You should not be using DES. You should not have been using DES for the
past 30 years.
The ed DES-CBC scheme lacked several desirable properties of a sealed
document system, even ignoring DES itself. In particular, it did not
provide the "integrity" cryptographic property (detection of tampering), and
it treated ASCII passwords as 64-bit keys (instead of using a KDF like
scrypt or PBKDF2).
Some general approaches ed(1) users might consider to replace the removed
DES mode:
1. Full disk encryption with something like AES-XTS. This is easy to
conceptualize, design, and implement, and it provides confidentiality for
data at rest. Like CBC, it lacks tampering protection. Examples include
GELI, LUKS, FileVault2.
2. Encrypted overlay ("stackable") filesystems (EncFS, PEFS?, CryptoFS,
others).
3. Native encryption at the filesystem layer. Ext4/F2FS, ZFS, APFS, and
NTFS all have some flavor of this.
4. Storing your files unencrypted. It's not like DES was doing you much
good.
If you have DES-CBC scrambled files produced by ed(1) prior to this change,
you may decrypt them with:
openssl des-cbc -d -iv 0 -K <key in hex> -in <inputfile> -out <plaintext>
Reviewed by: allanjude, bapt, emaste
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D17829
With this patch, ",n" is an abbreviation for "1,n", ";n" abbreviates
".;n". The "n," and "n;" variants mean "n,n" and "n;n", respectively.
Also, piping to a shell command does not count as a save, so don't reset
the modified flag.
Obtained from: OpenBSD (CVS Rev. 1.58, 1.59)
This self-written compiler warning, which is hopefully going to be
committed into LLVM sources soon, warns about potentially missing
`static' keywords, similar to -Wmissing-prototypes.
- bin/pax: Move external declaration of chdname and s_mask into extern.h.
- bin/setfacl: Move setfacl.c-specific stuff out of setfacl.h.
- sbin/mount_fusefs: Remove char *progname; use getprogname().
- others: add `static' where possible.
Although argc and argv are never read after the longjmp is complete,
gcc is not clever enough to see that and needlessly warns about it.
So add volatile to silence the compiler.
Approved by: ed (the co-mentor, not ed(1))
o Old-style K&R declarations have been converted to new C89 style
o register has been removed
o prototype for main() has been removed (gcc3 makes it an error)
o int main(int argc, char *argv[]) is the preferred main definition.
o Attempt to not break style(9) conformance for declarations more than
they already are.
o gc some #ifdef sun ... #endif code
Approved by: arch@, new style(9)
o Add consts where appropriate.
o Rename some variables that were shadowing global declarations.
o Remove register storage-classes.
o Make errmsg a const, so we can just set error messages instead
of using sprintf/strcpy.
o Set WARNS=2
Reviewed by: bde, des
which is also called from handle_hup(), uses stdio(3). Furthermore,
this means that calling exit(3) (via quit()) there is required to
flush the buffer write_file() was working on.
Submitted by: bde
error caused by the -1 being on the wrong side of the comparison.
This would not cause an overflow, as near as I can tell, because we
truncate later anyway. We'd just fail to get a diagnostic for 1024
and 1025 byte file names.
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
/usr/src/bin. Note that some patches are still needed in that directory.
I (Joerg) finished most of Philippe's cleanup. /bin/sh will still
need *allot* of work, however.
Submitted by: charnier@lirmm.fr (Philippe Charnier)
