aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorSean Whitton <spwhitton@spwhitton.name>2016-07-04 03:18:48 -0700
committerSean Whitton <spwhitton@spwhitton.name>2016-07-04 03:18:48 -0700
commitc95cc86b0498e28926809d617f1100d9490bf4cb (patch)
treed47f4f5700c21c50054470d12c3645406dbd2de1
downloadgit-remote-gcrypt-c95cc86b0498e28926809d617f1100d9490bf4cb.tar.gz
Import git-remote-gcrypt_1.0.0.orig.tar.xz
[dgit import orig git-remote-gcrypt_1.0.0.orig.tar.xz]
-rw-r--r--.gitignore3
l---------CHANGELOG1
-rw-r--r--COPYING674
-rw-r--r--README.rst223
-rw-r--r--debian/changelog93
-rw-r--r--debian/compat1
-rw-r--r--debian/control23
-rw-r--r--debian/copyright17
-rw-r--r--debian/gbp.conf20
-rw-r--r--debian/links1
-rw-r--r--debian/patches/0001-Debianise-README.patch24
-rw-r--r--debian/patches/series1
-rwxr-xr-xdebian/rules11
-rw-r--r--debian/source/format1
-rw-r--r--debian/source/lintian-overrides2
-rwxr-xr-xgit-remote-gcrypt909
-rwxr-xr-xinstall.sh25
17 files changed, 2029 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..2395a05
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+/debian/files
+/debian/git-remote-gcrypt.substvars
+/debian/git-remote-gcrypt
diff --git a/CHANGELOG b/CHANGELOG
new file mode 120000
index 0000000..d526672
--- /dev/null
+++ b/CHANGELOG
@@ -0,0 +1 @@
+debian/changelog \ No newline at end of file
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..94a9ed0
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,674 @@
+ GNU GENERAL PUBLIC LICENSE
+ Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+ Preamble
+
+ The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+ The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works. By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users. We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors. You can apply it to
+your programs, too.
+
+ When we speak of free software, we are referring to freedom, not
+price. Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+ To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights. Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+ For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received. You must make sure that they, too, receive
+or can get the source code. And you must show them these terms so they
+know their rights.
+
+ Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+ For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software. For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+ Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so. This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software. The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable. Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products. If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+ Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary. To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+ The precise terms and conditions for copying, distribution and
+modification follow.
+
+ TERMS AND CONDITIONS
+
+ 0. Definitions.
+
+ "This License" refers to version 3 of the GNU General Public License.
+
+ "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+ "The Program" refers to any copyrightable work licensed under this
+License. Each licensee is addressed as "you". "Licensees" and
+"recipients" may be individuals or organizations.
+
+ To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy. The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+ A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+ To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy. Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+ To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies. Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+ An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License. If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+ 1. Source Code.
+
+ The "source code" for a work means the preferred form of the work
+for making modifications to it. "Object code" means any non-source
+form of a work.
+
+ A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+ The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form. A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+ The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities. However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work. For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+ The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+ The Corresponding Source for a work in source code form is that
+same work.
+
+ 2. Basic Permissions.
+
+ All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met. This License explicitly affirms your unlimited
+permission to run the unmodified Program. The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work. This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+ You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force. You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright. Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+ Conveying under any other circumstances is permitted solely under
+the conditions stated below. Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+ 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+ No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+ When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+ 4. Conveying Verbatim Copies.
+
+ You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+ You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+ 5. Conveying Modified Source Versions.
+
+ You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+ a) The work must carry prominent notices stating that you modified
+ it, and giving a relevant date.
+
+ b) The work must carry prominent notices stating that it is
+ released under this License and any conditions added under section
+ 7. This requirement modifies the requirement in section 4 to
+ "keep intact all notices".
+
+ c) You must license the entire work, as a whole, under this
+ License to anyone who comes into possession of a copy. This
+ License will therefore apply, along with any applicable section 7
+ additional terms, to the whole of the work, and all its parts,
+ regardless of how they are packaged. This License gives no
+ permission to license the work in any other way, but it does not
+ invalidate such permission if you have separately received it.
+
+ d) If the work has interactive user interfaces, each must display
+ Appropriate Legal Notices; however, if the Program has interactive
+ interfaces that do not display Appropriate Legal Notices, your
+ work need not make them do so.
+
+ A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit. Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+ 6. Conveying Non-Source Forms.
+
+ You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+ a) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by the
+ Corresponding Source fixed on a durable physical medium
+ customarily used for software interchange.
+
+ b) Convey the object code in, or embodied in, a physical product
+ (including a physical distribution medium), accompanied by a
+ written offer, valid for at least three years and valid for as
+ long as you offer spare parts or customer support for that product
+ model, to give anyone who possesses the object code either (1) a
+ copy of the Corresponding Source for all the software in the
+ product that is covered by this License, on a durable physical
+ medium customarily used for software interchange, for a price no
+ more than your reasonable cost of physically performing this
+ conveying of source, or (2) access to copy the
+ Corresponding Source from a network server at no charge.
+
+ c) Convey individual copies of the object code with a copy of the
+ written offer to provide the Corresponding Source. This
+ alternative is allowed only occasionally and noncommercially, and
+ only if you received the object code with such an offer, in accord
+ with subsection 6b.
+
+ d) Convey the object code by offering access from a designated
+ place (gratis or for a charge), and offer equivalent access to the
+ Corresponding Source in the same way through the same place at no
+ further charge. You need not require recipients to copy the
+ Corresponding Source along with the object code. If the place to
+ copy the object code is a network server, the Corresponding Source
+ may be on a different server (operated by you or a third party)
+ that supports equivalent copying facilities, provided you maintain
+ clear directions next to the object code saying where to find the
+ Corresponding Source. Regardless of what server hosts the
+ Corresponding Source, you remain obligated to ensure that it is
+ available for as long as needed to satisfy these requirements.
+
+ e) Convey the object code using peer-to-peer transmission, provided
+ you inform other peers where the object code and Corresponding
+ Source of the work are being offered to the general public at no
+ charge under subsection 6d.
+
+ A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+ A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling. In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage. For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product. A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+ "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source. The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+ If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information. But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+ The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed. Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+ Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+ 7. Additional Terms.
+
+ "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law. If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+ When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it. (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.) You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+ Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+ a) Disclaiming warranty or limiting liability differently from the
+ terms of sections 15 and 16 of this License; or
+
+ b) Requiring preservation of specified reasonable legal notices or
+ author attributions in that material or in the Appropriate Legal
+ Notices displayed by works containing it; or
+
+ c) Prohibiting misrepresentation of the origin of that material, or
+ requiring that modified versions of such material be marked in
+ reasonable ways as different from the original version; or
+
+ d) Limiting the use for publicity purposes of names of licensors or
+ authors of the material; or
+
+ e) Declining to grant rights under trademark law for use of some
+ trade names, trademarks, or service marks; or
+
+ f) Requiring indemnification of licensors and authors of that
+ material by anyone who conveys the material (or modified versions of
+ it) with contractual assumptions of liability to the recipient, for
+ any liability that these contractual assumptions directly impose on
+ those licensors and authors.
+
+ All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10. If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term. If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+ If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+ Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+ 8. Termination.
+
+ You may not propagate or modify a covered work except as expressly
+provided under this License. Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+ However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+ Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+ Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License. If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+ 9. Acceptance Not Required for Having Copies.
+
+ You are not required to accept this License in order to receive or
+run a copy of the Program. Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance. However,
+nothing other than this License grants you permission to propagate or
+modify any covered work. These actions infringe copyright if you do
+not accept this License. Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+ 10. Automatic Licensing of Downstream Recipients.
+
+ Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License. You are not responsible
+for enforcing compliance by third parties with this License.
+
+ An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations. If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+ You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License. For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+ 11. Patents.
+
+ A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based. The
+work thus licensed is called the contributor's "contributor version".
+
+ A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version. For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+ Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+ In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement). To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+ If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients. "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+ If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+ A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License. You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+ Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+ 12. No Surrender of Others' Freedom.
+
+ If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License. If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all. For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+ 13. Use with the GNU Affero General Public License.
+
+ Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work. The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+ 14. Revised Versions of this License.
+
+ The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time. Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+ Each version is given a distinguishing version number. If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation. If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+ If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+ Later license versions may give you additional or different
+permissions. However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+ 15. Disclaimer of Warranty.
+
+ THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+ 16. Limitation of Liability.
+
+ IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+ 17. Interpretation of Sections 15 and 16.
+
+ If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
+
+ If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+ To do so, attach the following notices to the program. It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+ <one line to give the program's name and a brief idea of what it does.>
+ Copyright (C) <year> <name of author>
+
+ This program is free software: you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation, either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+ If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+ <program> Copyright (C) <year> <name of author>
+ This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+ This is free software, and you are welcome to redistribute it
+ under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License. Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+ You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+<http://www.gnu.org/licenses/>.
+
+ The GNU General Public License does not permit incorporating your program
+into proprietary programs. If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library. If this is what you want to do, use the GNU Lesser General
+Public License instead of this License. But first, please read
+<http://www.gnu.org/philosophy/why-not-lgpl.html>.
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..b1ba991
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,223 @@
+=================
+git-remote-gcrypt
+=================
+
+--------------------------------------
+GNU Privacy Guard-encrypted git remote
+--------------------------------------
+
+:Manual section: 1
+
+Description
+===========
+
+Remote helper programs are invoked by git to handle network transport.
+This helper handles `gcrypt::` URLs that will access a remote repository
+encrypted with GPG, using our custom format.
+
+Supported locations are `local`, `rsync://` and `sftp://`, where the
+repository is stored as a set of files, or instead any `<giturl>` where
+gcrypt will store the same representation in a git repository, bridged
+over arbitrary git transport.
+
+The aim is to provide confidential, authenticated git storage and
+collaboration using typical untrusted file hosts or services.
+PLEASE help us evaluate how well we meet this design goal!
+
+Quickstart
+..........
+
+* Install ``git-remote-gcrypt`` by running the supplied ``install.sh`` script.
+
+* Create an encrypted remote by pushing to it::
+
+ git remote add cryptremote gcrypt::rsync://example.com:repo
+ git push cryptremote master
+ > gcrypt: Setting up new repository
+ > gcrypt: Remote ID is :id:7VigUnLVYVtZx8oir34R
+ > [ more lines .. ]
+ > To gcrypt::[...]
+ > * [new branch] master -> master
+
+Configuration
+=============
+
+The following ``git-config(1)`` variables are supported:
+
+``remote.<name>.gcrypt-participants``
+ ..
+``gcrypt.participants``
+ Space-separated list of GPG key identifiers. The remote is encrypted
+ to these participants and only signatures from these are accepted.
+ ``gpg -k`` lists all public keys you know.
+
+ If this option is not set, we encrypt to your default key and accept
+ any valid signature. This behavior can also be requested explicitly
+ by setting participants to ``simple``.
+
+ The ``gcrypt-participants`` setting on the remote takes precedence
+ over the repository variable ``gcrypt.participants``.
+
+``remote.<name>.gcrypt-publish-participants``
+ ..
+``gcrypt.publish-participants``
+ By default, the gpg key ids of the participants are obscured by
+ encrypting using `gpg -R`. Setting this option to `true` disables
+ that security measure.
+
+ The problem with using `gpg -R` is that to decrypt, gpg tries each
+ available secret key in turn until it finds a usable key.
+ This can result in unncessary passphrase prompts.
+
+``remote.<name>.gcrypt-signingkey``
+ ..
+``user.signingkey``
+ (The latter from regular git configuration) The key to use for signing.
+ You should set ``user.signingkey`` if your default signing key is not
+ part of the participant list. You may use the per-remote version
+ to sign different remotes using different keys.
+
+``gcrypt.gpg-args``
+ The contents of this setting are passed as arguments to gpg.
+ E.g. ``--use-agent``.
+
+Environment Variables
+=====================
+
+*GCRYPT_FULL_REPACK*
+ This environment variable forces full repack when pushing.
+
+Note to users of GnuPG version 2
+================================
+
+When a repository was pushed with ``gcrypt.publish-participants``
+false (i.e. the recipient is anonymous), and you are using GnuPG
+version 2, you will need to include ``--try-all-secrets`` or
+``--try-secret-key ID`` in ``gcrypt.gpg-args``.
+
+GnuPG version 1 always tries all available secret keys when it
+encounters a message with an anonymous recipient.
+
+Examples
+========
+
+How to set up a remote for two participants::
+
+ git remote add cryptremote gcrypt::rsync://example.com:repo
+ git config remote.cryptremote.gcrypt-participants "KEY1 KEY2"
+ git push cryptremote master
+
+How to use a git backend::
+
+ # notice that the target git repo must already exist and its
+ # `next` branch will be overwritten!
+ git remote add gitcrypt gcrypt::git@example.com:repo#next
+ git push gitcrypt master
+
+The URL fragment (`#next` here) indicates which backend branch is used.
+
+Notes
+=====
+
+Collaboration
+ The encryption of the manifest is updated for each push to match the
+ participant configuration. Each pushing user must have the public
+ keys of all collaborators and correct participant config.
+
+Dependencies
+ ``rsync`` and ``curl`` for remotes ``rsync:`` and ``sftp:``
+ respectively. The main executable requires a POSIX-compliant shell
+ that supports ``local``.
+
+GNU Privacy Guard
+ Both GPG 1.4 and 2 are supported. You need a personal GPG key. GPG
+ configuration applies to algorithm choices for public-key
+ encryption, symmetric encryption, and signing. See ``man gpg`` for
+ more information.
+
+Remote ID
+ The Remote ID is not secret; it only ensures that two repositories
+ signed by the same user can be distinguished. You will see
+ a warning if the Remote ID changes, which should only happen if the
+ remote was re-created.
+
+Repository Format
+.................
+
+| `EncSign(X):` Sign and Encrypt to GPG key holder
+| `Encrypt(K,X):` Encrypt using symmetric-key algorithm
+| `Hash(X):` SHA-2/256
+|
+| `B:` branch list
+| `L:` list of the hash (`Hi`) and key (`Ki`) for each packfile
+| `R:` Remote ID
+|
+| To write the repository:
+|
+| Store each packfile `P` as `Encrypt(Ki, P)` → `P'` in filename `Hi`
+| where `Ki` is a new random string and `Hash(P')` → `Hi`
+| Store `EncSign(B || L || R)` in the manifest
+|
+| To read the repository:
+|
+| Get manifest, decrypt and verify using GPG keyring → `(B, L, R)`
+| Warn if `R` does not match previously seen Remote ID
+| for each `Hi, Ki` in `L`:
+| Get file `Hi` from the server → `P'`
+| Verify `Hash(P')` matches `Hi`
+| Decrypt `P'` using `Ki` → `P` then open `P` with git
+
+Manifest file
+.............
+
+Example manifest file (with ellipsis for brevity)::
+
+ $ gpg -d 91bd0c092128cf2e60e1a608c31e92caf1f9c1595f83f2890ef17c0e4881aa0a
+ 542051c7cd152644e4995bda63cc3ddffd635958 refs/heads/next
+ 3c9e76484c7596eff70b21cbe58408b2774bedad refs/heads/master
+ pack :SHA256:f2ad50316...cd4ba67092dc4 z8YoAnFpMlW...3PkI2mND49P1qm
+ pack :SHA256:a6e17bb4c...426492f379584 82+k2cbiUn7...dgXfyX6wXGpvVa
+ keep :SHA256:f2ad50316...cd4ba67092dc4 1
+ repo :id:OYiSleGirtLubEVqJpFF
+
+Each item extends until newline, and matches one of the following:
+
+``<sha-1> <gitref>``
+ Git object id and its ref
+
+``pack :<hashtype>:<hash> <key>``
+ Packfile hash (`Hi`) and corresponding symmetric key (`Ki`).
+
+``keep :<hashtype>:<hash> <generation>``
+ Packfile hash and its repack generation
+
+``repo <id>``
+ The remote id
+
+``extn <name> ...``
+ Extension field, preserved but unused.
+
+Detecting gcrypt repos
+======================
+
+To detect if a git url is a gcrypt repo, use: git-remote-gcrypt --check url
+Exit status if 0 if the repo exists and can be decrypted, 1 if the repo
+uses gcrypt but could not be decrypted, and 100 if the repo is not
+encrypted with gcrypt (or could not be accessed).
+
+Note that this has to fetch the repo contents into the local git
+repository, the same as is done when using a gcrypt repo.
+
+See Also
+========
+
+git-remote-helpers(1), gpg(1)
+
+License
+=======
+
+This document and git-remote-gcrypt are licensed under identical terms,
+GPL-3 (or 2+), see the git-remote-gcrypt file.
+
+.. this document generates a man page with rst2man
+.. vim: ft=rst tw=72 sts=4
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..880d7c1
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,93 @@
+git-remote-gcrypt (1.0.0-1) unstable; urgency=medium
+
+ Upstream:
+ * Taking over as upstream maintainer.
+ * Remove notice about repository format potentially changing.
+ * Implement gcrypt.gpg-args git config setting (Closes: #771011).
+ * Respect git config gpg.program if configured.
+ Thanks Christian Amsüss. (Closes: #827943)
+ * Don't reset the remote ID when a gcrypt remote is not available.
+ Thanks Sebastian Reuße. (Closes: #827943)
+ * Suppress bogus warning about keyid matching multiple fingerprints.
+ Based on work by Raphaël Droz.
+ Closes https://github.com/joeyh/git-remote-gcrypt/pull/2
+ * Add "Note to users of GnuPG version 2" section to README.rst.
+ See https://github.com/joeyh/git-remote-gcrypt/pull/1
+
+ Debian packaging:
+ * Drop patch containing changes by Joey Hess: incorporated in release.
+ - Update d/copyright accordingly.
+ * Patch README.rst to remove references to installation.
+ * Add d/links to avoid duplicate changelogs Lintian warning.
+ * Drop Lintian override of no-upstream-changelog.
+ * Update URIs in old changelog entries.
+ * Add a comment to d/source/lintian-overrides.
+ * Bump standards version to 3.9.8 (no changes required).
+
+ -- Sean Whitton <spwhitton@spwhitton.name> Mon, 04 Jul 2016 19:18:48 +0900
+
+git-remote-gcrypt (0.20130908-8) unstable; urgency=medium
+
+ * Adopt git-remote-gcrypt package (Closes: #771020).
+ * Install man page using rst2man, rather than just installing README.rst
+ (Closes: #725455).
+ * Add Vcs-Git: & Vcs-Browser: pointing at my repository.
+ * Switch dpkg-source format to 3.0 (quilt).
+ * Move changes by Joey Hess into a quilt patch.
+ Update debian/copyright accordingly.
+ * Bump Standards-Version.
+ * Add debian/gbp.conf.
+ * Override Lintian tags no-upstream-changelog & debian-watch-file-is-missing.
+
+ -- Sean Whitton <spwhitton@spwhitton.name> Thu, 07 Jan 2016 11:03:01 -0700
+
+git-remote-gcrypt (0.20130908-7) unstable; urgency=medium
+
+ * Added gcrypt.publish-participants configuration setting.
+
+ -- Joey Hess <joeyh@debian.org> Tue, 15 Jul 2014 17:40:22 -0400
+
+git-remote-gcrypt (0.20130908-6) unstable; urgency=medium
+
+ * Fix to work when there is no controlling terminal, but GPG_AGENT_INFO
+ is set. Pass --no-tty to gpg in this situation. This is needed
+ to interoperate with the git-annex assistant, which often runs without
+ a controlling terminal, and will in a new version always do so.
+
+ -- Joey Hess <joeyh@debian.org> Thu, 15 May 2014 14:35:03 -0400
+
+git-remote-gcrypt (0.20130908-5) unstable; urgency=low
+
+ * Better signature validation for subkeys.
+ Closes https://github.com/bluss/git-remote-gcrypt/pull/7
+ * Stop passing --fast-list to gpg as this sometimes causes it to not
+ display key fingerprints, which git-remote-gcrpyt needs.
+ Closes https://github.com/bluss/git-remote-gcrypt/issues/8
+
+ -- Joey Hess <joeyh@debian.org> Thu, 26 Sep 2013 15:58:52 -0400
+
+git-remote-gcrypt (0.20130908-4) unstable; urgency=low
+
+ * Added --check option.
+
+ -- Joey Hess <joeyh@debian.org> Thu, 19 Sep 2013 12:10:24 -0400
+
+git-remote-gcrypt (0.20130908-3) unstable; urgency=low
+
+ * Add remote.<name>.gcrypt-signingkey config.
+
+ -- Joey Hess <joeyh@debian.org> Tue, 17 Sep 2013 15:33:35 -0400
+
+git-remote-gcrypt (0.20130908-2) unstable; urgency=low
+
+ * Set --trust-model=always when encrypting.
+ Needed to interoperate with git-annex.
+ Closes https://github.com/bluss/git-remote-gcrypt/issues/3
+
+ -- Joey Hess <joeyh@debian.org> Mon, 16 Sep 2013 15:49:16 -0400
+
+git-remote-gcrypt (0.20130908-1) unstable; urgency=low
+
+ * Initial release.
+
+ -- Joey Hess <joeyh@debian.org> Sun, 08 Sep 2013 20:08:23 -0400
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..6e1410b
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,23 @@
+Source: git-remote-gcrypt
+Section: vcs
+Priority: optional
+Build-Depends: debhelper (>= 9), python-docutils (>= 0.12+dfsg)
+Maintainer: Sean Whitton <spwhitton@spwhitton.name>
+Standards-Version: 3.9.8
+Homepage: https://github.com/bluss/git-remote-gcrypt
+Vcs-Git: https://git.spwhitton.name/git-remote-gcrypt
+Vcs-Browser: https://git.spwhitton.name/?p=git-remote-gcrypt.git;a=summary
+
+Package: git-remote-gcrypt
+Architecture: all
+Depends: git, gnupg | gnupg2, ${misc:Depends}
+Recommends: rsync, curl
+Description: encrypted git repositories
+ This lets git store git repositories in encrypted form.
+ It supports storing repositories on rsync or sftp servers.
+ It can also store the encrypted git repository inside a remote git
+ repository. All the regular git commands like git push and git pull
+ can be used to operate on such an encrypted repository.
+ .
+ The aim is to provide confidential, authenticated git storage and
+ collaboration using typical untrusted file hosts or services.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..c5497b4
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,17 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Source: https://git.spwhitton.name/git-remote-gcrypt
+
+Files: *
+Copyright: (C) 2013 engla
+ (C) 2013, 2014 Joey Hess <id@joeyh.name>
+ (C) 2016 Sean Whitton and contributors
+License: GPL-2+
+
+Files: debian/*
+Copyright: (C) 2015-2016 Sean Whitton <spwhitton@spwhitton.name>
+ (C) 2013, 2014 Joey Hess <id@joeyh.name>
+License: GPL-2+
+
+License: GPL-2+
+ On Debian systems, the complete text of the GPL-2 can be found in
+ /usr/share/common-licenses/GPL-2.
diff --git a/debian/gbp.conf b/debian/gbp.conf
new file mode 100644
index 0000000..ff9c2ec
--- /dev/null
+++ b/debian/gbp.conf
@@ -0,0 +1,20 @@
+[DEFAULT]
+
+# Debian package maintainer is upstream project maintainer, so
+# everything lives on the master branch (from ver. 1.0.0-1 onwards)
+upstream-branch = master
+debian-branch = master
+# However, separate tags (e.g. one commit tagged both 1.0.0 and
+# debian/1.0.0-1) because git-remote-gcrypt is meant to be usable
+# outside of Debian
+upstream-tag = %(version)s
+debian-tag = debian/%(version)s
+
+# Some standard gbp settings
+sign-tags = True
+pristine-tar = True
+pristine-tar-commit = True
+
+color = on
+compression = xz
+compression-level = 9
diff --git a/debian/links b/debian/links
new file mode 100644
index 0000000..d61fdf7
--- /dev/null
+++ b/debian/links
@@ -0,0 +1 @@
+/usr/share/doc/git-remote-gcrypt/changelog /usr/share/doc/git-remote-gcrypt/changelog.Debian
diff --git a/debian/patches/0001-Debianise-README.patch b/debian/patches/0001-Debianise-README.patch
new file mode 100644
index 0000000..e011664
--- /dev/null
+++ b/debian/patches/0001-Debianise-README.patch
@@ -0,0 +1,24 @@
+From: Sean Whitton <spwhitton@spwhitton.name>
+Date: Sun, 17 Jan 2016 22:47:52 -0700
+Subject: Debianise-README
+
+Remove reference to installation.
+---
+ README.rst | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/README.rst b/README.rst
+index 148abad..19a9d9d 100644
+--- a/README.rst
++++ b/README.rst
+@@ -27,9 +27,7 @@ PLEASE help us evaluate how well we meet this design goal!
+ Quickstart
+ ..........
+
+-* Install ``git-remote-gcrypt`` by running the supplied ``install.sh`` script.
+-
+-* Create an encrypted remote by pushing to it::
++Create an encrypted remote by pushing to it::
+
+ git remote add cryptremote gcrypt::rsync://example.com:repo
+ git push cryptremote master
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..93971b0
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-Debianise-README.patch
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..26ba625
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,11 @@
+#!/usr/bin/make -f
+%:
+ dh $@
+
+override_dh_auto_build:
+ true
+override_dh_auto_clean:
+ true
+
+override_dh_auto_install:
+ prefix=/usr DESTDIR=debian/git-remote-gcrypt ./install.sh
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..163aaf8
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (quilt)
diff --git a/debian/source/lintian-overrides b/debian/source/lintian-overrides
new file mode 100644
index 0000000..43e41b2
--- /dev/null
+++ b/debian/source/lintian-overrides
@@ -0,0 +1,2 @@
+# upstream maintainer is Debian maintainer
+debian-watch-file-is-missing
diff --git a/git-remote-gcrypt b/git-remote-gcrypt
new file mode 100755
index 0000000..61fed76
--- /dev/null
+++ b/git-remote-gcrypt
@@ -0,0 +1,909 @@
+#!/bin/sh
+#
+# git-remote-gcrypt
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) version 2 or any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+# See README.rst for usage instructions
+
+set -e # errexit
+set -f # noglob
+set -C # noclobber
+
+export GITCEPTION="${GITCEPTION:-}+" # Reuse $Gref except when stacked
+Gref="refs/gcrypt/gitception$GITCEPTION"
+Gref_rbranch="refs/heads/master"
+Packkey_bytes=63 # nbr random bytes for packfile keys, any >= 256 bit is ok
+Hashtype=SHA256 # SHA512 SHA384 SHA256 SHA224 supported.
+Manifestfile=91bd0c092128cf2e60e1a608c31e92caf1f9c1595f83f2890ef17c0e4881aa0a
+Hex40="[a-f0-9]"
+Hex40=$Hex40$Hex40$Hex40$Hex40$Hex40$Hex40$Hex40$Hex40
+Hex40=$Hex40$Hex40$Hex40$Hex40$Hex40 # Match SHA-1 hexdigest
+GPG="$(git config --get "gpg.program" '.+' || echo gpg)"
+
+Did_find_repo= # yes for connected, no for no repo
+Localdir="${GIT_DIR:=.git}/remote-gcrypt"
+Tempdir=
+
+Repoid=
+Refslist=
+Packlist=
+Keeplist=
+Extnlist=
+Repack_limit=25
+
+Recipients=
+
+# compat/utility functions
+# xfeed: The most basic output function puts $1 into the stdin of $2..$#
+xfeed()
+{
+ local input_=
+ input_=$1; shift
+ "$@" <<EOF
+$input_
+EOF
+}
+xecho() { xfeed "$*" cat; }
+xecho_n() { xecho "$@" | tr -d \\n ; } # kill newlines
+echo_git() { xecho "$@" ; } # Code clarity
+echo_info() { xecho "gcrypt:" "$@" >&2; }
+echo_die() { echo_info "$@" ; exit 1; }
+
+isnull() { case "$1" in "") return 0;; *) return 1;; esac; }
+isnonnull() { ! isnull "$1"; }
+iseq() { case "$1" in "$2") return 0;; *) return 1;; esac; }
+isnoteq() { ! iseq "$1" "$2"; }
+negate() { ! "$@"; }
+
+# Execute $@ or die
+pipefail()
+{
+ "$@" || { echo_info "'$1' failed!"; kill $$; exit 1; }
+}
+
+isurl() { isnull "${2%%$1://*}"; }
+islocalrepo() { isnull "${1##/*}" && [ ! -e "$1/HEAD" ]; }
+
+xgrep() { command grep "$@" || : ; }
+
+# setvar is used for named return variables
+# $1 *must* be a valid variable name, $2 is any value
+#
+# Conventions
+# return variable names are passed with a @ prefix
+# return variable functions use f_ prefix local vars
+# return var consumers use r_ prefix vars (or Titlecase globals)
+setvar()
+{
+ isnull "${1##@*}" || echo_die "Missing @ for return variable: $1"
+ eval ${1#@}=\$2
+}
+
+Newline="
+"
+
+# $1 is return var, $2 is value appended with newline separator
+append_to()
+{
+ local f_append_tmp_=
+ eval f_append_tmp_=\$${1#@}
+ isnull "$f_append_tmp_" || f_append_tmp_=$f_append_tmp_$Newline
+ setvar "$1" "$f_append_tmp_$2"
+}
+
+# Pick words from each line
+# $1 return variable name
+# $2 input value
+pick_fields_1_2()
+{
+ local f_ret= f_one= f_two=
+ while read f_one f_two _ # from << here-document
+ do
+ f_ret="$f_ret$f_one $f_two$Newline"
+ done <<EOF
+$2
+EOF
+ setvar "$1" "${f_ret#$Newline}"
+}
+
+# Take all lines matching $2 (full line)
+# $1 return variable name
+# $2 filter word
+# $3 input value
+# if $1 is a literal `!', the match is reversed (and arguments shift)
+# we instead remove all lines matching
+filter_to()
+{
+ local f_neg= f_line= f_ret= IFS=
+ isnoteq "$1" "!" || { f_neg=negate; shift; }
+ IFS=$Newline
+ for f_line in $3
+ do
+ $f_neg isnonnull "${f_line##$2}" || f_ret=$f_ret$f_line$Newline
+ done
+ setvar "$1" "${f_ret%$Newline}"
+}
+
+# Output the number of lines in $1
+line_count()
+{
+ local IFS=
+ IFS=$Newline
+ set -- $1
+ xecho "$#"
+}
+
+
+## gitception part
+# Fetch giturl $1, file $2
+gitception_get()
+{
+ # Take care to preserve FETCH_HEAD
+ local ret_=: obj_id= fet_head="$GIT_DIR/FETCH_HEAD"
+ [ -e "$fet_head" ] && command mv -f "$fet_head" "$fet_head.$$~" || :
+ git fetch -q -f "$1" "$Gref_rbranch:$Gref" >/dev/null &&
+ obj_id="$(git ls-tree "$Gref" | xgrep -E '\b'"$2"'$' | awk '{print $3}')" &&
+ isnonnull "$obj_id" && git cat-file blob "$obj_id" && ret_=: ||
+ { ret_=false && : ; }
+ [ -e "$fet_head.$$~" ] && command mv -f "$fet_head.$$~" "$fet_head" || :
+ $ret_
+}
+
+anon_commit()
+{
+ GIT_AUTHOR_NAME="root" GIT_AUTHOR_EMAIL="root@localhost" \
+ GIT_AUTHOR_DATE="1356994801 -0400" GIT_COMMITTER_NAME="root" \
+ GIT_COMMITTER_EMAIL="root@localhost" \
+ GIT_COMMITTER_DATE="1356994801 -0400" \
+ git commit-tree "$@" <<EOF
+Initial commit
+EOF
+}
+
+# Get 'tree' from $1, change file $2 to obj id $3
+update_tree()
+{
+ local tab_=" "
+ # $2 is a filename from the repo format
+ (set +e;
+ git ls-tree "$1" | xgrep -v -E '\b'"$2"'$';
+ xecho "100644 blob $3$tab_$2"
+ ) | git mktree
+}
+
+# Put giturl $1, file $2
+# depends on previous GET to set $Gref and depends on PUT_FINAL later
+gitception_put()
+{
+ local obj_id= tree_id= commit_id=
+ obj_id=$(git hash-object -w --stdin) &&
+ tree_id=$(update_tree "$Gref" "$2" "$obj_id") &&
+ commit_id=$(anon_commit "$tree_id") &&
+ git update-ref "$Gref" "$commit_id"
+}
+
+# Remove giturl $1, file $2
+# depends on previous GET like put
+gitception_remove()
+{
+ local tree_id= commit_id= tab_=" "
+ # $2 is a filename from the repo format
+ tree_id=$(git ls-tree "$Gref" | xgrep -v -E '\b'"$2"'$' | git mktree) &&
+ commit_id=$(anon_commit "$tree_id") &&
+ git update-ref "$Gref" "$commit_id"
+}
+
+gitception_new_repo()
+{
+ local commit_id= empty_tree=4b825dc642cb6eb9a060e54bf8d69288fbee4904
+ # get any file to update Gref, and if it's not updated we create empty
+ git update-ref -d "$Gref" || :
+ gitception_get "$1" "x" 2>/dev/null >&2 || :
+ git rev-parse -q --verify "$Gref" >/dev/null && return 0 ||
+ commit_id=$(anon_commit "$empty_tree") &&
+ git update-ref "$Gref" "$commit_id"
+}
+## end gitception
+
+# Fetch repo $1, file $2, tmpfile in $3
+GET()
+{
+ if isurl sftp "$1"
+ then
+ (exec 0>&-; curl -s -S -k "$1/$2") > "$3"
+ elif isurl rsync "$1"
+ then
+ (exec 0>&-; rsync -I -W "${1#rsync://}"/"$2" "$3" >&2)
+ elif islocalrepo "$1"
+ then
+ cat "$1/$2" > "$3"
+ else
+ gitception_get "${1#gitception://}" "$2" > "$3"
+ fi
+}
+
+# Put repo $1, file $2 or fail, tmpfile in $3
+PUT()
+{
+ if isurl sftp "$1"
+ then
+ curl -s -S -k --ftp-create-dirs -T "$3" "$1/$2"
+ elif isurl rsync "$1"
+ then
+ rsync -I -W "$3" "${1#rsync://}"/"$2" >&2
+ elif islocalrepo "$1"
+ then
+ cat >| "$1/$2" < "$3"
+ else
+ gitception_put "${1#gitception://}" "$2" < "$3"
+ fi
+}
+
+# Put all PUT changes for repo $1 at once
+PUT_FINAL()
+{
+ if isurl sftp "$1" || islocalrepo "$1" || isurl rsync "$1"
+ then
+ :
+ else
+ git push --quiet -f "${1#gitception://}" "$Gref:$Gref_rbranch"
+ fi
+}
+
+# Put directory for repo $1
+PUTREPO()
+{
+ if isurl sftp "$1"
+ then
+ :
+ elif isurl rsync "$1"
+ then
+ rsync -q -r --exclude='*' "$Localdir/" "${1#rsync://}" >&2
+ elif islocalrepo "$1"
+ then
+ mkdir -p "$1"
+ else
+ gitception_new_repo "${1#gitception://}"
+ fi
+}
+
+# For repo $1, delete all newline-separated files in $2
+REMOVE()
+{
+ local fn_=
+ if isurl sftp "$1"
+ then
+ # FIXME
+ echo_info "sftp: Ignore remove request $1/$2"
+ elif isurl rsync "$1"
+ then
+ xfeed "$2" rsync -I -W -v -r --delete --include-from=- \
+ --exclude='*' "$Localdir"/ "${1#rsync://}/" >&2
+ elif islocalrepo "$1"
+ then
+ for fn_ in $2; do
+ rm -f "$1"/"$fn_"
+ done
+ else
+ for fn_ in $2; do
+ gitception_remove "${1#gitception://}" "$fn_"
+ done
+ fi
+}
+
+CLEAN_FINAL()
+{
+ if isurl sftp "$1" || islocalrepo "$1" || isurl rsync "$1"
+ then
+ :
+ else
+ git update-ref -d "$Gref" || :
+ fi
+}
+
+ENCRYPT()
+{
+ rungpg --batch --force-mdc --compress-algo none --trust-model=always --passphrase-fd 3 -c 3<<EOF
+$1
+EOF
+}
+
+DECRYPT()
+{
+ rungpg -q --batch --no-default-keyring --secret-keyring /dev/null \
+ --keyring /dev/null --passphrase-fd 3 -d 3<<EOF
+$1
+EOF
+}
+
+# Encrypt to recipients $1
+PRIVENCRYPT()
+{
+ set -- $1
+ if isnonnull "$Conf_signkey"; then
+ set -- "$@" -u "$Conf_signkey"
+ fi
+ rungpg --compress-algo none --trust-model=always -se "$@"
+}
+
+# $1 is the match for good signature, $2 is the textual signers list
+PRIVDECRYPT()
+{
+ local status_=
+ exec 4>&1 &&
+ status_=$(rungpg --status-fd 3 -q -d 3>&1 1>&4) &&
+ xfeed "$status_" grep "^\[GNUPG:\] ENC_TO " >/dev/null &&
+ (xfeed "$status_" grep -e "$1" >/dev/null || {
+ echo_info "Failed to verify manifest signature!" &&
+ echo_info "Only accepting signatories: ${2:-(none)}" &&
+ return 1
+ })
+}
+
+# Generate $1 random bytes
+genkey()
+{
+ rungpg --armor --gen-rand 1 "$1"
+}
+
+gpg_hash()
+{
+ local hash_=
+ hash_=$(rungpg --with-colons --print-md "$1" | tr A-F a-f)
+ hash_=${hash_#:*:}
+ xecho "${hash_%:}"
+}
+
+rungpg()
+{
+ if isnonnull "$Conf_gpg_args"; then
+ set -- "$Conf_gpg_args" "$@"
+ fi
+ # gpg will fail to run when there is no controlling tty,
+ # due to trying to print messages to it, even if a gpg agent is set
+ # up. --no-tty fixes this.
+ if [ "x$GPG_AGENT_INFO" != "x" ]; then
+ ${GPG} --no-tty "$@"
+ else
+ ${GPG} "$@"
+ fi
+}
+
+# Pass the branch/ref by pipe to git
+safe_git_rev_parse()
+{
+ git cat-file --batch-check 2>/dev/null |
+ xgrep -v "missing" | cut -f 1 -d ' '
+}
+
+make_new_repo()
+{
+ echo_info "Setting up new repository"
+ PUTREPO "$URL"
+
+ # Needed assumption: the same user should have no duplicate Repoid
+ Repoid=":id:$(genkey 15)"
+ iseq "${NAME#gcrypt::}" "$URL" ||
+ git config "remote.$NAME.gcrypt-id" "$Repoid"
+ echo_info "Remote ID is $Repoid"
+ Extnlist="extn comment"
+}
+
+
+# $1 return var for goodsig match, $2 return var for signers text
+read_config()
+{
+ local recp_= r_tail= r_keyinfo= r_keyfpr= gpg_list= cap_= conf_part= good_sig= signers_=
+ Conf_signkey=$(git config --get "remote.$NAME.gcrypt-signingkey" '.+' ||
+ git config --path user.signingkey || :)
+ conf_part=$(git config --get "remote.$NAME.gcrypt-participants" '.+' ||
+ git config --get gcrypt.participants '.+' || :)
+ Conf_pubish_participants=$(git config --get --bool "remote.$NAME.gcrypt-publish-participants" '.+' ||
+ git config --get --bool gcrypt.publish-participants || :)
+ Conf_gpg_args=$(git config --get gcrypt.gpg-args '.+' || :)
+
+ # Figure out which keys we should encrypt to or accept signatures from
+ if isnull "$conf_part" || iseq "$conf_part" simple
+ then
+ signers_="(default keyring)"
+ Recipients="--throw-keyids --default-recipient-self"
+ good_sig="^\[GNUPG:\] GOODSIG "
+ setvar "$1" "$good_sig"
+ setvar "$2" "$signers_"
+ return 0
+ fi
+
+ for recp_ in $conf_part
+ do
+ gpg_list=$(rungpg --with-colons --fingerprint -k "$recp_")
+ r_tail_=$(echo "$recp_" | sed -e 's/^0x//')
+ filter_to @r_keyinfo "pub*" "$gpg_list"
+ if echo "$recp_" | grep -E -q '^[xA-F0-9]+$'; then # is $recp_ a keyid?
+ filter_to @r_keyfpr "fpr*$r_tail_*" "$gpg_list"
+ else
+ filter_to @r_keyfpr "fpr*" "$gpg_list"
+ fi
+ isnull "$r_keyinfo" || isnonnull "${r_keyinfo##*"$Newline"*}" ||
+ echo_info "WARNING: '$recp_' matches multiple keys, using one"
+ isnull "$r_keyfpr" || isnonnull "${r_keyfpr##*"$Newline"*}" ||
+ echo_info "WARNING: '$recp_' matches multiple fingerprints, using one"
+ r_keyinfo=${r_keyinfo%%"$Newline"*}
+ r_keyfpr=${r_keyfpr%%"$Newline"*}
+ keyid_=$(xfeed "$r_keyinfo" cut -f 5 -d :)
+ fprid_=$(xfeed "$r_keyfpr" cut -f 10 -d :)
+
+ isnonnull "$fprid_" &&
+ signers_="$signers_ $keyid_" &&
+ append_to @good_sig "^\[GNUPG:\] VALIDSIG .*$fprid_$" || {
+ echo_info "WARNING: Skipping missing key $recp_"
+ continue
+ }
+ # Check 'E'ncrypt capability
+ cap_=$(xfeed "$r_keyinfo" cut -f 12 -d :)
+ if ! iseq "${cap_#*E}" "$cap_"; then
+ if [ "$Conf_pubish_participants" = true ]; then
+ Recipients="$Recipients -r $keyid_"
+ else
+ Recipients="$Recipients -R $keyid_"
+ fi
+ fi
+ done
+
+ if isnull "$Recipients"
+ then
+ echo_info "You have not configured any keys you can encrypt to" \
+ "for this repository"
+ echo_info "Use ::"
+ echo_info " git config gcrypt.participants YOURKEYID"
+ exit 1
+ fi
+ setvar "$1" "$good_sig"
+ setvar "$2" "$signers_"
+}
+
+ensure_connected()
+{
+ local manifest_= r_repoid= r_name= url_frag= r_sigmatch= r_signers= \
+ tmp_manifest=
+
+ if isnonnull "$Did_find_repo"
+ then
+ return
+ fi
+ Did_find_repo=no
+ read_config @r_sigmatch @r_signers
+
+ iseq "${NAME#gcrypt::}" "$URL" || r_name=$NAME
+
+ if isurl gitception "$URL" && isnonnull "$r_name"; then
+ git config "remote.$r_name.url" "gcrypt::${URL#gitception://}"
+ echo_info "Updated URL for $r_name, gitception:// -> ()"
+ fi
+
+ # Find the URL fragment
+ url_frag=${URL##*"#"}
+ isnoteq "$url_frag" "$URL" || url_frag=
+ URL=${URL%"#$url_frag"}
+
+ # manifestfile -- sha224 hash if we can, else the default location
+ if isurl sftp "$URL" || islocalrepo "$URL" || isurl rsync "$URL"
+ then
+ # not for gitception
+ isnull "$url_frag" ||
+ Manifestfile=$(xecho_n "$url_frag" | gpg_hash SHA224)
+ else
+ isnull "$url_frag" || Gref_rbranch="refs/heads/$url_frag"
+ fi
+
+ Repoid=
+ isnull "$r_name" ||
+ Repoid=$(git config "remote.$r_name.gcrypt-id" || :)
+
+
+ tmp_manifest="$Tempdir/maniF"
+ GET "$URL" "$Manifestfile" "$tmp_manifest" 2>/dev/null || {
+ echo_info "Repository not found: $URL"
+ if ! isnull "$Repoid"; then
+ echo_info "..but repository ID is set. Aborting."
+ return 1
+ else
+ return 0
+ fi
+ }
+
+ Did_find_repo=yes
+ echo_info "Decrypting manifest"
+ manifest_=$(PRIVDECRYPT "$r_sigmatch" "$r_signers" < "$tmp_manifest") &&
+ isnonnull "$manifest_" ||
+ echo_die "Failed to decrypt manifest!"
+ rm -f "$tmp_manifest"
+
+ filter_to @Refslist "$Hex40 *" "$manifest_"
+ filter_to @Packlist "pack :*:* *" "$manifest_"
+ filter_to @Keeplist "keep :*:*" "$manifest_"
+ filter_to @Extnlist "extn *" "$manifest_"
+ filter_to @r_repoid "repo *" "$manifest_"
+
+ r_repoid=${r_repoid#repo }
+ r_repoid=${r_repoid% *}
+ if isnull "$Repoid"
+ then
+ echo_info "Remote ID is $r_repoid"
+ Repoid=$r_repoid
+ elif isnoteq "$r_repoid" "$Repoid"
+ then
+ echo_info "WARNING:"
+ echo_info "WARNING: Remote ID has changed!"
+ echo_info "WARNING: from $Repoid"
+ echo_info "WARNING: to $r_repoid"
+ echo_info "WARNING:"
+ Repoid=$r_repoid
+ else
+ return 0
+ fi
+
+ isnull "$r_name" || git config "remote.$r_name.gcrypt-id" "$r_repoid"
+}
+
+# $1 is the hash type (SHA256 etc)
+# $2 the pack id
+# $3 the key
+get_verify_decrypt_pack()
+{
+ local rcv_id= tmp_encrypted=
+ tmp_encrypted="$Tempdir/packF"
+ GET "$URL" "$2" "$tmp_encrypted" &&
+ rcv_id=$(gpg_hash "$1" < "$tmp_encrypted") &&
+ iseq "$rcv_id" "$2" || echo_die "Packfile $2 does not match digest!"
+ DECRYPT "$3" < "$tmp_encrypted"
+ rm -f "$tmp_encrypted"
+}
+
+# download all packlines (pack :SHA256:a32abc1231) from stdin (or die)
+# $1 destdir (when repack, else "")
+get_pack_files()
+{
+ local pack_id= r_pack_key_line= htype_= pack_= key_=
+ while IFS=': ' read -r _ htype_ pack_ # <<here-document
+ do
+ isnonnull "$pack_" || continue
+
+ # Get the Packlist line with the key
+ pack_id=":${htype_}:$pack_"
+ filter_to @r_pack_key_line "pack $pack_id *" "$Packlist"
+ key_=${r_pack_key_line#pack $pack_id }
+
+ if isnonnull "${pack_##$Hex40*}" ||
+ isnoteq "$htype_" SHA256 && isnoteq "$htype_" SHA224 &&
+ isnoteq "$htype_" SHA384 && isnoteq "$htype_" SHA512
+ then
+ echo_die "Packline malformed: $pack_id"
+ fi
+
+ get_verify_decrypt_pack "$htype_" "$pack_" "$key_" | \
+ if isnull "${1:-}"
+ then
+ # add to local pack list
+ git index-pack -v --stdin >/dev/null
+ xecho "pack $pack_id" >> "$Localdir/have_packs$GITCEPTION"
+ else
+ git index-pack -v --stdin "$1/${pack_}.pack" >/dev/null
+ fi
+ done
+}
+
+# Download and unpack remote packfiles
+# $1 return var for list of packfiles to delete
+repack_if_needed()
+{
+ local n_= m_= kline_= r_line= r_keep_packlist= r_del_list=
+
+ isnonnull "$Packlist" || return 0
+
+ if isnonnull "${GCRYPT_FULL_REPACK:-}"
+ then
+ Keeplist=
+ Repack_limit=0
+ fi
+
+ pick_fields_1_2 @r_del_list "$Packlist"
+
+ n_=$(line_count "$Packlist")
+ m_=$(line_count "$Keeplist")
+ if iseq 0 "$(( $Repack_limit < ($n_ - $m_) ))"; then
+ return
+ fi
+ echo_info "Repacking remote $NAME, ..."
+
+ mkdir "$Tempdir/pack"
+
+ # Split packages to keep and to repack
+ if isnonnull "$Keeplist"; then
+ while read -r _ kline_ _ # <<here-document
+ do
+ isnonnull "$kline_" || continue
+ filter_to @r_line "pack $kline_ *" "$Packlist"
+ append_to @r_keep_packlist "$r_line"
+ filter_to ! @r_del_list "pack $kline_" "$r_del_list"
+ done <<EOF
+$Keeplist
+EOF
+ fi
+
+ xfeed "$r_del_list" get_pack_files "$Tempdir/pack/"
+
+ (set +f; pipefail git verify-pack -v "$Tempdir"/pack/*.idx) |
+ grep -E '^[0-9a-f]{40}' | cut -f 1 -d ' '
+
+ Packlist=$r_keep_packlist
+ setvar "$1" "$r_del_list"
+}
+
+do_capabilities()
+{
+ echo_git fetch
+ echo_git push
+ echo_git
+}
+
+do_list()
+{
+ local obj_id= ref_name= line_=
+ ensure_connected
+
+ xecho "$Refslist" | while read line_
+ do
+ isnonnull "$line_" || break
+ obj_id=${line_%% *}
+ ref_name=${line_##* }
+ echo_git "$obj_id" "$ref_name"
+ if iseq "$ref_name" "refs/heads/master"
+ then
+ echo_git "@refs/heads/master HEAD"
+ fi
+ done
+
+ # end with blank line
+ echo_git
+}
+
+do_fetch()
+{
+ # Download packs in the manifest that don't appear in have_packs
+ local pneed_= premote_=
+
+ ensure_connected
+
+ # The `+` for $GITCEPTION is pointless but we will be safe for stacking
+ pick_fields_1_2 @premote_ "$Packlist"
+ if [ -s "$Localdir/have_packs+" ]
+ then
+ pneed_=$(xfeed "$premote_" xgrep -v -x -f "$Localdir/have_packs+")
+ else
+ pneed_=$premote_
+ fi
+
+ xfeed "$pneed_" get_pack_files
+
+ echo_git # end with blank line
+}
+
+# do_push PUSHARGS (multiple lines like +src:dst, with both + and src opt.)
+do_push()
+{
+ # Security protocol:
+ # Each git packfile is encrypted and then named for the encrypted
+ # file's hash. The manifest is updated with the pack id.
+ # The manifest is encrypted.
+ local r_revlist= pack_id= key_= obj_= src_= dst_= \
+ r_pack_delete= tmp_encrypted= tmp_objlist= tmp_manifest=
+
+ ensure_connected
+
+ if iseq "$Did_find_repo" "no"
+ then
+ make_new_repo
+ fi
+
+ if isnonnull "$Refslist"
+ then
+ # mark all remote refs with ^<sha-1> (if sha-1 exists locally)
+ r_revlist=$(xfeed "$Refslist" cut -f 1 -d ' ' |
+ safe_git_rev_parse | sed -e 's/^\(.\)/^&/')
+ fi
+
+ while IFS=: read -r src_ dst_ # << +src:dst
+ do
+ src_=${src_#+}
+ filter_to ! @Refslist "$Hex40 $dst_" "$Refslist"
+
+ if isnonnull "$src_"
+ then
+ append_to @r_revlist "$src_"
+ obj_=$(xfeed "$src_" safe_git_rev_parse)
+ append_to @Refslist "$obj_ $dst_"
+ fi
+ done <<EOF
+$1
+EOF
+
+ tmp_encrypted="$Tempdir/packP"
+ tmp_objlist="$Tempdir/objlP"
+
+ {
+ xfeed "$r_revlist" git rev-list --objects --stdin --
+ repack_if_needed @r_pack_delete
+ } > "$tmp_objlist"
+
+ # Only send pack if we have any objects to send
+ if [ -s "$tmp_objlist" ]
+ then
+ key_=$(genkey "$Packkey_bytes")
+ pack_id=$(export GIT_ALTERNATE_OBJECT_DIRECTORIES=$Tempdir;
+ pipefail git pack-objects --stdout < "$tmp_objlist" |
+ pipefail ENCRYPT "$key_" |
+ tee "$tmp_encrypted" | gpg_hash "$Hashtype")
+
+ append_to @Packlist "pack :${Hashtype}:$pack_id $key_"
+ if isnonnull "$r_pack_delete"
+ then
+ append_to @Keeplist "keep :${Hashtype}:$pack_id 1"
+ fi
+ fi
+
+ # Generate manifest
+ echo_info "Encrypting to: $Recipients"
+ echo_info "Requesting manifest signature"
+
+ tmp_manifest="$Tempdir/maniP"
+ PRIVENCRYPT "$Recipients" > "$tmp_manifest" <<EOF
+$Refslist
+$Packlist
+$Keeplist
+repo $Repoid
+$Extnlist
+EOF
+
+ # Upload pack
+ if [ -s "$tmp_objlist" ]
+ then
+ PUT "$URL" "$pack_id" "$tmp_encrypted"
+ fi
+
+ # Upload manifest
+ PUT "$URL" "$Manifestfile" "$tmp_manifest"
+
+ rm -f "$tmp_encrypted"
+ rm -f "$tmp_objlist"
+ rm -f "$tmp_manifest"
+
+ # Delete packs
+ if isnonnull "$r_pack_delete"; then
+ REMOVE "$URL" "$(xecho "$r_pack_delete" | \
+ while IFS=': ' read -r _ _ pack_
+ do
+ isnonnull "$pack_" || continue
+ xecho "$pack_"
+ done)"
+ fi
+
+ PUT_FINAL "$URL"
+
+ # ok all updates
+ while IFS=: read -r src_ dst_ # << +src:dst
+ do
+ echo_git "ok $dst_"
+ done <<EOF
+$1
+EOF
+
+ echo_git
+}
+
+cleanup_tmpfiles()
+{
+ if isnonnull "${Tempdir%%*."$$"}"; then
+ echo_die "Unexpected Tempdir value: $Tempdir"
+ fi
+ rm -r -f -- "${Tempdir}" >&2
+}
+
+setup()
+{
+ mkdir -p "$Localdir"
+
+ # Set up a subdirectory in /tmp
+ temp_key=$(genkey 9 | tr '/' _)
+ Tempdir="${TMPDIR:-/tmp}/git-remote-gcrypt-${temp_key}.$$"
+ mkdir -m 700 "${Tempdir}"
+
+ trap cleanup_tmpfiles EXIT
+ trap 'exit 1' 1 2 3 15
+}
+
+# handle git-remote-helpers protocol
+gcrypt_main_loop()
+{
+ local input_= input_inner= r_args= temp_key=
+
+ NAME=$1 # Remote name
+ URL=$2 # Remote URL
+
+ setup
+
+ while read input_
+ do
+ case "$input_" in
+ capabilities)
+ do_capabilities
+ ;;
+ list|list\ for-push)
+ do_list
+ ;;
+ fetch\ *)
+ r_args=${input_##fetch }
+ while read input_inner
+ do
+ case "$input_inner" in
+ fetch*)
+ r_args= #ignored
+ ;;
+ *)
+ break
+ ;;
+ esac
+ done
+ do_fetch "$r_args"
+ ;;
+ push\ *)
+ r_args=${input_##push }
+ while read input_inner
+ do
+ case "$input_inner" in
+ push\ *)
+ append_to @r_args "${input_inner#push }"
+ ;;
+ *)
+ break
+ ;;
+ esac
+ done
+ do_push "$r_args"
+ ;;
+ ?*)
+ echo_die "Unknown input!"
+ ;;
+ *)
+ CLEAN_FINAL "$URL"
+ exit 0
+ ;;
+ esac
+ done
+}
+
+if [ "x$1" = x--check ]
+then
+ NAME=dummy-gcrypt-check
+ URL=$2
+ setup
+ ensure_connected
+ git remote remove $NAME 2>/dev/null || true
+ if iseq "$Did_find_repo" "no"
+ then
+ exit 100
+ fi
+else
+ gcrypt_main_loop "$@"
+fi
diff --git a/install.sh b/install.sh
new file mode 100755
index 0000000..d84f31e
--- /dev/null
+++ b/install.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+set -e
+
+: ${prefix:=/usr/local}
+: ${DESTDIR:=}
+
+verbose() { echo "$@" >&2 && "$@"; }
+install_v()
+{
+ # Install $1 into $2/ with mode $3
+ verbose install -d "$2" &&
+ verbose install -m "$3" "$1" "$2"
+}
+
+install_v git-remote-gcrypt "$DESTDIR$prefix/bin" 755
+
+if command -v rst2man >/dev/null
+then
+ trap 'rm -f git-remote-gcrypt.1.gz' EXIT
+ verbose rst2man ./README.rst | gzip -9 > git-remote-gcrypt.1.gz
+ install_v git-remote-gcrypt.1.gz "$DESTDIR$prefix/share/man/man1" 644
+else
+ echo "'rst2man' not found, man page not installed" >&2
+fi