Re: Please test: scrypt 1.2.1a

[Graham Percival <gperciva@tarsnap.com>]

Hi Christoph,

Thanks for the reminder.  I added this to my user startup scripts on OSX:
    export CPPFLAGS="-I/usr/local/opt/openssl/include $CPPFLAGS"
    export LDFLAGS="-L/usr/local/opt/openssl/lib $LDFLAGS"
    export LDADD_EXTRA="-L/usr/local/opt/openssl/lib $LDFLAGS"

I'm not certain why homebrew doesn't set this up automatically.  :(
(other than LDADD_EXTRA, which is spiped-specific)


I'll double-check these lines and whether they should be in ~/.profile or
~/.bash_profile or ~/.bashrc, then add it to the README.md (or rather, some
file which gets included in the release tarball).

Cheers,
- Graham

On Tue, Jan 31, 2017 at 11:08:16PM +0100, Christoph Borsbach wrote:
> Hi Colin and all,
> thanks for the new features, some are most welcome (-P and -M especially). I
> tested only on macOS Sierra, no issues. 
> I had to use this trick though to get the configure-script to recognize the
> openssl headers installed by Homebrew:
> https://github.com/Tarsnap/scrypt/issues/20 
> 
> That aside, all is well. I guess most users install scrypt on macOS per
> Homebrew anyway. 
> 
> Thanks and take care,
> Christoph
> 
> 
> On Sat, Jan 28, 2017 at 02:48:36 -0800, Colin Percival wrote:
> > [Trying this again with an inline GPG signature due to list issues...]
> > 
> > Hi scrypt users and tarsnap alphatesters,
> > 
> > I've just uploaded a tarball which may be (modulo version number update)
> > release 1.2.1 of my scrypt file encryption utility.  When I announced
> > scrypt 1.2.0a here 18 months ago it turned out that it was broken on pretty
> > much every platform except FreeBSD, so I'm hoping you guys can test this and
> > make sure I haven't repeated that.
> > 
> > I'm asking the tarsnap alphatest list to test scrypt too, because a lot of
> > the changes in scrypt will be in the next tarsnap release -- so think of this
> > as a head start on alphatesting the next version of tarsnap.  As always, bug
> > reports will receive bug bounties; no need to wait for the bug to appear in a
> > tarsnap release.
> > 
> > You can download the scrypt code at
> >   http://www.tarsnap.com/scrypt/scrypt-1.2.1a.tgz
> > and the tarball has SHA256 hash
> >   f3094ecb54860b26108d0203e2dbb677c9fb60e96063be0a16d945f43c31a04c
> > .  You can also see the tree from which I rolled this almost-release at
> > https://github.com/Tarsnap/scrypt if you find it useful to crawl through
> > VCS history.
> > 
> > Significant changes since 1.2.0:
> > * A new -v option instructs scrypt to print the key derivation parameters
> > it has selected.
> > * A new --version option prints the version number of the scrypt utility.
> > * A new -P option make scrypt read the passphrase from standard input; this
> > is designed for scripts which pipe a passphrase in from elsewhere.
> > * A new -f option makes 'scrypt dec' ignore the amount of memory or CPU time
> > it thinks decrypting a file will take, and proceed anyway; this may be useful
> > in cases where scrypt's estimation is wrong.
> > * The '-M maxmem' option now accepts "humanized" inputs, e.g., "-M 1GB".
> > 
> > There are also a variety of less visible changes: Performance improvements
> > in the SHA256 routines, minor bug and compiler warning fixes, the addition
> > of a test suite, and some minor code reorganization.
> > 
> > Assuming nobody yells (or the yells are things I can fix quickly and easily)
> > I'll roll the official scrypt 1.2.1 release a week from now.
> > 
> > -- 
> > Colin Percival
> > Security Officer Emeritus, FreeBSD | The power to serve
> > Founder, Tarsnap | www.tarsnap.com | Online backups for the truly paranoid
> > 
> >