of the default" << std::endl;
 	out << "    -f, --force              Lock even if unclean (you may lose uncommited work)" << std::endl;
 	out << std::endl;
 }
 int lock (int argc, const char** argv)
 {
 	const char*	key_name = 0;
-	bool		all_keys = false;
+	bool all_keys = false;
 	bool		force = false;
 	Options_list	options;
 	options.push_back(Option_def("-k", &key_name));
 	options.push_back(Option_def("--key-name", &key_name));
 	options.push_back(Option_def("-a", &all_keys));
 	options.push_back(Option_def("--all", &all_keys));
 	options.push_back(Option_def("-f", &force));
 	options.push_back(Option_def("--force", &force));
 	int			argi = parse_options(options, argc, argv);
@@ -1150,30 +936,34 @@ int lock (int argc, const char** argv)
 	std::stringstream	status_output;
 	get_git_status(status_output);
-	if (!force && status_output.peek() != -1) {
+	if (status_output.peek() != -1) {
 		std::clog << "Error: Working directory not clean." << std::endl;
 		std::clog << "Please commit your changes or 'git stash' them before running 'git-crypt lock'." << std::endl;
 		std::clog << "Or, use 'git-crypt lock --force' and possibly lose uncommitted changes." << std::endl;
 		return 1;
 	}
-	// 2. deconfigure the git filters and remove decrypted keys
+	// 2. Determine the path to the top of the repository.  We pass this as the argument
 	// to 'git checkout' below. (Determine the path now so in case it fails we haven't already
 	// mucked with the git config.)
 	std::string		path_to_top(get_path_to_top());
 	// 3. unconfigure the git filters and remove decrypted keys
 	std::vector<std::string>	encrypted_files;
 	if (all_keys) {
-		// deconfigure for all keys
+		// unconfigure for all keys
 		std::vector<std::string> dirents = get_directory_contents(get_internal_keys_path().c_str());
 		for (std::vector<std::string>::const_iterator dirent(dirents.begin()); dirent != dirents.end(); ++dirent) {
 			const char* this_key_name = (*dirent == "default" ? 0 : dirent->c_str());
 			remove_file(get_internal_key_path(this_key_name));
-			deconfigure_git_filters(this_key_name);
+			unconfigure_git_filters(this_key_name);
 			get_encrypted_files(encrypted_files, this_key_name);
 		}
 	} else {
 		// just handle the given key
 		std::string	internal_key_path(get_internal_key_path(key_name));
 		if (access(internal_key_path.c_str(), F_OK) == -1 && errno == ENOENT) {
-			std::clog << "Error: this repository is already locked";
+			std::clog << "Error: this repository is not currently locked";
 			if (key_name) {
 				std::clog << " with key '" << key_name << "'";
 			}
@@ -1182,18 +972,18 @@ int lock (int argc, const char** argv)
 		}
 		remove_file(internal_key_path);
-		deconfigure_git_filters(key_name);
+		unconfigure_git_filters(key_name);
 		get_encrypted_files(encrypted_files, key_name);
 	}
-	// 3. Check out the files that are currently decrypted but should be encrypted.
+	// 4. Check out the files that are currently decrypted but should be encrypted.
 	// Git won't check out a file if its mtime hasn't changed, so touch every file first.
 	for (std::vector<std::string>::const_iterator file(encrypted_files.begin()); file != encrypted_files.end(); ++file) {
 		touch_file(*file);
 	}
 	if (!git_checkout(encrypted_files)) {
 		std::clog << "Error: 'git checkout' failed" << std::endl;
-		std::clog << "git-crypt has been locked up but existing decrypted files have not been encrypted" << std::endl;
+		std::clog << "git-crypt has been locked but up but existing decrypted files have not been encrypted" << std::endl;
 		return 1;
 	}
@@ -1207,20 +997,17 @@ void help_add_gpg_user (std::ostream& out)
 	out << std::endl;
 	out << "    -k, --key-name KEYNAME      Add GPG user to given key, instead of default" << std::endl;
 	out << "    -n, --no-commit             Don't automatically commit" << std::endl;
 	out << "    --trusted                   Assume the GPG user IDs are trusted" << std::endl;
 	out << std::endl;
 }
 int add_gpg_user (int argc, const char** argv)
 {
 	const char*		key_name = 0;
 	bool			no_commit = false;
 	bool			trusted = false;
 	Options_list		options;
 	options.push_back(Option_def("-k", &key_name));
 	options.push_back(Option_def("--key-name", &key_name));
 	options.push_back(Option_def("-n", &no_commit));
 	options.push_back(Option_def("--no-commit", &no_commit));
 	options.push_back(Option_def("--trusted", &trusted));
 	int			argi = parse_options(options, argc, argv);
 	if (argc - argi == 0) {
@@ -1229,8 +1016,8 @@ int add_gpg_user (int argc, const char** argv)
 		return 2;
 	}
-	// build a list of key fingerprints, and whether the key is trusted, for every collaborator specified on the command line
+	// build a list of key fingerprints for every collaborator specified on the command line
-	std::vector<std::pair<std::string, bool> >	collab_keys;
+	std::vector<std::string>	collab_keys;
 	for (int i = argi; i < argc; ++i) {
 		std::vector<std::string> keys(gpg_lookup_key(argv[i]));
@@ -1242,9 +1029,7 @@ int add_gpg_user (int argc, const char** argv)
 			std::clog << "Error: more than one public key matches '" << argv[i] << "' - please be more specific" << std::endl;
 			return 1;
 		}
-
+		collab_keys.push_back(keys[0]);
 		const bool is_full_fingerprint(std::strncmp(argv[i], "0x", 2) == 0 && std::strlen(argv[i]) == 42);
 		collab_keys.push_back(std::make_pair(keys[0], trusted || is_full_fingerprint));
 	}
 	// TODO: have a retroactive option to grant access to all key versions, not just the most recent
@@ -1265,11 +1050,7 @@ int add_gpg_user (int argc, const char** argv)
 	const std::string		state_gitattributes_path(state_path + "/.gitattributes");
 	if (access(state_gitattributes_path.c_str(), F_OK) != 0) {
 		std::ofstream		state_gitattributes_file(state_gitattributes_path.c_str());
 		//                          |--------------------------------------------------------------------------------| 80 chars
 		state_gitattributes_file << "# Do not edit this file.  To specify the files to encrypt, create your own\n";
 		state_gitattributes_file << "# .gitattributes file in the directory where your files are.\n";
 		state_gitattributes_file << "* !filter !diff\n";
 		state_gitattributes_file << "*.gpg binary\n";
 		state_gitattributes_file.close();
 		if (!state_gitattributes_file) {
 			std::clog << "Error: unable to write " << state_gitattributes_path << std::endl;
@@ -1296,9 +1077,8 @@ int add_gpg_user (int argc, const char** argv)
 			// TODO: include key_name in commit message
 			std::ostringstream	commit_message_builder;
 			commit_message_builder << "Add " << collab_keys.size() << " git-crypt collaborator" << (collab_keys.size() != 1 ? "s" : "") << "\n\nNew collaborators:\n\n";
-			for (std::vector<std::pair<std::string, bool> >::const_iterator collab(collab_keys.begin()); collab != collab_keys.end(); ++collab) {
+			for (std::vector<std::string>::const_iterator collab(collab_keys.begin()); collab != collab_keys.end(); ++collab) {
-				commit_message_builder << "    " << collab->first << '\n';
+				commit_message_builder << '\t' << gpg_shorten_fingerprint(*collab) << ' ' << gpg_get_uid(*collab) << '\n';
 				commit_message_builder << "        " << gpg_get_uid(collab->first) << '\n';
 			}
 			// git commit -m MESSAGE NEW_FILE ...
@@ -1618,9 +1398,6 @@ int status (int argc, const char** argv)
 			std::string	mode;
 			std::string	stage;
 			output >> mode >> object_id >> stage;
 			if (!is_git_file_mode(mode)) {
 				continue;
 			}
 		}
 		output >> std::ws;
 		std::getline(output, filename, '\0');
--- a/commands.hpp
+++ b/commands.hpp
@@ -70,7 +70,4 @@ void help_migrate_key (std::ostream&);
 void help_refresh (std::ostream&);
 void help_status (std::ostream&);
 // other
 std::string get_git_config (const std::string& name);
 #endif
--- a/coprocess-unix.cpp
+++ b/coprocess-unix.cpp
@@ -1,186 +0,0 @@
 /*
 * Copyright 2015 Andrew Ayer
 *
 * This file is part of git-crypt.
 *
 * git-crypt is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * git-crypt is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
 *
 * Additional permission under GNU GPL version 3 section 7:
 *
 * If you modify the Program, or any covered work, by linking or
 * combining it with the OpenSSL project's OpenSSL library (or a
 * modified version of that library), containing parts covered by the
 * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 * grant you additional permission to convey the resulting work.
 * Corresponding Source for a non-source form of such a combination
 * shall include the source code for the parts of OpenSSL used as well
 * as that of the covered work.
 */
 #include "coprocess.hpp"
 #include "util.hpp"
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <errno.h>
 static int execvp (const std::string& file, const std::vector<std::string>& args)
 {
 	std::vector<const char*>	args_c_str;
 	args_c_str.reserve(args.size());
 	for (std::vector<std::string>::const_iterator arg(args.begin()); arg != args.end(); ++arg) {
 		args_c_str.push_back(arg->c_str());
 	}
 	args_c_str.push_back(nullptr);
 	return execvp(file.c_str(), const_cast<char**>(&args_c_str[0]));
 }
 Coprocess::Coprocess ()
 {
 	pid = -1;
 	stdin_pipe_reader = -1;
 	stdin_pipe_writer = -1;
 	stdin_pipe_ostream = nullptr;
 	stdout_pipe_reader = -1;
 	stdout_pipe_writer = -1;
 	stdout_pipe_istream = nullptr;
 }
 Coprocess::~Coprocess ()
 {
 	close_stdin();
 	close_stdout();
 }
 std::ostream*	Coprocess::stdin_pipe ()
 {
 	if (!stdin_pipe_ostream) {
 		int	fds[2];
 		if (pipe(fds) == -1) {
 			throw System_error("pipe", "", errno);
 		}
 		stdin_pipe_reader = fds[0];
 		stdin_pipe_writer = fds[1];
 		stdin_pipe_ostream = new ofhstream(this, write_stdin);
 	}
 	return stdin_pipe_ostream;
 }
 void		Coprocess::close_stdin ()
 {
 	delete stdin_pipe_ostream;
 	stdin_pipe_ostream = nullptr;
 	if (stdin_pipe_writer != -1) {
 		close(stdin_pipe_writer);
 		stdin_pipe_writer = -1;
 	}
 	if (stdin_pipe_reader != -1) {
 		close(stdin_pipe_reader);
 		stdin_pipe_reader = -1;
 	}
 }
 std::istream*	Coprocess::stdout_pipe ()
 {
 	if (!stdout_pipe_istream) {
 		int	fds[2];
 		if (pipe(fds) == -1) {
 			throw System_error("pipe", "", errno);
 		}
 		stdout_pipe_reader = fds[0];
 		stdout_pipe_writer = fds[1];
 		stdout_pipe_istream = new ifhstream(this, read_stdout);
 	}
 	return stdout_pipe_istream;
 }
 void		Coprocess::close_stdout ()
 {
 	delete stdout_pipe_istream;
 	stdout_pipe_istream = nullptr;
 	if (stdout_pipe_writer != -1) {
 		close(stdout_pipe_writer);
 		stdout_pipe_writer = -1;
 	}
 	if (stdout_pipe_reader != -1) {
 		close(stdout_pipe_reader);
 		stdout_pipe_reader = -1;
 	}
 }
 void		Coprocess::spawn (const std::vector<std::string>& args)
 {
 	pid = fork();
 	if (pid == -1) {
 		throw System_error("fork", "", errno);
 	}
 	if (pid == 0) {
 		if (stdin_pipe_writer != -1) {
 			close(stdin_pipe_writer);
 		}
 		if (stdout_pipe_reader != -1) {
 			close(stdout_pipe_reader);
 		}
 		if (stdin_pipe_reader != -1) {
 			dup2(stdin_pipe_reader, 0);
 			close(stdin_pipe_reader);
 		}
 		if (stdout_pipe_writer != -1) {
 			dup2(stdout_pipe_writer, 1);
 			close(stdout_pipe_writer);
 		}
 		execvp(args[0], args);
 		perror(args[0].c_str());
 		_exit(-1);
 	}
 	if (stdin_pipe_reader != -1) {
 		close(stdin_pipe_reader);
 		stdin_pipe_reader = -1;
 	}
 	if (stdout_pipe_writer != -1) {
 		close(stdout_pipe_writer);
 		stdout_pipe_writer = -1;
 	}
 }
 int		Coprocess::wait ()
 {
 	int		status = 0;
 	if (waitpid(pid, &status, 0) == -1) {
 		throw System_error("waitpid", "", errno);
 	}
 	return status;
 }
 size_t		Coprocess::write_stdin (void* handle, const void* buf, size_t count)
 {
 	const int	fd = static_cast<Coprocess*>(handle)->stdin_pipe_writer;
 	ssize_t		ret;
 	while ((ret = write(fd, buf, count)) == -1 && errno == EINTR); // restart if interrupted
 	if (ret < 0) {
 		throw System_error("write", "", errno);
 	}
 	return ret;
 }
 size_t		Coprocess::read_stdout (void* handle, void* buf, size_t count)
 {
 	const int	fd = static_cast<Coprocess*>(handle)->stdout_pipe_reader;
 	ssize_t		ret;
 	while ((ret = read(fd, buf, count)) == -1 && errno == EINTR); // restart if interrupted
 	if (ret < 0) {
 		throw System_error("read", "", errno);
 	}
 	return ret;
 }
--- a/coprocess-unix.hpp
+++ b/coprocess-unix.hpp
@@ -1,68 +0,0 @@
 /*
 * Copyright 2015 Andrew Ayer
 *
 * This file is part of git-crypt.
 *
 * git-crypt is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * git-crypt is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
 *
 * Additional permission under GNU GPL version 3 section 7:
 *
 * If you modify the Program, or any covered work, by linking or
 * combining it with the OpenSSL project's OpenSSL library (or a
 * modified version of that library), containing parts covered by the
 * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 * grant you additional permission to convey the resulting work.
 * Corresponding Source for a non-source form of such a combination
 * shall include the source code for the parts of OpenSSL used as well
 * as that of the covered work.
 */
 #ifndef GIT_CRYPT_COPROCESS_HPP
 #define GIT_CRYPT_COPROCESS_HPP
 #include "fhstream.hpp"
 #include <unistd.h>
 #include <vector>
 class Coprocess {
 	pid_t		pid;
 	int		stdin_pipe_reader;
 	int		stdin_pipe_writer;
 	ofhstream*	stdin_pipe_ostream;
 	static size_t	write_stdin (void*, const void*, size_t);
 	int		stdout_pipe_reader;
 	int		stdout_pipe_writer;
 	ifhstream*	stdout_pipe_istream;
 	static size_t	read_stdout (void*, void*, size_t);
 			Coprocess (const Coprocess&);	// Disallow copy
 	Coprocess&	operator= (const Coprocess&);	// Disallow assignment
 public:
 			Coprocess ();
 			~Coprocess ();
 	std::ostream*	stdin_pipe ();
 	void		close_stdin ();
 	std::istream*	stdout_pipe ();
 	void		close_stdout ();
 	void		spawn (const std::vector<std::string>&);
 	int		wait ();
 };
 #endif
--- a/coprocess-win32.cpp
+++ b/coprocess-win32.cpp
@@ -1,269 +0,0 @@
 /*
 * Copyright 2015 Andrew Ayer
 *
 * This file is part of git-crypt.
 *
 * git-crypt is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * git-crypt is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
 *
 * Additional permission under GNU GPL version 3 section 7:
 *
 * If you modify the Program, or any covered work, by linking or
 * combining it with the OpenSSL project's OpenSSL library (or a
 * modified version of that library), containing parts covered by the
 * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 * grant you additional permission to convey the resulting work.
 * Corresponding Source for a non-source form of such a combination
 * shall include the source code for the parts of OpenSSL used as well
 * as that of the covered work.
 */
 #include "coprocess-win32.hpp"
 #include "util.hpp"
 static void escape_cmdline_argument (std::string& cmdline, const std::string& arg)
 {
 	// For an explanation of Win32's arcane argument quoting rules, see:
 	//  http://msdn.microsoft.com/en-us/library/17w5ykft%28v=vs.85%29.aspx
 	//  http://msdn.microsoft.com/en-us/library/bb776391%28v=vs.85%29.aspx
 	//  http://blogs.msdn.com/b/twistylittlepassagesallalike/archive/2011/04/23/everyone-quotes-arguments-the-wrong-way.aspx
 	//  http://blogs.msdn.com/b/oldnewthing/archive/2010/09/17/10063629.aspx
 	cmdline.push_back('"');
 	std::string::const_iterator	p(arg.begin());
 	while (p != arg.end()) {
 		if (*p == '"') {
 			cmdline.push_back('\\');
 			cmdline.push_back('"');
 			++p;
 		} else if (*p == '\\') {
 			unsigned int	num_backslashes = 0;
 			while (p != arg.end() && *p == '\\') {
 				++num_backslashes;
 				++p;
 			}
 			if (p == arg.end() || *p == '"') {
 				// Backslashes need to be escaped
 				num_backslashes *= 2;
 			}
 			while (num_backslashes--) {
 				cmdline.push_back('\\');
 			}
 		} else {
 			cmdline.push_back(*p++);
 		}
 	}
 	cmdline.push_back('"');
 }
 static std::string format_cmdline (const std::vector<std::string>& command)
 {
 	std::string		cmdline;
 	for (std::vector<std::string>::const_iterator arg(command.begin()); arg != command.end(); ++arg) {
 		if (arg != command.begin()) {
 			cmdline.push_back(' ');
 		}
 		escape_cmdline_argument(cmdline, *arg);
 	}
 	return cmdline;
 }
 static HANDLE spawn_command (const std::vector<std::string>& command, HANDLE stdin_handle, HANDLE stdout_handle, HANDLE stderr_handle)
 {
 	PROCESS_INFORMATION	proc_info;
 	ZeroMemory(&proc_info, sizeof(proc_info));
 	STARTUPINFO		start_info;
 	ZeroMemory(&start_info, sizeof(start_info));
 	start_info.cb = sizeof(STARTUPINFO);
 	start_info.hStdInput = stdin_handle ? stdin_handle : GetStdHandle(STD_INPUT_HANDLE);
 	start_info.hStdOutput = stdout_handle ? stdout_handle : GetStdHandle(STD_OUTPUT_HANDLE);
 	start_info.hStdError = stderr_handle ? stderr_handle : GetStdHandle(STD_ERROR_HANDLE);
 	start_info.dwFlags |= STARTF_USESTDHANDLES;
 	std::string		cmdline(format_cmdline(command));
 	if (!CreateProcessA(nullptr,		// application name (nullptr to use command line)
 				const_cast<char*>(cmdline.c_str()),
 				nullptr,	// process security attributes
 				nullptr,	// primary thread security attributes
 				TRUE,		// handles are inherited
 				0,		// creation flags
 				nullptr,	// use parent's environment
 				nullptr,	// use parent's current directory
 				&start_info,
 				&proc_info)) {
 		throw System_error("CreateProcess", cmdline, GetLastError());
 	}
 	CloseHandle(proc_info.hThread);
 	return proc_info.hProcess;
 }
 Coprocess::Coprocess ()
 {
 	proc_handle = nullptr;
 	stdin_pipe_reader = nullptr;
 	stdin_pipe_writer = nullptr;
 	stdin_pipe_ostream = nullptr;
 	stdout_pipe_reader = nullptr;
 	stdout_pipe_writer = nullptr;
 	stdout_pipe_istream = nullptr;
 }
 Coprocess::~Coprocess ()
 {
 	close_stdin();
 	close_stdout();
 	if (proc_handle) {
 		CloseHandle(proc_handle);
 	}
 }
 std::ostream*	Coprocess::stdin_pipe ()
 {
 	if (!stdin_pipe_ostream) {
 		SECURITY_ATTRIBUTES	sec_attr;
 		// Set the bInheritHandle flag so pipe handles are inherited.
 		sec_attr.nLength = sizeof(SECURITY_ATTRIBUTES);
 		sec_attr.bInheritHandle = TRUE;
 		sec_attr.lpSecurityDescriptor = nullptr;
 		// Create a pipe for the child process's STDIN.
 		if (!CreatePipe(&stdin_pipe_reader, &stdin_pipe_writer, &sec_attr, 0)) {
 			throw System_error("CreatePipe", "", GetLastError());
 		}
 		// Ensure the write handle to the pipe for STDIN is not inherited.
 		if (!SetHandleInformation(stdin_pipe_writer, HANDLE_FLAG_INHERIT, 0)) {
 			throw System_error("SetHandleInformation", "", GetLastError());
 		}
 		stdin_pipe_ostream = new ofhstream(this, write_stdin);
 	}
 	return stdin_pipe_ostream;
 }
 void		Coprocess::close_stdin ()
 {
 	delete stdin_pipe_ostream;
 	stdin_pipe_ostream = nullptr;
 	if (stdin_pipe_writer) {
 		CloseHandle(stdin_pipe_writer);
 		stdin_pipe_writer = nullptr;
 	}
 	if (stdin_pipe_reader) {
 		CloseHandle(stdin_pipe_reader);
 		stdin_pipe_reader = nullptr;
 	}
 }
 std::istream*	Coprocess::stdout_pipe ()
 {
 	if (!stdout_pipe_istream) {
 		SECURITY_ATTRIBUTES	sec_attr;
 		// Set the bInheritHandle flag so pipe handles are inherited.
 		sec_attr.nLength = sizeof(SECURITY_ATTRIBUTES);
 		sec_attr.bInheritHandle = TRUE;
 		sec_attr.lpSecurityDescriptor = nullptr;
 		// Create a pipe for the child process's STDOUT.
 		if (!CreatePipe(&stdout_pipe_reader, &stdout_pipe_writer, &sec_attr, 0)) {
 			throw System_error("CreatePipe", "", GetLastError());
 		}
 		// Ensure the read handle to the pipe for STDOUT is not inherited.
 		if (!SetHandleInformation(stdout_pipe_reader, HANDLE_FLAG_INHERIT, 0)) {
 			throw System_error("SetHandleInformation", "", GetLastError());
 		}
 		stdout_pipe_istream = new ifhstream(this, read_stdout);
 	}
 	return stdout_pipe_istream;
 }
 void		Coprocess::close_stdout ()
 {
 	delete stdout_pipe_istream;
 	stdout_pipe_istream = nullptr;
 	if (stdout_pipe_writer) {
 		CloseHandle(stdout_pipe_writer);
 		stdout_pipe_writer = nullptr;
 	}
 	if (stdout_pipe_reader) {
 		CloseHandle(stdout_pipe_reader);
 		stdout_pipe_reader = nullptr;
 	}
 }
 void		Coprocess::spawn (const std::vector<std::string>& args)
 {
 	proc_handle = spawn_command(args, stdin_pipe_reader, stdout_pipe_writer, nullptr);
 	if (stdin_pipe_reader) {
 		CloseHandle(stdin_pipe_reader);
 		stdin_pipe_reader = nullptr;
 	}
 	if (stdout_pipe_writer) {
 		CloseHandle(stdout_pipe_writer);
 		stdout_pipe_writer = nullptr;
 	}
 }
 int		Coprocess::wait ()
 {
 	if (WaitForSingleObject(proc_handle, INFINITE) == WAIT_FAILED) {
 		throw System_error("WaitForSingleObject", "", GetLastError());
 	}
 	DWORD			exit_code;
 	if (!GetExitCodeProcess(proc_handle, &exit_code)) {
 		throw System_error("GetExitCodeProcess", "", GetLastError());
 	}
 	return exit_code;
 }
 size_t		Coprocess::write_stdin (void* handle, const void* buf, size_t count)
 {
 	DWORD		bytes_written;
 	if (!WriteFile(static_cast<Coprocess*>(handle)->stdin_pipe_writer, buf, count, &bytes_written, nullptr)) {
 		throw System_error("WriteFile", "", GetLastError());
 	}
 	return bytes_written;
 }
 size_t		Coprocess::read_stdout (void* handle, void* buf, size_t count)
 {
 	// Note that ReadFile on a pipe may return with bytes_read==0 if the other
 	// end of the pipe writes zero bytes, so retry when this happens.
 	// When the other end of the pipe actually closes, ReadFile
 	// fails with ERROR_BROKEN_PIPE.
 	DWORD bytes_read;
 	do {
 		if (!ReadFile(static_cast<Coprocess*>(handle)->stdout_pipe_reader, buf, count, &bytes_read, nullptr)) {
 			const DWORD	read_error = GetLastError();
 			if (read_error != ERROR_BROKEN_PIPE) {
 				throw System_error("ReadFile", "", read_error);
 			}
 			return 0;
 		}
 	} while (bytes_read == 0);
 	return bytes_read;
 }
--- a/coprocess-win32.hpp
+++ b/coprocess-win32.hpp
@@ -1,68 +0,0 @@
 /*
 * Copyright 2015 Andrew Ayer
 *
 * This file is part of git-crypt.
 *
 * git-crypt is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * git-crypt is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
 *
 * Additional permission under GNU GPL version 3 section 7:
 *
 * If you modify the Program, or any covered work, by linking or
 * combining it with the OpenSSL project's OpenSSL library (or a
 * modified version of that library), containing parts covered by the
 * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 * grant you additional permission to convey the resulting work.
 * Corresponding Source for a non-source form of such a combination
 * shall include the source code for the parts of OpenSSL used as well
 * as that of the covered work.
 */
 #ifndef GIT_CRYPT_COPROCESS_HPP
 #define GIT_CRYPT_COPROCESS_HPP
 #include "fhstream.hpp"
 #include <windows.h>
 #include <vector>
 class Coprocess {
 	HANDLE		proc_handle;
 	HANDLE		stdin_pipe_reader;
 	HANDLE		stdin_pipe_writer;
 	ofhstream*	stdin_pipe_ostream;
 	static size_t	write_stdin (void*, const void*, size_t);
 	HANDLE		stdout_pipe_reader;
 	HANDLE		stdout_pipe_writer;
 	ifhstream*	stdout_pipe_istream;
 	static size_t	read_stdout (void*, void*, size_t);
 			Coprocess (const Coprocess&);	// Disallow copy
 	Coprocess&	operator= (const Coprocess&);	// Disallow assignment
 public:
 			Coprocess ();
 			~Coprocess ();
 	std::ostream*	stdin_pipe ();
 	void		close_stdin ();
 	std::istream*	stdout_pipe ();
 	void		close_stdout ();
 	void		spawn (const std::vector<std::string>&);
 	int		wait ();
 };
 #endif
--- a/coprocess.cpp
+++ b/coprocess.cpp
@@ -1,5 +0,0 @@
 #ifdef _WIN32
 #include "coprocess-win32.cpp"
 #else
 #include "coprocess-unix.cpp"
 #endif
--- a/coprocess.hpp
+++ b/coprocess.hpp
@@ -1,5 +0,0 @@
 #ifdef _WIN32
 #include "coprocess-win32.hpp"
 #else
 #include "coprocess-unix.hpp"
 #endif
--- a/crypto-openssl-11.cpp
+++ b/crypto-openssl-11.cpp
@@ -59,8 +59,8 @@ Aes_ecb_encryptor::Aes_ecb_encryptor (const unsigned char* raw_key)
 Aes_ecb_encryptor::~Aes_ecb_encryptor ()
 {
-	// Note: Explicit destructor necessary because class contains an unique_ptr
+	// Note: Explicit destructor necessary because class contains an auto_ptr
-	// which contains an incomplete type when the unique_ptr is declared.
+	// which contains an incomplete type when the auto_ptr is declared.
 	explicit_memset(&impl->key, '\0', sizeof(impl->key));
 }
@@ -71,31 +71,32 @@ void Aes_ecb_encryptor::encrypt(const unsigned char* plain, unsigned char* ciphe
 }
 struct Hmac_sha1_state::Hmac_impl {
-	HMAC_CTX *ctx;
+	HMAC_CTX ctx;
 };
 Hmac_sha1_state::Hmac_sha1_state (const unsigned char* key, size_t key_len)
 : impl(new Hmac_impl)
 {
-
+	HMAC_Init(&(impl->ctx), key, key_len, EVP_sha1());
 	impl->ctx = HMAC_CTX_new();
 	HMAC_Init_ex(impl->ctx, key, key_len, EVP_sha1(), nullptr);
 }
 Hmac_sha1_state::~Hmac_sha1_state ()
 {
-	HMAC_CTX_free(impl->ctx);
+	// Note: Explicit destructor necessary because class contains an auto_ptr
 	// which contains an incomplete type when the auto_ptr is declared.
 	HMAC_cleanup(&(impl->ctx));
 }
 void Hmac_sha1_state::add (const unsigned char* buffer, size_t buffer_len)
 {
-	HMAC_Update(impl->ctx, buffer, buffer_len);
+	HMAC_Update(&(impl->ctx), buffer, buffer_len);
 }
 void Hmac_sha1_state::get (unsigned char* digest)
 {
 	unsigned int len;
-	HMAC_Final(impl->ctx, digest, &len);
+	HMAC_Final(&(impl->ctx), digest, &len);
 }
@@ -111,3 +112,4 @@ void random_bytes (unsigned char* buffer, size_t len)
 		throw Crypto_error("random_bytes", message.str());
 	}
 }
--- a/crypto.hpp
+++ b/crypto.hpp
@@ -57,7 +57,7 @@ public:
 private:
 	struct Aes_impl;
-	std::unique_ptr<Aes_impl>	impl;
+	std::auto_ptr<Aes_impl>	impl;
 public:
 	Aes_ecb_encryptor (const unsigned char* key);
@@ -102,7 +102,7 @@ public:
 private:
 	struct Hmac_impl;
-	std::unique_ptr<Hmac_impl>	impl;
+	std::auto_ptr<Hmac_impl>	impl;
 public:
 	Hmac_sha1_state (const unsigned char* key, size_t key_len);
--- a/debian/changelog
+++ b/debian/changelog
@@ -0,0 +1,12 @@
 git-crypt (0.4.2-1~agwa1) unstable; urgency=low
  * New upstream release.
  * Various packaging improvements.
 -- Andrew Ayer <agwa@andrewayer.name>  Sat, 31 Jan 2015 19:43:06 -0800
 git-crypt (0.3-1) unstable; urgency=low
  * Initial release.
 -- Andrew Ayer <agwa@andrewayer.name>  Sat, 29 Mar 2014 12:38:14 -0700
--- a/debian/compat
+++ b/debian/compat
@@ -0,0 +1 @@
 9
--- a/debian/control
+++ b/debian/control
@@ -0,0 +1,24 @@
 Source: git-crypt
 Maintainer: Andrew Ayer <agwa@andrewayer.name>
 Section: vcs
 Priority: optional
 Standards-Version: 3.9.4
 Build-Depends: debhelper (>= 9), libssl-dev
 Vcs-Git: https://www.agwa.name/git/git-crypt.git -b debian
 Homepage: https://www.agwa.name/projects/git-crypt
 Package: git-crypt
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}, git (>= 1.7.2)
 Recommends: gnupg
 Enhances: git
 Description: Transparent file encryption in git
 git-crypt enables transparent encryption and decryption of files in a
 git repository.  Files which you choose to protect are encrypted when
 committed, and decrypted when checked out.  git-crypt lets you freely
 share a repository containing a mix of public and private content.
 git-crypt gracefully degrades, so developers without the secret key
 can still clone and commit to a repository with encrypted files.
 This lets you store your secret material (such as keys or passwords)
 in the same repository as your code, without requiring you to lock down
 your entire repository.
--- a/debian/copyright
+++ b/debian/copyright
@@ -0,0 +1,34 @@
 Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: git-crypt
 Source: https://www.agwa.name/projects/git-crypt
 Files: *
 Copyright: Copyright 2014 Andrew Ayer <agwa@andrewayer.name>
 License: GPL-3+ with OpenSSL exception
 git-crypt is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.
 .
 git-crypt is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.
 .
 You should have received a copy of the GNU General Public License
 along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
 .
 On Debian systems, the full text of the GNU General Public
 License version 3 can be found in the file
 `/usr/share/common-licenses/GPL-3'.
 .
 Additional permission under GNU GPL version 3 section 7:
 .
 If you modify the Program, or any covered work, by linking or
 combining it with the OpenSSL project's OpenSSL library (or a
 modified version of that library), containing parts covered by the
 terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 grant you additional permission to convey the resulting work.
 Corresponding Source for a non-source form of such a combination
 shall include the source code for the parts of OpenSSL used as well
 as that of the covered work.
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -0,0 +1,5 @@
 [DEFAULT]
 pristine-tar = True
 pristine-tar-commit = True
 debian-branch = debian
 upstream-tag = %(version)s
--- a/debian/git-crypt.docs
+++ b/debian/git-crypt.docs
@@ -0,0 +1,8 @@
 CONTRIBUTING.md
 NEWS
 NEWS.md
 README
 README.md
 RELEASE_NOTES-0.4.1.md
 RELEASE_NOTES-0.4.md
 THANKS.md
--- a/debian/git-crypt.install
+++ b/debian/git-crypt.install
@@ -0,0 +1 @@
 git-crypt usr/bin
--- a/debian/rules
+++ b/debian/rules
@@ -0,0 +1,6 @@
 #!/usr/bin/make -f
 %:
 	dh  $@
 override_dh_auto_install:
--- a/debian/source/format
+++ b/debian/source/format
@@ -0,0 +1 @@
 3.0 (quilt)
--- a/debian/source/options
+++ b/debian/source/options
@@ -0,0 +1 @@
 single-debian-patch
--- a/debian/source/patch-header
+++ b/debian/source/patch-header
@@ -0,0 +1,17 @@
 Subject: Collected Debian patches for git-crypt
 Author: Andrew Ayer <agwa@andrewayer.name>
 Since I am also upstream for this package, there will normally not be
 any patches to apply to the upstream source.  However, occasionally
 I'll pull up specific upstream commits prior to making an upstream
 release.  When this happens, this patch will collect all of those
 modifications.
 I use Git to maintain both the upstream source and the Debian
 packages, and generating individual patches rather than using git
 cherry-pick takes extra work for no gain.  Since I'm also upstream,
 there's no need to separate the patches for later upstream submission.
 Hence, I take this approach with a unified patch when it's necessary.
 For full commit history and separated commits, see the upstream Git
 repository.
--- a/fhstream.cpp
+++ b/fhstream.cpp
@@ -1,227 +0,0 @@
 /*
 * Copyright (C) 2012, 2015 Andrew Ayer
 *
 * Permission is hereby granted, free of charge, to any person obtaining a
 * copy of this software and associated documentation files (the "Software"),
 * to deal in the Software without restriction, including without limitation
 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
 * and/or sell copies of the Software, and to permit persons to whom the
 * Software is furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included
 * in all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 *
 * Except as contained in this notice, the name(s) of the above copyright
 * holders shall not be used in advertising or otherwise to promote the
 * sale, use or other dealings in this Software without prior written
 * authorization.
 */
 #include <cstring>
 #include <algorithm> // for std::min
 #include "fhstream.hpp"
 /*
 * ofhstream
 */
 ofhbuf::ofhbuf (void* arg_handle, size_t (*arg_write_fun)(void*, const void*, size_t))
 : handle(arg_handle),
  write_fun(arg_write_fun),
  buffer(new char[default_buffer_size]),
  buffer_size(default_buffer_size)
 {
 	reset_buffer();
 }
 ofhbuf::~ofhbuf ()
 {
 	if (handle) {
 		try {
 			sync();
 		} catch (...) {
 			// Ignore exception since we're in the destructor.
 			// To catch write errors, call sync() explicitly.
 		}
 	}
 	delete[] buffer;
 }
 ofhbuf::int_type	ofhbuf::overflow (ofhbuf::int_type c)
 {
 	const char*	p = pbase();
 	std::streamsize	bytes_to_write = pptr() - p;
 	if (!is_eof(c)) {
 	      *pptr() = c;
 	      ++bytes_to_write;
 	}
 	while (bytes_to_write > 0) {
 		const size_t	bytes_written = write_fun(handle, p, bytes_to_write);
 		bytes_to_write -= bytes_written;
 		p += bytes_written;
 	}
 	reset_buffer();
 	return traits_type::to_int_type(0);
 }
 int		ofhbuf::sync ()
 {
 	return !is_eof(overflow(traits_type::eof())) ? 0 : -1;
 }
 std::streamsize	ofhbuf::xsputn (const char* s, std::streamsize n)
 {
 	// Use heuristic to decide whether to write directly or just use buffer
 	// Write directly only if n >= MIN(4096, available buffer capacity)
 	// (this is similar to what basic_filebuf does)
 	if (n < std::min<std::streamsize>(4096, epptr() - pptr())) {
 		// Not worth it to do a direct write
 		return std::streambuf::xsputn(s, n);
 	}
 	// Before we can do a direct write of this string, we need to flush
 	// out the current contents of the buffer.
 	if (pbase() != pptr()) {
 		overflow(traits_type::eof()); // throws an exception or it succeeds
 	}
 	// Now we can go ahead and write out the string.
 	size_t		bytes_to_write = n;
 	while (bytes_to_write > 0) {
 		const size_t	bytes_written = write_fun(handle, s, bytes_to_write);
 		bytes_to_write -= bytes_written;
 		s += bytes_written;
 	}
 	return n; // Return the total bytes written
 }
 std::streambuf*	ofhbuf::setbuf (char* s, std::streamsize n)
 {
 	if (s == 0 && n == 0) {
 		// Switch to unbuffered
 		// This won't take effect until the next overflow or sync
 		// (We defer it taking effect so that write errors can be properly reported)
 		// To cause it to take effect as soon as possible, we artificially reduce the
 		// size of the buffer so it has no space left.  This will trigger an overflow
 		// on the next put.
 		std::streambuf::setp(pbase(), pptr());
 		std::streambuf::pbump(pptr() - pbase());
 		buffer_size = 1;
 	}
 	return this;
 }
 /*
 * ifhstream
 */
 ifhbuf::ifhbuf (void* arg_handle, size_t (*arg_read_fun)(void*, void*, size_t))
 : handle(arg_handle),
  read_fun(arg_read_fun),
  buffer(new char[default_buffer_size + putback_size]),
  buffer_size(default_buffer_size)
 {
 	reset_buffer(0, 0);
 }
 ifhbuf::~ifhbuf ()
 {
 	delete[] buffer;
 }
 ifhbuf::int_type	ifhbuf::underflow ()
 {
 	if (gptr() >= egptr()) { // A true underflow (no bytes in buffer left to read)
 		// Move the putback_size most-recently-read characters into the putback area
 		size_t		nputback = std::min<size_t>(gptr() - eback(), putback_size);
 		std::memmove(buffer + (putback_size - nputback), gptr() - nputback, nputback);
 		// Now read new characters from the file descriptor
 		const size_t	nread = read_fun(handle, buffer + putback_size, buffer_size);
 		if (nread == 0) {
 			// EOF
 			return traits_type::eof();
 		}
 		// Reset the buffer
 		reset_buffer(nputback, nread);
 	}
 	// Return the next character
 	return traits_type::to_int_type(*gptr());
 }
 std::streamsize	ifhbuf::xsgetn (char* s, std::streamsize n)
 {
 	// Use heuristic to decide whether to read directly
 	// Read directly only if n >= bytes_available + 4096
 	std::streamsize	bytes_available = egptr() - gptr();
 	if (n < bytes_available + 4096) {
 		// Not worth it to do a direct read
 		return std::streambuf::xsgetn(s, n);
 	}
 	std::streamsize	total_bytes_read = 0;
 	// First, copy out the bytes currently in the buffer
 	std::memcpy(s, gptr(), bytes_available);
 	s += bytes_available;
 	n -= bytes_available;
 	total_bytes_read += bytes_available;
 	// Now do the direct read
 	while (n > 0) {
 		const size_t	bytes_read = read_fun(handle, s, n);
 		if (bytes_read == 0) {
 			// EOF
 			break;
 		}
 		s += bytes_read;
 		n -= bytes_read;
 		total_bytes_read += bytes_read;
 	}
 	// Fill up the putback area with the most recently read characters
 	size_t		nputback = std::min<size_t>(total_bytes_read, putback_size);
 	std::memcpy(buffer + (putback_size - nputback), s - nputback, nputback);
 	// Reset the buffer with no bytes available for reading, but with some putback characters
 	reset_buffer(nputback, 0);
 	// Return the total number of bytes read
 	return total_bytes_read;
 }
 std::streambuf*	ifhbuf::setbuf (char* s, std::streamsize n)
 {
 	if (s == 0 && n == 0) {
 		// Switch to unbuffered
 		// This won't take effect until the next underflow (we don't want to
 		// lose what's currently in the buffer!)
 		buffer_size = 1;
 	}
 	return this;
 }
--- a/fhstream.hpp
+++ b/fhstream.hpp
@@ -1,134 +0,0 @@
 /*
 * Copyright (C) 2012, 2015 Andrew Ayer
 *
 * Permission is hereby granted, free of charge, to any person obtaining a
 * copy of this software and associated documentation files (the "Software"),
 * to deal in the Software without restriction, including without limitation
 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
 * and/or sell copies of the Software, and to permit persons to whom the
 * Software is furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included
 * in all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 *
 * Except as contained in this notice, the name(s) of the above copyright
 * holders shall not be used in advertising or otherwise to promote the
 * sale, use or other dealings in this Software without prior written
 * authorization.
 */
 #ifndef GIT_CRYPT_FHSTREAM_HPP
 #define GIT_CRYPT_FHSTREAM_HPP
 #include <ostream>
 #include <istream>
 #include <streambuf>
 /*
 * ofhstream
 */
 class ofhbuf : public std::streambuf {
 	enum { default_buffer_size = 8192 };
 	void*			handle;
 	size_t			(*write_fun)(void*, const void*, size_t);
 	char*			buffer;
 	size_t			buffer_size;
 	inline void reset_buffer ()
 	{
 		std::streambuf::setp(buffer, buffer + buffer_size - 1);
 	}
 	static inline bool is_eof (int_type ch) { return traits_type::eq_int_type(ch, traits_type::eof()); }
 	// Disallow copy
 #if __cplusplus >= 201103L /* C++11 */
 	ofhbuf (const ofhbuf&) = delete;
 	ofhbuf& operator= (const ofhbuf&) = delete;
 #else
 	ofhbuf (const ofhbuf&);
 	ofhbuf& operator= (const ofhbuf&);
 #endif
 protected:
 	virtual int_type	overflow (int_type ch =traits_type::eof());
 	virtual int		sync ();
 	virtual std::streamsize	xsputn (const char*, std::streamsize);
 	virtual	std::streambuf*	setbuf (char*, std::streamsize);
 public:
 	ofhbuf (void*, size_t (*)(void*, const void*, size_t));
 	~ofhbuf (); // WARNING: calls sync() and ignores exceptions
 };
 class ofhstream : public std::ostream {
 	mutable ofhbuf	buf;
 public:
 	ofhstream (void* handle, size_t (*write_fun)(void*, const void*, size_t))
 	: std::ostream(0), buf(handle, write_fun)
 	{
 		std::ostream::rdbuf(&buf);
 	}
 	ofhbuf*	rdbuf () const { return &buf; }
 };
 /*
 * ifhstream
 */
 class ifhbuf : public std::streambuf {
 	enum {
 		default_buffer_size = 8192,
 		putback_size = 4
 	};
 	void*			handle;
 	size_t			(*read_fun)(void*, void*, size_t);
 	char*			buffer;
 	size_t			buffer_size;
 	inline void reset_buffer (size_t nputback, size_t nread)
 	{
 		std::streambuf::setg(buffer + (putback_size - nputback), buffer + putback_size, buffer + putback_size + nread);
 	}
 	// Disallow copy
 #if __cplusplus >= 201103L /* C++11 */
 	ifhbuf (const ifhbuf&) = delete;
 	ifhbuf& operator= (const ifhbuf&) = delete;
 #else
 	ifhbuf (const ifhbuf&);
 	ifhbuf& operator= (const ifhbuf&);
 #endif
 protected:
 	virtual int_type	underflow ();
 	virtual std::streamsize	xsgetn (char*, std::streamsize);
 	virtual	std::streambuf*	setbuf (char*, std::streamsize);
 public:
 	ifhbuf (void*, size_t (*)(void*, void*, size_t));
 	~ifhbuf (); // Can't fail
 };
 class ifhstream : public std::istream {
 	mutable ifhbuf	buf;
 public:
 	explicit ifhstream (void* handle, size_t (*read_fun)(void*, void*, size_t))
 	: std::istream(0), buf(handle, read_fun)
 	{
 		std::istream::rdbuf(&buf);
 	}
 	ifhbuf*	rdbuf () const { return &buf; }
 };
 #endif
--- a/git-crypt.hpp
+++ b/git-crypt.hpp
@@ -31,7 +31,7 @@
 #ifndef GIT_CRYPT_GIT_CRYPT_HPP
 #define GIT_CRYPT_GIT_CRYPT_HPP
-#define VERSION "0.8.0"
+#define VERSION "0.4.2"
 extern const char*	argv0;	// initialized in main() to argv[0]
--- a/gpg.cpp
+++ b/gpg.cpp
@@ -30,18 +30,8 @@
 #include "gpg.hpp"
 #include "util.hpp"
 #include "commands.hpp"
 #include <sstream>
 static std::string gpg_get_executable()
 {
 	std::string gpgbin = "gpg";
 	try {
 		gpgbin = get_git_config("gpg.program");
 	} catch (...) {
 	}
 	return gpgbin;
 }
 static std::string gpg_nth_column (const std::string& line, unsigned int col)
 {
 	std::string::size_type	pos = 0;
@@ -61,12 +51,18 @@ static std::string gpg_nth_column (const std::string& line, unsigned int col)
 	       line.substr(pos);
 }
 // given a key fingerprint, return the last 8 nibbles
 std::string gpg_shorten_fingerprint (const std::string& fingerprint)
 {
 	return fingerprint.size() == 40 ? fingerprint.substr(32) : fingerprint;
 }
 // given a key fingerprint, return the key's UID (e.g. "John Smith <jsmith@example.com>")
 std::string gpg_get_uid (const std::string& fingerprint)
 {
 	// gpg --batch --with-colons --fixed-list-mode --list-keys 0x7A399B2DB06D039020CD1CE1D0F3702D61489532
 	std::vector<std::string>	command;
-	command.push_back(gpg_get_executable());
+	command.push_back("gpg");
 	command.push_back("--batch");
 	command.push_back("--with-colons");
 	command.push_back("--fixed-list-mode");
@@ -98,7 +94,7 @@ std::vector<std::string> gpg_lookup_key (const std::string& query)
 	// gpg --batch --with-colons --fingerprint --list-keys jsmith@example.com
 	std::vector<std::string>	command;
-	command.push_back(gpg_get_executable());
+	command.push_back("gpg");
 	command.push_back("--batch");
 	command.push_back("--with-colons");
 	command.push_back("--fingerprint");
@@ -106,15 +102,10 @@ std::vector<std::string> gpg_lookup_key (const std::string& query)
 	command.push_back(query);
 	std::stringstream		command_output;
 	if (successful_exit(exec_command(command, command_output))) {
 		bool			is_pubkey = false;
 		while (command_output.peek() != -1) {
 			std::string		line;
 			std::getline(command_output, line);
-			if (line.substr(0, 4) == "pub:") {
+			if (line.substr(0, 4) == "fpr:") {
 				is_pubkey = true;
 			} else if (line.substr(0, 4) == "sub:") {
 				is_pubkey = false;
 			} else if (is_pubkey && line.substr(0, 4) == "fpr:") {
 				// fpr:::::::::7A399B2DB06D039020CD1CE1D0F3702D61489532:
 				// want the 9th column (counting from 0)
 				fingerprints.push_back(gpg_nth_column(line, 9));
@@ -129,7 +120,7 @@ std::vector<std::string> gpg_list_secret_keys ()
 {
 	// gpg --batch --with-colons --list-secret-keys --fingerprint
 	std::vector<std::string>	command;
-	command.push_back(gpg_get_executable());
+	command.push_back("gpg");
 	command.push_back("--batch");
 	command.push_back("--with-colons");
 	command.push_back("--list-secret-keys");
@@ -154,16 +145,12 @@ std::vector<std::string> gpg_list_secret_keys ()
 	return secret_keys;
 }
-void gpg_encrypt_to_file (const std::string& filename, const std::string& recipient_fingerprint, bool key_is_trusted, const char* p, size_t len)
+void gpg_encrypt_to_file (const std::string& filename, const std::string& recipient_fingerprint, const char* p, size_t len)
 {
 	// gpg --batch -o FILENAME -r RECIPIENT -e
 	std::vector<std::string>	command;
-	command.push_back(gpg_get_executable());
+	command.push_back("gpg");
 	command.push_back("--batch");
 	if (key_is_trusted) {
 		command.push_back("--trust-model");
 		command.push_back("always");
 	}
 	command.push_back("-o");
 	command.push_back(filename);
 	command.push_back("-r");
@@ -178,7 +165,7 @@ void gpg_decrypt_from_file (const std::string& filename, std::ostream& output)
 {
 	// gpg -q -d FILENAME
 	std::vector<std::string>	command;
-	command.push_back(gpg_get_executable());
+	command.push_back("gpg");
 	command.push_back("-q");
 	command.push_back("-d");
 	command.push_back(filename);
--- a/gpg.hpp
+++ b/gpg.hpp
@@ -41,10 +41,11 @@ struct Gpg_error {
 	explicit Gpg_error (std::string m) : message(m) { }
 };
 std::string			gpg_shorten_fingerprint (const std::string& fingerprint);
 std::string			gpg_get_uid (const std::string& fingerprint);
 std::vector<std::string>	gpg_lookup_key (const std::string& query);
 std::vector<std::string>	gpg_list_secret_keys ();
-void				gpg_encrypt_to_file (const std::string& filename, const std::string& recipient_fingerprint, bool key_is_trusted, const char* p, size_t len);
+void				gpg_encrypt_to_file (const std::string& filename, const std::string& recipient_fingerprint, const char* p, size_t len);
 void				gpg_decrypt_from_file (const std::string& filename, std::ostream&);
 #endif
--- a/man/git-crypt.xml
+++ b/man/git-crypt.xml
@@ -1,493 +0,0 @@
 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 <refentry>
 	<!--
 		Copyright (c) 2015 Andrew Ayer
 		See COPYING file for license information.
 	-->
 	<refentryinfo>
 		<title>git-crypt</title>
 		<date>2022-04-21</date>
 		<productname>git-crypt 0.8.0</productname>
 		<author>
 			<othername>Andrew Ayer</othername>
 			<contrib></contrib>
 			<email>agwa@andrewayer.name</email>
 			<uri>https://www.agwa.name</uri>
 		</author>
 	</refentryinfo>
 	<refmeta>
 		<refentrytitle>git-crypt</refentrytitle>
 		<manvolnum>1</manvolnum>
 	</refmeta>
 	<refnamediv>
 		<refname>git-crypt</refname>
 		<refpurpose>transparent file encryption in Git</refpurpose>
 	</refnamediv>
 	<refsynopsisdiv>
 		<cmdsynopsis>
 			<command>git-crypt <arg choice="opt"><replaceable>OPTIONS</replaceable></arg> <arg choice="plain"><replaceable>COMMAND</replaceable></arg> <arg choice="opt" rep="repeat"><replaceable>ARGS</replaceable></arg></command>
 		</cmdsynopsis>
 	</refsynopsisdiv>
 	<refsynopsisdiv>
 		<title>Common commands</title>
 		<cmdsynopsis>
 			<command>git-crypt init</command>
 		</cmdsynopsis>
 		<cmdsynopsis>
 			<command>git-crypt status</command>
 		</cmdsynopsis>
 		<cmdsynopsis>
 			<command>git-crypt lock</command>
 		</cmdsynopsis>
 	</refsynopsisdiv>
 	<refsynopsisdiv>
 		<title>GPG commands</title>
 		<cmdsynopsis>
 			<command>git-crypt add-gpg-user <arg choice="plain"><replaceable>GPG_USER_ID</replaceable></arg></command>
 		</cmdsynopsis>
 		<cmdsynopsis>
 			<command>git-crypt unlock</command>
 		</cmdsynopsis>
 	</refsynopsisdiv>
 	<refsynopsisdiv>
 		<title>Symmetric key commands</title>
 		<cmdsynopsis>
 			<command>git-crypt export-key <arg choice="plain"><replaceable>OUTPUT_KEY_FILE</replaceable></arg></command>
 		</cmdsynopsis>
 		<cmdsynopsis>
 			<command>git-crypt unlock <arg choice="plain"><replaceable>KEY_FILE</replaceable></arg></command>
 		</cmdsynopsis>
 	</refsynopsisdiv>
 	<refsect1>
 		<title>Description</title>
 		<para>
 			<command>git-crypt</command> enables transparent encryption and decryption
 			of files in a git repository. Files which you choose to protect are encrypted when committed,
 			and decrypted when checked out. git-crypt lets you freely share a repository containing a mix of
 			public and private content. git-crypt gracefully degrades, so developers without the secret key
 			can still clone and commit to a repository with encrypted files. This lets you store your secret
 			material (such as keys or passwords) in the same repository as your code, without requiring you
 			to lock down your entire repository.  
 		</para>
 	</refsect1>
 	<refsect1>
 		<title>Commands</title>
 		<para>
 			<command>git-crypt</command> is logically divided into several sub-commands which
 			perform distinct tasks.  Each sub-command, and its arguments,
 			are documented below.  Note that arguments and options to sub-commands must be
 			specified on the command line <emphasis>after</emphasis> the name of the sub-command.
 		</para>
 		<variablelist>
 			<varlistentry>
 				<term><option>init <arg choice="opt"><replaceable>OPTIONS</replaceable></arg></option></term>
 				<listitem>
 					<para>
 						Generate a key and prepare the current Git repository to use git-crypt.
 					</para>
 					<para>
 						The following options are understood:
 					</para>
 					<variablelist>
 						<varlistentry>
 							<term><option>-k</option> <replaceable>KEY_NAME</replaceable></term>
 							<term><option>--key-name</option> <replaceable>KEY_NAME</replaceable></term>
 							<listitem>
 								<para>
 									Initialize the given key instead of the default key.  git-crypt
 									supports multiple keys per repository, allowing you to share
 									different files with different sets of collaborators.
 								</para>
 							</listitem>
 						</varlistentry>
 					</variablelist>
 				</listitem>
 			</varlistentry>
 			<varlistentry>
 				<term><option>status <arg choice="opt"><replaceable>OPTIONS</replaceable></arg></option></term>
 				<listitem>
 					<para>
 						Display a list of files in the repository, with their status (encrypted or unencrypted).
 					</para>
 					<para>
 						The following options are understood:
 					</para>
 					<variablelist>
 						<varlistentry>
 							<term><option>-e</option></term>
 							<listitem>
 								<para>
 									Show only encrypted files.
 								</para>
 							</listitem>
 						</varlistentry>
 						<varlistentry>
 							<term><option>-u</option></term>
 							<listitem>
 								<para>
 									Show only unencrypted files.
 								</para>
 							</listitem>
 						</varlistentry>
 						<varlistentry>
 							<term><option>-f</option></term>
 							<term><option>--fix</option></term>
 							<listitem>
 								<para>
 									Encrypt files that should be encrypted but were
 									committed to the repository or added to the index
 									without encryption.  (This can happen if a file
 									is added before git-crypt is initialized or before
 									the file is added to the gitattributes file.)
 								</para>
 							</listitem>
 						</varlistentry>
 					</variablelist>
 				</listitem>
 			</varlistentry>
 			<varlistentry>
 				<term><option>add-gpg-user <arg choice="opt"><replaceable>OPTIONS</replaceable></arg> <arg choice="plain" rep="repeat"><replaceable>GPG_USER_ID</replaceable></arg></option></term>
 				<listitem>
 					<para>
 						Add the users with the given GPG user IDs as collaborators.  Specifically,
 						git-crypt uses <citerefentry><refentrytitle>gpg</refentrytitle><manvolnum>1</manvolnum></citerefentry>
 						to encrypt the shared symmetric key
 						to the public keys of each GPG user ID, and stores the GPG-encrypted
 						keys in the <filename>.git-crypt</filename> directory at the root of the repository.
 					</para>
 					<para>
 						<replaceable>GPG_USER_ID</replaceable> can be a key ID, a full fingerprint, an email address, or anything
 						else that uniquely identifies a public key to GPG (see "HOW TO SPECIFY
 						A USER ID" in the <citerefentry><refentrytitle>gpg</refentrytitle><manvolnum>1</manvolnum></citerefentry>
 						man page).
 					</para>
 					<para>
 						The following options are understood:
 					</para>
 					<variablelist>
 						<varlistentry>
 							<term><option>-k</option> <replaceable>KEY_NAME</replaceable></term>
 							<term><option>--key-name</option> <replaceable>KEY_NAME</replaceable></term>
 							<listitem>
 								<para>
 									Grant access to the given key, rather than the default key.
 								</para>
 							</listitem>
 						</varlistentry>
 						<varlistentry>
 							<term><option>-n</option></term>
 							<term><option>--no-commit</option></term>
 							<listitem>
 								<para>
 									Don't automatically commit the changes to the <filename>.git-crypt</filename>
 									directory.
 								</para>
 							</listitem>
 						</varlistentry>
 						<varlistentry>
 							<term><option>--trusted</option></term>
 							<listitem>
 								<para>
 									Assume that the GPG keys specified on the command line are trusted;
 									i.e. they actually belong to the users that they claim to belong to.
 								</para>
 								<para>
 									Without this option, git-crypt uses the same trust model as GPG,
 									which is based on the Web of Trust by default.  Under this
 									model, git-crypt will reject GPG keys that do not have
 									trusted signatures.
 								</para>
 								<para>
 									If you don't want to use the Web of Trust, you can either change
 									GPG's trust model by setting the <option>trust-model</option>
 									option in <filename>~/.gnupg/gpg.conf</filename> (see
 									<citerefentry><refentrytitle>gpg</refentrytitle><manvolnum>1</manvolnum></citerefentry>),
 									or use the <option>--trusted</option> option to <command>add-gpg-user</command>
 									on a case-by-case basis.
 								</para>
 							</listitem>
 						</varlistentry>
 					</variablelist>
 				</listitem>
 			</varlistentry>
 			<varlistentry>
 				<term><option>unlock <!--<arg choice="opt"><replaceable>OPTIONS</replaceable></arg> --><arg choice="opt" rep="repeat"><replaceable>KEY_FILE</replaceable></arg></option></term>
 				<listitem>
 					<para>
 						Decrypt the repository.  If one or more key files are specified on the command line,
 						git-crypt attempts to decrypt using those shared symmetric keys.  If no key files
 						are specified, git-crypt attempts to decrypt using a GPG-encrypted key stored in
 						the repository's .git-crypt directory.
 					</para>
 					<para>
 						This command takes no options.
 					</para>
 				</listitem>
 			</varlistentry>
 			<varlistentry>
 				<term><option>export-key <arg choice="opt"><replaceable>OPTIONS</replaceable></arg> <arg choice="plain"><replaceable>FILENAME</replaceable></arg></option></term>
 				<listitem>
 					<para>
 						Export the repository's shared symmetric key to the given file.
 					</para>
 					<para>
 						The following options are understood:
 					</para>
 					<variablelist>
 						<varlistentry>
 							<term><option>-k</option> <replaceable>KEY_NAME</replaceable></term>
 							<term><option>--key-name</option> <replaceable>KEY_NAME</replaceable></term>
 							<listitem>
 								<para>
 									Export the given key, rather than the default key.
 								</para>
 							</listitem>
 						</varlistentry>
 					</variablelist>
 				</listitem>
 			</varlistentry>
 			<varlistentry>
 				<term><option>help <arg choice="opt"><replaceable>COMMAND</replaceable></arg></option></term>
 				<listitem>
 					<para>
 						Display help for the given <arg choice="plain"><replaceable>COMMAND</replaceable></arg>,
 						or an overview of all commands if no command is specified.
 					</para>
 				</listitem>
 			</varlistentry>
 			<varlistentry>
 				<term><option>version</option></term>
 				<listitem>
 					<para>
 						Print the currently-installed version of <command>git-crypt</command>.
 						The format of the output is always "git-crypt", followed by a space,
 						followed by the dotted version number.
 					</para>
 				</listitem>
 			</varlistentry>
 		</variablelist>
 	</refsect1>
 	<refsect1>
 		<title>Using git-crypt</title>
 		<para>
 			First, you prepare a repository to use git-crypt by running <command>git-crypt init</command>.
 		</para>
 		<para>
 			Then, you specify the files to encrypt by creating a
 			<citerefentry><refentrytitle>gitattributes</refentrytitle><manvolnum>5</manvolnum></citerefentry> file.
 			Each file which you want to encrypt should be assigned the "<literal>filter=git-crypt diff=git-crypt</literal>"
 			attributes.  For example:
 		</para>
 		<screen>secretfile filter=git-crypt diff=git-crypt&#10;*.key filter=git-crypt diff=git-crypt</screen>
 		<para>
 			Like a <filename>.gitignore</filename> file, <filename>.gitattributes</filename> files can match wildcards and
 			should be checked into the repository.  Make sure you don't accidentally encrypt the
 			<filename>.gitattributes</filename> file itself (or other git files like <filename>.gitignore</filename>
 			or <filename>.gitmodules</filename>).  Make sure your <filename>.gitattributes</filename> rules
 			are in place <emphasis>before</emphasis> you add sensitive files, or those files won't be encrypted!
 		</para>
 		<para>
 			To share the repository with others (or with yourself) using GPG, run:
 		</para>
 		<screen>git-crypt add-gpg-user <replaceable>GPG_USER_ID</replaceable></screen>
 		<para>
 			<replaceable>GPG_USER_ID</replaceable> can be a key ID, a full fingerprint, an email address, or anything
 			else that uniquely identifies a public key to GPG.  Note: <command>git-crypt add-gpg-user</command> will
 			add and commit a GPG-encrypted key file in the <filename>.git-crypt</filename> directory of
 			the root of your repository.
 		</para>
 		<para>
 			Alternatively, you can export a symmetric secret key, which you must
 			securely convey to collaborators (GPG is not required, and no files
 			are added to your repository):
 		</para>
 		<screen>git-crypt export-key <replaceable>/path/to/key</replaceable></screen>
 		<para>
 			After cloning a repository with encrypted files, unlock with with GPG:
 		</para>
 		<screen>git-crypt unlock</screen>
 		<para>
 			Or with a symmetric key:
 		</para>
 		<screen>git-crypt unlock /path/to/key</screen>
 		<para>
 			That's all you need to do - after git-crypt is set up (either with
 			<command>git-crypt init</command> or <command>git-crypt unlock</command>),
 			you can use git normally - encryption and decryption happen transparently.
 		</para>
 	</refsect1>
 	<refsect1>
 		<title>The .gitattributes file</title>
 		<para>
 			The <filename>.gitattributes</filename> file is documented in
 			<citerefentry><refentrytitle>gitattributes</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
 			The file pattern format is the same as the one used by <filename>.gitignore</filename>,
 			as documented in <citerefentry><refentrytitle>gitignore</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
 			with the exception that specifying merely a directory (e.g. "<literal>/dir/</literal>")
 			is <emphasis>not</emphasis> sufficient to encrypt all files beneath it.
 		</para>
 		<para>
 			Also note that the pattern "<literal>dir/*</literal>" does not match files under
 			sub-directories of dir/.  To encrypt an entire sub-tree dir/, place the
 			following in <filename>dir/.gitattributes</filename>:
 		</para>
 		<screen>* filter=git-crypt diff=git-crypt&#10;.gitattributes !filter !diff</screen>
 		<para>
 			The second pattern is essential for ensuring that <filename>.gitattributes</filename> itself
 			is not encrypted.
 		</para>
 	</refsect1>
 	<refsect1>
 		<title>Multiple Key Support</title>
 		<para>
 			In addition to the implicit default key, git-crypt supports alternative
 			keys which can be used to encrypt specific files and can be shared with
 			specific GPG users.  This is useful if you want to grant different
 			collaborators access to different sets of files.
 		</para>
 		<para>
 			To generate an alternative key named <replaceable>KEYNAME</replaceable>,
 			pass the <command>-k <replaceable>KEYNAME</replaceable></command>
 			option to <command>git-crypt init</command> as follows:
 		</para>
 		<screen>git-crypt init -k <replaceable>KEYNAME</replaceable></screen>
 		<para>
 			To encrypt a file with an alternative key, use the <literal>git-crypt-<replaceable>KEYNAME</replaceable></literal>
 			filter in <filename>.gitattributes</filename> as follows:
 		</para>
 		<screen><replaceable>secretfile</replaceable> filter=git-crypt-<replaceable>KEYNAME</replaceable> diff=git-crypt-<replaceable>KEYNAME</replaceable></screen>
 		<para>
 			To export an alternative key or share it with a GPG user, pass the
 			<command>-k <replaceable>KEYNAME</replaceable></command> option to
 			<command>git-crypt export-key</command> or <command>git-crypt add-gpg-user</command>
 			as follows:
 		</para>
 		<screen>git-crypt export-key -k <replaceable>KEYNAME</replaceable> <filename><replaceable>/path/to/keyfile</replaceable></filename>&#10;git-crypt add-gpg-user -k <replaceable>KEYNAME</replaceable> <replaceable>GPG_USER_ID</replaceable></screen>
 		<para>
 			To unlock a repository with an alternative key, use <command>git-crypt unlock</command>
 			normally.  git-crypt will automatically determine which key is being used.
 		</para>
 	</refsect1>
 	<!--
 	<refsect1>
 		<title>Global options</title>
 		<para>
 			The following options are understood by <command>git-crypt</command> and can
 			be used with any sub-command.  Since they apply globally
 			to <command>git-crypt</command>, they must be specified on the command line
 			<emphasis>before</emphasis> the sub-command name.
 		</para>
 		<variablelist>
 		</variablelist>
 	</refsect1>
 	-->
 	<!--
 	<refsect1>
 		<title>Files</title>
 		<variablelist>
 			<varlistentry>
 				<term><filename>/path/to/file</filename></term>
 				<listitem><para>Description.</para></listitem>
 			</varlistentry>
 		</variablelist>
 	</refsect1>
 	-->
 	<!--
 	<refsect1>
 		<title>Environment Variables</title>
 		<variablelist class='environment-variables'>
 			<varlistentry>
 				<term><varname>NAME</varname></term>
 				<listitem>
 					<para>Description.</para>
 				</listitem>
 			</varlistentry>
 		</variablelist>
 	</refsect1>
 	-->
 	<!-- TODO: examples section
 	<refsect1>
 		<title>Examples</title>
 		<para>Hello world?</para>
 	</refsect1>
 	-->
 	<refsect1>
 		<title>See Also</title>
 		<para>
 			<citerefentry><refentrytitle>git</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
 			<citerefentry><refentrytitle>gitattributes</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
 			<ulink url="https://www.agwa.name/projects/git-crypt">git-crypt home page</ulink>,
 			<ulink url="https://github.com/AGWA/git-crypt">GitHub repository</ulink>
 		</para>
 	</refsect1>
 </refentry>
--- a/man/man1/.gitignore
+++ b/man/man1/.gitignore
@@ -1 +0,0 @@
 git-crypt.1
--- a/parse_options.cpp
+++ b/parse_options.cpp
@@ -1,28 +1,31 @@
 /*
 * Copyright 2014 Andrew Ayer
 *
- * Permission is hereby granted, free of charge, to any person obtaining a
+ * This file is part of git-crypt.
 * copy of this software and associated documentation files (the "Software"),
 * to deal in the Software without restriction, including without limitation
 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
 * and/or sell copies of the Software, and to permit persons to whom the
 * Software is furnished to do so, subject to the following conditions:
 *
- * The above copyright notice and this permission notice shall be included
+ * git-crypt is free software: you can redistribute it and/or modify
- * in all copies or substantial portions of the Software.
+ * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * git-crypt is distributed in the hope that it will be useful,
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * GNU General Public License for more details.
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 *
- * Except as contained in this notice, the name(s) of the above copyright
+ * You should have received a copy of the GNU General Public License
- * holders shall not be used in advertising or otherwise to promote the
+ * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
- * sale, use or other dealings in this Software without prior written
+ *
- * authorization.
+ * Additional permission under GNU GPL version 3 section 7:
 *
 * If you modify the Program, or any covered work, by linking or
 * combining it with the OpenSSL project's OpenSSL library (or a
 * modified version of that library), containing parts covered by the
 * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 * grant you additional permission to convey the resulting work.
 * Corresponding Source for a non-source form of such a combination
 * shall include the source code for the parts of OpenSSL used as well
 * as that of the covered work.
 */
 #include "parse_options.hpp"
@@ -43,7 +46,7 @@ int parse_options (const Options_list& options, int argc, const char** argv)
 {
 	int	argi = 0;
-	while (argi < argc && argv[argi][0] == '-' && argv[argi][1] != '\0') {
+	while (argi < argc && argv[argi][0] == '-') {
 		if (std::strcmp(argv[argi], "--") == 0) {
 			++argi;
 			break;
--- a/parse_options.hpp
+++ b/parse_options.hpp
@@ -1,28 +1,31 @@
 /*
 * Copyright 2014 Andrew Ayer
 *
- * Permission is hereby granted, free of charge, to any person obtaining a
+ * This file is part of git-crypt.
 * copy of this software and associated documentation files (the "Software"),
 * to deal in the Software without restriction, including without limitation
 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
 * and/or sell copies of the Software, and to permit persons to whom the
 * Software is furnished to do so, subject to the following conditions:
 *
- * The above copyright notice and this permission notice shall be included
+ * git-crypt is free software: you can redistribute it and/or modify
- * in all copies or substantial portions of the Software.
+ * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * git-crypt is distributed in the hope that it will be useful,
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+ * GNU General Public License for more details.
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
 * OTHER DEALINGS IN THE SOFTWARE.
 *
- * Except as contained in this notice, the name(s) of the above copyright
+ * You should have received a copy of the GNU General Public License
- * holders shall not be used in advertising or otherwise to promote the
+ * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
- * sale, use or other dealings in this Software without prior written
+ *
- * authorization.
+ * Additional permission under GNU GPL version 3 section 7:
 *
 * If you modify the Program, or any covered work, by linking or
 * combining it with the OpenSSL project's OpenSSL library (or a
 * modified version of that library), containing parts covered by the
 * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 * grant you additional permission to convey the resulting work.
 * Corresponding Source for a non-source form of such a combination
 * shall include the source code for the parts of OpenSSL used as well
 * as that of the covered work.
 */
 #ifndef PARSE_OPTIONS_HPP
--- a/util-unix.cpp
+++ b/util-unix.cpp
@@ -43,8 +43,6 @@
 #include <vector>
 #include <string>
 #include <cstring>
 #include <cstddef>
 #include <algorithm>
 std::string System_error::message () const
 {
@@ -125,38 +123,171 @@ void	mkdir_parent (const std::string& path)
 	}
 }
 static std::string readlink (const char* pathname)
 {
 	std::vector<char>	buffer(64);
 	ssize_t			len;
 	while ((len = ::readlink(pathname, &buffer[0], buffer.size())) == static_cast<ssize_t>(buffer.size())) {
 		// buffer may have been truncated - grow and try again
 		buffer.resize(buffer.size() * 2);
 	}
 	if (len == -1) {
 		throw System_error("readlink", pathname, errno);
 	}
 	return std::string(buffer.begin(), buffer.begin() + len);
 }
 std::string our_exe_path ()
 {
-	if (argv0[0] == '/') {
+	try {
-		// argv[0] starts with / => it's an absolute path
+		return readlink("/proc/self/exe");
-		return argv0;
+	} catch (const System_error&) {
-	} else if (std::strchr(argv0, '/')) {
+		if (argv0[0] == '/') {
-		// argv[0] contains / => it a relative path that should be resolved
+			// argv[0] starts with / => it's an absolute path
-		char*		resolved_path_p = realpath(argv0, nullptr);
+			return argv0;
-		std::string	resolved_path(resolved_path_p);
+		} else if (std::strchr(argv0, '/')) {
-		free(resolved_path_p);
+			// argv[0] contains / => it a relative path that should be resolved
-		return resolved_path;
+			char*		resolved_path_p = realpath(argv0, NULL);
-	} else {
+			std::string	resolved_path(resolved_path_p);
-		// argv[0] is just a bare filename => not much we can do
+			free(resolved_path_p);
-		return argv0;
+			return resolved_path;
 		} else {
 			// argv[0] is just a bare filename => not much we can do
 			return argv0;
 		}
 	}
 }
-int	exit_status (int wait_status)
+static int execvp (const std::string& file, const std::vector<std::string>& args)
 {
-	return wait_status != -1 && WIFEXITED(wait_status) ? WEXITSTATUS(wait_status) : -1;
+	std::vector<const char*>	args_c_str;
 	args_c_str.reserve(args.size());
 	for (std::vector<std::string>::const_iterator arg(args.begin()); arg != args.end(); ++arg) {
 		args_c_str.push_back(arg->c_str());
 	}
 	args_c_str.push_back(NULL);
 	return execvp(file.c_str(), const_cast<char**>(&args_c_str[0]));
 }
 int exec_command (const std::vector<std::string>& command)
 {
 	pid_t		child = fork();
 	if (child == -1) {
 		throw System_error("fork", "", errno);
 	}
 	if (child == 0) {
 		execvp(command[0], command);
 		perror(command[0].c_str());
 		_exit(-1);
 	}
 	int		status = 0;
 	if (waitpid(child, &status, 0) == -1) {
 		throw System_error("waitpid", "", errno);
 	}
 	return status;
 }
 int exec_command (const std::vector<std::string>& command, std::ostream& output)
 {
 	int		pipefd[2];
 	if (pipe(pipefd) == -1) {
 		throw System_error("pipe", "", errno);
 	}
 	pid_t		child = fork();
 	if (child == -1) {
 		int	fork_errno = errno;
 		close(pipefd[0]);
 		close(pipefd[1]);
 		throw System_error("fork", "", fork_errno);
 	}
 	if (child == 0) {
 		close(pipefd[0]);
 		if (pipefd[1] != 1) {
 			dup2(pipefd[1], 1);
 			close(pipefd[1]);
 		}
 		execvp(command[0], command);
 		perror(command[0].c_str());
 		_exit(-1);
 	}
 	close(pipefd[1]);
 	char		buffer[1024];
 	ssize_t		bytes_read;
 	while ((bytes_read = read(pipefd[0], buffer, sizeof(buffer))) > 0) {
 		output.write(buffer, bytes_read);
 	}
 	if (bytes_read == -1) {
 		int	read_errno = errno;
 		close(pipefd[0]);
 		throw System_error("read", "", read_errno);
 	}
 	close(pipefd[0]);
 	int		status = 0;
 	if (waitpid(child, &status, 0) == -1) {
 		throw System_error("waitpid", "", errno);
 	}
 	return status;
 }
 int exec_command_with_input (const std::vector<std::string>& command, const char* p, size_t len)
 {
 	int		pipefd[2];
 	if (pipe(pipefd) == -1) {
 		throw System_error("pipe", "", errno);
 	}
 	pid_t		child = fork();
 	if (child == -1) {
 		int	fork_errno = errno;
 		close(pipefd[0]);
 		close(pipefd[1]);
 		throw System_error("fork", "", fork_errno);
 	}
 	if (child == 0) {
 		close(pipefd[1]);
 		if (pipefd[0] != 0) {
 			dup2(pipefd[0], 0);
 			close(pipefd[0]);
 		}
 		execvp(command[0], command);
 		perror(command[0].c_str());
 		_exit(-1);
 	}
 	close(pipefd[0]);
 	while (len > 0) {
 		ssize_t	bytes_written = write(pipefd[1], p, len);
 		if (bytes_written == -1) {
 			int	write_errno = errno;
 			close(pipefd[1]);
 			throw System_error("write", "", write_errno);
 		}
 		p += bytes_written;
 		len -= bytes_written;
 	}
 	close(pipefd[1]);
 	int		status = 0;
 	if (waitpid(child, &status, 0) == -1) {
 		throw System_error("waitpid", "", errno);
 	}
 	return status;
 }
 bool successful_exit (int status)
 {
 	return status != -1 && WIFEXITED(status) && WEXITSTATUS(status) == 0;
 }
 void	touch_file (const std::string& filename)
 {
-	if (utimes(filename.c_str(), nullptr) == -1 && errno != ENOENT) {
+	if (utimes(filename.c_str(), NULL) == -1) {
 		throw System_error("utimes", filename, errno);
 	}
 }
 void	remove_file (const std::string& filename)
 {
-	if (unlink(filename.c_str()) == -1 && errno != ENOENT) {
+	if (unlink(filename.c_str()) == -1) {
 		throw System_error("unlink", filename, errno);
 	}
 }
@@ -179,38 +310,25 @@ int util_rename (const char* from, const char* to)
 	return rename(from, to);
 }
 static int dirfilter (const struct dirent* ent)
 {
 	// filter out . and ..
 	return std::strcmp(ent->d_name, ".") != 0 && std::strcmp(ent->d_name, "..") != 0;
 }
 std::vector<std::string> get_directory_contents (const char* path)
 {
-	std::vector<std::string>		contents;
+	struct dirent**		namelist;
-
+	int			n = scandir(path, &namelist, dirfilter, alphasort);
-	DIR*					dir = opendir(path);
+	if (n == -1) {
-	if (!dir) {
+		throw System_error("scandir", path, errno);
 		throw System_error("opendir", path, errno);
 	}
-	try {
+	std::vector<std::string>	contents(n);
-		errno = 0;
+	for (int i = 0; i < n; ++i) {
-		// Note: readdir is reentrant in new implementations. In old implementations,
+		contents[i] = namelist[i]->d_name;
-		// it might not be, but git-crypt isn't multi-threaded so that's OK.
+		free(namelist[i]);
 		// We don't use readdir_r because it's buggy and deprecated:
 		//  https://womble.decadent.org.uk/readdir_r-advisory.html
 		//  http://austingroupbugs.net/view.php?id=696
 		//  http://man7.org/linux/man-pages/man3/readdir_r.3.html
 		while (struct dirent* ent = readdir(dir)) {
 			if (!(std::strcmp(ent->d_name, ".") == 0 || std::strcmp(ent->d_name, "..") == 0)) {
 				contents.push_back(ent->d_name);
 			}
 		}
 		if (errno) {
 			throw System_error("readdir", path, errno);
 		}
 	} catch (...) {
 		closedir(dir);
 		throw;
 	}
-	closedir(dir);
+	free(namelist);
 	std::sort(contents.begin(), contents.end());
 	return contents;
 }
--- a/util-win32.cpp
+++ b/util-win32.cpp
@@ -46,12 +46,12 @@ std::string System_error::message () const
 		LPTSTR	error_message;
 		FormatMessageA(
 			FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
-			nullptr,
+			NULL,
 			error,
 			MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
 			reinterpret_cast<LPTSTR>(&error_message),
 			0,
-			nullptr);
+			NULL);
 		mesg += error_message;
 		LocalFree(error_message);
 	}
@@ -100,7 +100,7 @@ void	mkdir_parent (const std::string& path)
 		std::string		prefix(path.substr(0, slash));
 		if (GetFileAttributes(prefix.c_str()) == INVALID_FILE_ATTRIBUTES) {
 			// prefix does not exist, so try to create it
-			if (!CreateDirectory(prefix.c_str(), nullptr)) {
+			if (!CreateDirectory(prefix.c_str(), NULL)) {
 				throw System_error("CreateDirectory", prefix, GetLastError());
 			}
 		}
@@ -114,7 +114,7 @@ std::string our_exe_path ()
 	std::vector<char>	buffer(128);
 	size_t			len;
-	while ((len = GetModuleFileNameA(nullptr, &buffer[0], buffer.size())) == buffer.size()) {
+	while ((len = GetModuleFileNameA(NULL, &buffer[0], buffer.size())) == buffer.size()) {
 		// buffer may have been truncated - grow and try again
 		buffer.resize(buffer.size() * 2);
 	}
@@ -125,28 +125,214 @@ std::string our_exe_path ()
 	return std::string(buffer.begin(), buffer.begin() + len);
 }
-int exit_status (int status)
+static void escape_cmdline_argument (std::string& cmdline, const std::string& arg)
 {
-	return status;
+	// For an explanation of Win32's arcane argument quoting rules, see:
 	//  http://msdn.microsoft.com/en-us/library/17w5ykft%28v=vs.85%29.aspx
 	//  http://msdn.microsoft.com/en-us/library/bb776391%28v=vs.85%29.aspx
 	//  http://blogs.msdn.com/b/twistylittlepassagesallalike/archive/2011/04/23/everyone-quotes-arguments-the-wrong-way.aspx
 	//  http://blogs.msdn.com/b/oldnewthing/archive/2010/09/17/10063629.aspx
 	cmdline.push_back('"');
 	std::string::const_iterator	p(arg.begin());
 	while (p != arg.end()) {
 		if (*p == '"') {
 			cmdline.push_back('\\');
 			cmdline.push_back('"');
 			++p;
 		} else if (*p == '\\') {
 			unsigned int	num_backslashes = 0;
 			while (p != arg.end() && *p == '\\') {
 				++num_backslashes;
 				++p;
 			}
 			if (p == arg.end() || *p == '"') {
 				// Backslashes need to be escaped
 				num_backslashes *= 2;
 			}
 			while (num_backslashes--) {
 				cmdline.push_back('\\');
 			}
 		} else {
 			cmdline.push_back(*p++);
 		}
 	}
 	cmdline.push_back('"');
 }
 static std::string format_cmdline (const std::vector<std::string>& command)
 {
 	std::string		cmdline;
 	for (std::vector<std::string>::const_iterator arg(command.begin()); arg != command.end(); ++arg) {
 		if (arg != command.begin()) {
 			cmdline.push_back(' ');
 		}
 		escape_cmdline_argument(cmdline, *arg);
 	}
 	return cmdline;
 }
 static int wait_for_child (HANDLE child_handle)
 {
 	if (WaitForSingleObject(child_handle, INFINITE) == WAIT_FAILED) {
 		throw System_error("WaitForSingleObject", "", GetLastError());
 	}
 	DWORD			exit_code;
 	if (!GetExitCodeProcess(child_handle, &exit_code)) {
 		throw System_error("GetExitCodeProcess", "", GetLastError());
 	}
 	return exit_code;
 }
 static HANDLE spawn_command (const std::vector<std::string>& command, HANDLE stdin_handle, HANDLE stdout_handle, HANDLE stderr_handle)
 {
 	PROCESS_INFORMATION	proc_info;
 	ZeroMemory(&proc_info, sizeof(proc_info));
 	STARTUPINFO		start_info;
 	ZeroMemory(&start_info, sizeof(start_info));
 	start_info.cb = sizeof(STARTUPINFO);
 	start_info.hStdInput = stdin_handle ? stdin_handle : GetStdHandle(STD_INPUT_HANDLE);
 	start_info.hStdOutput = stdout_handle ? stdout_handle : GetStdHandle(STD_OUTPUT_HANDLE);
 	start_info.hStdError = stderr_handle ? stderr_handle : GetStdHandle(STD_ERROR_HANDLE);
 	start_info.dwFlags |= STARTF_USESTDHANDLES;
 	std::string		cmdline(format_cmdline(command));
 	if (!CreateProcessA(NULL,		// application name (NULL to use command line)
 				const_cast<char*>(cmdline.c_str()),
 				NULL,		// process security attributes
 				NULL,		// primary thread security attributes
 				TRUE,		// handles are inherited
 				0,		// creation flags
 				NULL,		// use parent's environment
 				NULL,		// use parent's current directory
 				&start_info,
 				&proc_info)) {
 		throw System_error("CreateProcess", cmdline, GetLastError());
 	}
 	CloseHandle(proc_info.hThread);
 	return proc_info.hProcess;
 }
 int exec_command (const std::vector<std::string>& command)
 {
 	HANDLE			child_handle = spawn_command(command, NULL, NULL, NULL);
 	int			exit_code = wait_for_child(child_handle);
 	CloseHandle(child_handle);
 	return exit_code;
 }
 int exec_command (const std::vector<std::string>& command, std::ostream& output)
 {
 	HANDLE			stdout_pipe_reader = NULL;
 	HANDLE			stdout_pipe_writer = NULL;
 	SECURITY_ATTRIBUTES	sec_attr;
 	// Set the bInheritHandle flag so pipe handles are inherited.
 	sec_attr.nLength = sizeof(SECURITY_ATTRIBUTES);
 	sec_attr.bInheritHandle = TRUE;
 	sec_attr.lpSecurityDescriptor = NULL;
 	// Create a pipe for the child process's STDOUT.
 	if (!CreatePipe(&stdout_pipe_reader, &stdout_pipe_writer, &sec_attr, 0)) {
 		throw System_error("CreatePipe", "", GetLastError());
 	}
 	// Ensure the read handle to the pipe for STDOUT is not inherited.
 	if (!SetHandleInformation(stdout_pipe_reader, HANDLE_FLAG_INHERIT, 0)) {
 		throw System_error("SetHandleInformation", "", GetLastError());
 	}
 	HANDLE			child_handle = spawn_command(command, NULL, stdout_pipe_writer, NULL);
 	CloseHandle(stdout_pipe_writer);
 	// Read from stdout_pipe_reader.
 	// Note that ReadFile on a pipe may return with bytes_read==0 if the other
 	// end of the pipe writes zero bytes, so don't break out of the read loop
 	// when this happens.  When the other end of the pipe closes, ReadFile
 	// fails with ERROR_BROKEN_PIPE.
 	char			buffer[1024];
 	DWORD			bytes_read;
 	while (ReadFile(stdout_pipe_reader, buffer, sizeof(buffer), &bytes_read, NULL)) {
 		output.write(buffer, bytes_read);
 	}
 	const DWORD		read_error = GetLastError();
 	if (read_error != ERROR_BROKEN_PIPE) {
 		throw System_error("ReadFile", "", read_error);
 	}
 	CloseHandle(stdout_pipe_reader);
 	int			exit_code = wait_for_child(child_handle);
 	CloseHandle(child_handle);
 	return exit_code;
 }
 int exec_command_with_input (const std::vector<std::string>& command, const char* p, size_t len)
 {
 	HANDLE			stdin_pipe_reader = NULL;
 	HANDLE			stdin_pipe_writer = NULL;
 	SECURITY_ATTRIBUTES	sec_attr;
 	// Set the bInheritHandle flag so pipe handles are inherited.
 	sec_attr.nLength = sizeof(SECURITY_ATTRIBUTES);
 	sec_attr.bInheritHandle = TRUE;
 	sec_attr.lpSecurityDescriptor = NULL;
 	// Create a pipe for the child process's STDIN.
 	if (!CreatePipe(&stdin_pipe_reader, &stdin_pipe_writer, &sec_attr, 0)) {
 		throw System_error("CreatePipe", "", GetLastError());
 	}
 	// Ensure the write handle to the pipe for STDIN is not inherited.
 	if (!SetHandleInformation(stdin_pipe_writer, HANDLE_FLAG_INHERIT, 0)) {
 		throw System_error("SetHandleInformation", "", GetLastError());
 	}
 	HANDLE			child_handle = spawn_command(command, stdin_pipe_reader, NULL, NULL);
 	CloseHandle(stdin_pipe_reader);
 	// Write to stdin_pipe_writer.
 	while (len > 0) {
 		DWORD		bytes_written;
 		if (!WriteFile(stdin_pipe_writer, p, len, &bytes_written, NULL)) {
 			throw System_error("WriteFile", "", GetLastError());
 		}
 		p += bytes_written;
 		len -= bytes_written;
 	}
 	CloseHandle(stdin_pipe_writer);
 	int			exit_code = wait_for_child(child_handle);
 	CloseHandle(child_handle);
 	return exit_code;
 }
 bool successful_exit (int status)
 {
 	return status == 0;
 }
 void	touch_file (const std::string& filename)
 {
-	HANDLE	fh = CreateFileA(filename.c_str(), FILE_WRITE_ATTRIBUTES, FILE_SHARE_READ, nullptr, OPEN_EXISTING, 0, nullptr);
+	HANDLE	fh = CreateFileA(filename.c_str(), FILE_WRITE_ATTRIBUTES, FILE_SHARE_READ, NULL, OPEN_EXISTING, 0, NULL);
 	if (fh == INVALID_HANDLE_VALUE) {
-		DWORD	error = GetLastError();
+		throw System_error("CreateFileA", filename, GetLastError());
 		if (error == ERROR_FILE_NOT_FOUND) {
 			return;
 		} else {
 			throw System_error("CreateFileA", filename, error);
 		}
 	}
 	SYSTEMTIME	system_time;
 	GetSystemTime(&system_time);
 	FILETIME	file_time;
 	SystemTimeToFileTime(&system_time, &file_time);
-	if (!SetFileTime(fh, nullptr, nullptr, &file_time)) {
+	if (!SetFileTime(fh, NULL, NULL, &file_time)) {
 		DWORD	error = GetLastError();
 		CloseHandle(fh);
 		throw System_error("SetFileTime", filename, error);
@@ -157,12 +343,7 @@ void	touch_file (const std::string& filename)
 void	remove_file (const std::string& filename)
 {
 	if (!DeleteFileA(filename.c_str())) {
-		DWORD	error = GetLastError();
+		throw System_error("DeleteFileA", filename, GetLastError());
 		if (error == ERROR_FILE_NOT_FOUND) {
 			return;
 		} else {
 			throw System_error("DeleteFileA", filename, error);
 		}
 	}
 }
--- a/util.cpp
+++ b/util.cpp
@@ -30,36 +30,9 @@
 #include "git-crypt.hpp"
 #include "util.hpp"
 #include "coprocess.hpp"
 #include <string>
 #include <iostream>
 int exec_command (const std::vector<std::string>& args)
 {
 	Coprocess	proc;
 	proc.spawn(args);
 	return proc.wait();
 }
 int exec_command (const std::vector<std::string>& args, std::ostream& output)
 {
 	Coprocess	proc;
 	std::istream*	proc_stdout = proc.stdout_pipe();
 	proc.spawn(args);
 	output << proc_stdout->rdbuf();
 	return proc.wait();
 }
 int exec_command_with_input (const std::vector<std::string>& args, const char* p, size_t len)
 {
 	Coprocess	proc;
 	std::ostream*	proc_stdin = proc.stdin_pipe();
 	proc.spawn(args);
 	proc_stdin->write(p, len);
 	proc.close_stdin();
 	return proc.wait();
 }
 std::string	escape_shell_arg (const std::string& str)
 {
 	std::string	new_str;
--- a/util.hpp
+++ b/util.hpp
@@ -63,10 +63,9 @@ std::string	our_exe_path ();
 int		exec_command (const std::vector<std::string>&);
 int		exec_command (const std::vector<std::string>&, std::ostream& output);
 int		exec_command_with_input (const std::vector<std::string>&, const char* p, size_t len);
-int		exit_status (int wait_status); // returns -1 if process did not exit (but was signaled, etc.)
+bool		successful_exit (int status);
-inline bool	successful_exit (int wait_status) { return exit_status(wait_status) == 0; }
+void		touch_file (const std::string&);
-void		touch_file (const std::string&); // ignores non-existent files
+void		remove_file (const std::string&);
 void		remove_file (const std::string&); // ignores non-existent files
 std::string	escape_shell_arg (const std::string&);
 uint32_t	load_be32 (const unsigned char*);
 void		store_be32 (unsigned char*, uint32_t);
Author	SHA1	Message	Date
Andrew Ayer	f3890bed32	Update debian/changelog for 0.4.2-1~agwa1	2015-01-31 19:44:08 -08:00
Andrew Ayer	78fb6ab052	debian packaging: install additional docs	2015-01-31 19:42:45 -08:00
Andrew Ayer	1fc9664036	Merge tag '0.4.2' into debian git-crypt 0.4.2 git-crypt 0.4.2 is a bugfix-only release that fixes the unlock (and lock) commands under Git 2.2.2 and newer. Due to an optimization introduced in Git 2.2.2, 'git-crypt unlock' would not decrypt files in the working tree. In addition, this version of git-crypt officially drops support for versions of Git older than 1.7.2.	2015-01-31 19:41:21 -08:00
Andrew Ayer	2fa2cffba6	Freshen Debian packaging	2015-01-27 21:36:55 -08:00
Andrew Ayer	6b78ef0548	Add initial Debian packaging	2014-03-29 17:39:53 -07:00