diff options
| author |  Joey Hess <joeyh@joeyh.name> | 2016-05-23 17:03:20 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-05-23 17:03:20 -0400 |
| commit | d5f672ddd59b43cb9b1bac8f836864165c8931f2 (patch) | |
| tree | 6a020605b69d22252d2b9d619115326848a779c1 | |
| parent | 7e637c86630b65621d301afb174cd95efe567130 (diff) | |
Pass the various gnupg-options configs to gpg in several cases where they were not before.
Removed the instance LensGpgEncParams RemoteConfig because it encouraged
code that does not take the RemoteGitConfig into account.
RemoteType's setup was changed to take a RemoteGitConfig,
although the only place that is able to provide a non-empty one is
enableremote, when it's changing an existing remote. This led to several
folow-on changes, and got RemoteGitConfig plumbed through.
| -rw-r--r-- | Annex/SpecialRemote.hs | 2 | ||||
| -rw-r--r-- | Assistant/MakeRemote.hs | 6 | ||||
| -rw-r--r-- | Command/EnableRemote.hs | 10 | ||||
| -rw-r--r-- | Command/InitRemote.hs | 2 | ||||
| -rw-r--r-- | Creds.hs | 38 | ||||
| -rw-r--r-- | Crypto.hs | 41 | ||||
| -rw-r--r-- | Remote.hs | 6 | ||||
| -rw-r--r-- | Remote/Bup.hs | 4 | ||||
| -rw-r--r-- | Remote/Ddar.hs | 4 | ||||
| -rw-r--r-- | Remote/Directory.hs | 4 | ||||
| -rw-r--r-- | Remote/External.hs | 11 | ||||
| -rw-r--r-- | Remote/External/Types.hs | 7 | ||||
| -rw-r--r-- | Remote/GCrypt.hs | 4 | ||||
| -rw-r--r-- | Remote/Git.hs | 6 | ||||
| -rw-r--r-- | Remote/Glacier.hs | 38 | ||||
| -rw-r--r-- | Remote/Helper/Special.hs | 17 | ||||
| -rw-r--r-- | Remote/Hook.hs | 4 | ||||
| -rw-r--r-- | Remote/Rsync.hs | 4 | ||||
| -rw-r--r-- | Remote/S3.hs | 36 | ||||
| -rw-r--r-- | Remote/Tahoe.hs | 4 | ||||
| -rw-r--r-- | Remote/WebDAV.hs | 12 | ||||
| -rw-r--r-- | Types/Remote.hs | 2 | ||||
| -rw-r--r-- | debian/changelog | 2 |
23 files changed, 139 insertions, 125 deletions
diff --git a/Annex/SpecialRemote.hs b/Annex/SpecialRemote.hs index 8a2345830..02799db85 100644 --- a/Annex/SpecialRemote.hs +++ b/Annex/SpecialRemote.hs @@ -80,7 +80,7 @@ autoEnable = do case (M.lookup nameKey c, findType c) of (Just name, Right t) -> whenM (canenable u) $ do showSideAction $ "Auto enabling special remote " ++ name - res <- tryNonAsync $ setup t (Just u) Nothing c + res <- tryNonAsync $ setup t (Just u) Nothing c def case res of Left e -> warning (show e) Right _ -> return () diff --git a/Assistant/MakeRemote.hs b/Assistant/MakeRemote.hs index 8a70e30c2..a5972b0d8 100644 --- a/Assistant/MakeRemote.hs +++ b/Assistant/MakeRemote.hs @@ -101,8 +101,8 @@ setupSpecialRemote' setdesc name remotetype config mcreds (mu, c) = do - assistant, because otherwise GnuPG may block once the entropy - pool is drained, and as of now there's no way to tell the user - to perform IO actions to refill the pool. -} - (c', u) <- R.setup remotetype mu mcreds $ - M.insert "highRandomQuality" "false" $ M.union config c + let weakc = M.insert "highRandomQuality" "false" $ M.union config c + (c', u) <- R.setup remotetype mu mcreds weakc def configSet u c' when setdesc $ whenM (isNothing . M.lookup u <$> uuidMap) $ @@ -168,4 +168,4 @@ previouslyUsedCredPair getstorage remotetype criteria = sametype r = R.typename (R.remotetype r) == R.typename remotetype fromstorage r = do let storage = getstorage (R.uuid r) - getRemoteCredPair (R.config r) storage + getRemoteCredPair (R.config r) (R.gitconfig r) storage diff --git a/Command/EnableRemote.hs b/Command/EnableRemote.hs index 182527095..be20ea049 100644 --- a/Command/EnableRemote.hs +++ b/Command/EnableRemote.hs @@ -12,6 +12,7 @@ import qualified Logs.Remote import qualified Types.Remote as R import qualified Annex.SpecialRemote import qualified Remote +import qualified Types.Remote as Remote import Logs.UUID import qualified Data.Map as M @@ -43,7 +44,8 @@ start (name:ws) = go =<< Annex.SpecialRemote.findExisting name let fullconfig = config `M.union` c t <- either error return (Annex.SpecialRemote.findType fullconfig) showStart "enableremote" name - next $ perform t u fullconfig + gc <- maybe def Remote.gitconfig <$> Remote.byUUID u + next $ perform t u fullconfig gc unknownNameError :: String -> Annex a unknownNameError prefix = do @@ -56,9 +58,9 @@ unknownNameError prefix = do descm (M.keys m) error $ prefix ++ "\n" ++ msg -perform :: RemoteType -> UUID -> R.RemoteConfig -> CommandPerform -perform t u c = do - (c', u') <- R.setup t (Just u) Nothing c +perform :: RemoteType -> UUID -> R.RemoteConfig -> RemoteGitConfig -> CommandPerform +perform t u c gc = do + (c', u') <- R.setup t (Just u) Nothing c gc next $ cleanup u' c' cleanup :: UUID -> R.RemoteConfig -> CommandCleanup diff --git a/Command/InitRemote.hs b/Command/InitRemote.hs index 1f3d63dbd..05717bc60 100644 --- a/Command/InitRemote.hs +++ b/Command/InitRemote.hs @@ -46,7 +46,7 @@ start (name:ws) = ifM (isJust <$> findExisting name) perform :: RemoteType -> String -> R.RemoteConfig -> CommandPerform perform t name c = do - (c', u) <- R.setup t Nothing Nothing c + (c', u) <- R.setup t Nothing Nothing c def next $ cleanup u name c' cleanup :: UUID -> String -> R.RemoteConfig -> CommandCleanup @@ -52,33 +52,37 @@ data CredPairStorage = CredPairStorage - cipher. The EncryptionIsSetup phantom type ensures that is the case. -} setRemoteCredPair :: EncryptionIsSetup -> RemoteConfig -> CredPairStorage -> Maybe CredPair -> Annex RemoteConfig -setRemoteCredPair encsetup c storage Nothing = - maybe (return c) (setRemoteCredPair encsetup c storage . Just) - =<< getRemoteCredPair c storage -setRemoteCredPair _ c storage (Just creds) - | embedCreds c = case credPairRemoteKey storage of - Nothing -> localcache - Just key -> storeconfig key =<< remoteCipher =<< localcache - | otherwise = localcache +setRemoteCredPair encsetup c storage mcreds = case mcreds of + Nothing -> maybe (return c) (setRemoteCredPair encsetup c storage . Just) + =<< getRemoteCredPair c nogitconfig storage + Just creds + | embedCreds c -> case credPairRemoteKey storage of + Nothing -> localcache creds + Just key -> storeconfig creds key =<< remoteCipher =<< localcache creds + | otherwise -> localcache creds where - localcache = do + localcache creds = do writeCacheCredPair creds storage return c - storeconfig key (Just cipher) = do + storeconfig creds key (Just cipher) = do cmd <- gpgCmd <$> Annex.getGitConfig - s <- liftIO $ encrypt cmd (getGpgEncParams c) cipher + s <- liftIO $ encrypt cmd (c, nogitconfig) cipher (feedBytes $ L.pack $ encodeCredPair creds) (readBytes $ return . L.unpack) return $ M.insert key (toB64 s) c - storeconfig key Nothing = + storeconfig creds key Nothing = return $ M.insert key (toB64 $ encodeCredPair creds) c + -- This is used before a remote is set up typically, so + -- use a default RemoteGitConfig + nogitconfig :: RemoteGitConfig + nogitconfig = def {- Gets a remote's credpair, from the environment if set, otherwise - from the cache in gitAnnexCredsDir, or failing that, from the - value in RemoteConfig. -} -getRemoteCredPair :: RemoteConfig -> CredPairStorage -> Annex (Maybe CredPair) -getRemoteCredPair c storage = maybe fromcache (return . Just) =<< fromenv +getRemoteCredPair :: RemoteConfig -> RemoteGitConfig -> CredPairStorage -> Annex (Maybe CredPair) +getRemoteCredPair c gc storage = maybe fromcache (return . Just) =<< fromenv where fromenv = liftIO $ getEnvCredPair storage fromcache = maybe fromconfig (return . Just) =<< readCacheCredPair storage @@ -94,7 +98,7 @@ getRemoteCredPair c storage = maybe fromcache (return . Just) =<< fromenv Nothing -> return Nothing fromenccreds enccreds cipher storablecipher = do cmd <- gpgCmd <$> Annex.getGitConfig - mcreds <- liftIO $ catchMaybeIO $ decrypt cmd (getGpgDecParams c) cipher + mcreds <- liftIO $ catchMaybeIO $ decrypt cmd (c, gc) cipher (feedBytes $ L.pack $ fromB64 enccreds) (readBytes $ return . L.unpack) case mcreds of @@ -114,8 +118,8 @@ getRemoteCredPair c storage = maybe fromcache (return . Just) =<< fromenv return $ Just credpair _ -> error "bad creds" -getRemoteCredPairFor :: String -> RemoteConfig -> CredPairStorage -> Annex (Maybe CredPair) -getRemoteCredPairFor this c storage = go =<< getRemoteCredPair c storage +getRemoteCredPairFor :: String -> RemoteConfig -> RemoteGitConfig -> CredPairStorage -> Annex (Maybe CredPair) +getRemoteCredPairFor this c gc storage = go =<< getRemoteCredPair c gc storage where go Nothing = do warnMissingCredPairFor this storage @@ -28,8 +28,7 @@ module Crypto ( readBytes, encrypt, decrypt, - getGpgEncParams, - getGpgDecParams, + LensGpgEncParams(..), prop_HmacSha1WithCipher_sane ) where @@ -179,24 +178,24 @@ readBytes a h = liftIO (L.hGetContents h) >>= a {- Runs a Feeder action, that generates content that is symmetrically - encrypted with the Cipher (unless it is empty, in which case - public-key encryption is used) using the given gpg options, and then - - read by the Reader action. Note: For public-key encryption, - - recipients MUST be included in 'params' (for instance using - - 'getGpgEncParams'). -} -encrypt :: (MonadIO m, MonadMask m) => Gpg.GpgCmd -> [CommandParam] -> Cipher -> Feeder -> Reader m a -> m a -encrypt cmd params cipher = case cipher of + - read by the Reader action. -} +encrypt :: (MonadIO m, MonadMask m, LensGpgEncParams c) => Gpg.GpgCmd -> c -> Cipher -> Feeder -> Reader m a -> m a +encrypt cmd c cipher = case cipher of Cipher{} -> Gpg.feedRead cmd (params ++ Gpg.stdEncryptionParams True) $ cipherPassphrase cipher MacOnlyCipher{} -> Gpg.pipeLazy cmd $ params ++ Gpg.stdEncryptionParams False + where + params = getGpgEncParams c {- Runs a Feeder action, that generates content that is decrypted with the - Cipher (or using a private key if the Cipher is empty), and read by the - Reader action. -} -decrypt :: (MonadIO m, MonadMask m) => Gpg.GpgCmd -> [CommandParam] -> Cipher -> Feeder -> Reader m a -> m a -decrypt cmd params cipher = case cipher of +decrypt :: (MonadIO m, MonadMask m, LensGpgEncParams c) => Gpg.GpgCmd -> c -> Cipher -> Feeder -> Reader m a -> m a +decrypt cmd c cipher = case cipher of Cipher{} -> Gpg.feedRead cmd params' $ cipherPassphrase cipher MacOnlyCipher{} -> Gpg.pipeLazy cmd params' where - params' = Param "--decrypt" : params + params' = Param "--decrypt" : getGpgDecParams c macWithCipher :: Mac -> Cipher -> String -> String macWithCipher mac c = macWithCipher' mac (cipherMac c) @@ -218,20 +217,14 @@ class LensGpgEncParams a where {- Extract the GnuPG options from a pair of a Remote Config and a Remote - Git Config. -} instance LensGpgEncParams (RemoteConfig, RemoteGitConfig) where - getGpgEncParams (c,gc) = map Param (remoteAnnexGnupgOptions gc) ++ getGpgEncParams c - getGpgDecParams (c,gc) = map Param (remoteAnnexGnupgDecryptOptions gc) ++ getGpgDecParams c - -{- Extract the GnuPG options from a Remote Config, ignoring any - - git config settings. (Which is ok if the remote is just being set up - - and so doesn't have any.) -} -instance LensGpgEncParams RemoteConfig where - {- If the remote is configured to use public-key encryption, - - look up the recipient keys and add them to the option list. -} - getGpgEncParams c = case M.lookup "encryption" c of - Just "pubkey" -> Gpg.pkEncTo $ maybe [] (split ",") $ M.lookup "cipherkeys" c - Just "sharedpubkey" -> Gpg.pkEncTo $ maybe [] (split ",") $ M.lookup "pubkeys" c - _ -> [] - getGpgDecParams _ = [] + getGpgEncParams (c,gc) = map Param (remoteAnnexGnupgOptions gc) ++ + {- When the remote is configured to use public-key encryption, + - look up the recipient keys and add them to the option list. -} + case M.lookup "encryption" c of + Just "pubkey" -> Gpg.pkEncTo $ maybe [] (split ",") $ M.lookup "cipherkeys" c + Just "sharedpubkey" -> Gpg.pkEncTo $ maybe [] (split ",") $ M.lookup "pubkeys" c + _ -> [] + getGpgDecParams (_c,gc) = map Param (remoteAnnexGnupgDecryptOptions gc) {- Extract the GnuPG options from a Remote. -} instance LensGpgEncParams (RemoteA a) where @@ -31,6 +31,7 @@ module Remote ( byNameOrGroup, byNameOnly, byNameWithUUID, + byUUID, byCost, prettyPrintUUIDs, prettyPrintUUIDsDescs, @@ -98,6 +99,11 @@ addName desc n | desc == n || null desc = "[" ++ n ++ "]" | otherwise = desc ++ " [" ++ n ++ "]" +byUUID :: UUID -> Annex (Maybe Remote) +byUUID u = headMaybe . filter matching <$> remoteList + where + matching r = uuid r == u + {- When a name is specified, looks up the remote matching that name. - (Or it can be a UUID.) - diff --git a/Remote/Bup.hs b/Remote/Bup.hs index a481504a0..eda1950d3 100644 --- a/Remote/Bup.hs +++ b/Remote/Bup.hs @@ -90,8 +90,8 @@ gen r u c gc = do { chunkConfig = NoChunks } -bupSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -bupSetup mu _ c = do +bupSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +bupSetup mu _ c _ = do u <- maybe (liftIO genUUID) return mu -- verify configuration is sane diff --git a/Remote/Ddar.hs b/Remote/Ddar.hs index 8758949c9..3d0ad53b2 100644 --- a/Remote/Ddar.hs +++ b/Remote/Ddar.hs @@ -82,8 +82,8 @@ gen r u c gc = do { chunkConfig = NoChunks } -ddarSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -ddarSetup mu _ c = do +ddarSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +ddarSetup mu _ c _ = do u <- maybe (liftIO genUUID) return mu -- verify configuration is sane diff --git a/Remote/Directory.hs b/Remote/Directory.hs index 190008078..d7c5696a9 100644 --- a/Remote/Directory.hs +++ b/Remote/Directory.hs @@ -77,8 +77,8 @@ gen r u c gc = do where dir = fromMaybe (error "missing directory") $ remoteAnnexDirectory gc -directorySetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -directorySetup mu _ c = do +directorySetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +directorySetup mu _ c _ = do u <- maybe (liftIO genUUID) return mu -- verify configuration is sane let dir = fromMaybe (error "Specify directory=") $ diff --git a/Remote/External.hs b/Remote/External.hs index 54db82d1f..04834c78f 100644 --- a/Remote/External.hs +++ b/Remote/External.hs @@ -59,7 +59,7 @@ gen r u c gc Nothing Nothing | otherwise = do - external <- newExternal externaltype u c + external <- newExternal externaltype u c gc Annex.addCleanup (RemoteCleanup u) $ stopExternal external cst <- getCost external r gc avail <- getAvailability external r gc @@ -108,8 +108,8 @@ gen r u c gc rmt externaltype = fromMaybe (error "missing externaltype") (remoteAnnexExternalType gc) -externalSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -externalSetup mu _ c = do +externalSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +externalSetup mu _ c gc = do u <- maybe (liftIO genUUID) return mu let externaltype = fromMaybe (error "Specify externaltype=") $ M.lookup "externaltype" c @@ -120,7 +120,7 @@ externalSetup mu _ c = do setConfig (remoteConfig (fromJust (M.lookup "name" c)) "readonly") (boolConfig True) return c' _ -> do - external <- newExternal externaltype u c' + external <- newExternal externaltype u c' gc handleRequest external INITREMOTE Nothing $ \resp -> case resp of INITREMOTE_SUCCESS -> Just noop INITREMOTE_FAILURE errmsg -> Just $ error errmsg @@ -246,8 +246,9 @@ handleRequest' lck external req mp responsehandler void $ liftIO $ atomically $ swapTMVar (externalConfig external) c' handleRemoteRequest (GETCREDS setting) = do c <- liftIO $ atomically $ readTMVar $ externalConfig external + gc <- liftIO $ atomically $ readTMVar $ externalGitConfig external creds <- fromMaybe ("", "") <$> - getRemoteCredPair c (credstorage setting) + getRemoteCredPair c gc (credstorage setting) send $ CREDS (fst creds) (snd creds) handleRemoteRequest GETUUID = send $ VALUE $ fromUUID $ externalUUID external diff --git a/Remote/External/Types.hs b/Remote/External/Types.hs index 2ce498341..66a285535 100644 --- a/Remote/External/Types.hs +++ b/Remote/External/Types.hs @@ -54,15 +54,18 @@ data External = External , externalLock :: TMVar ExternalLock -- Never left empty. , externalConfig :: TMVar RemoteConfig + -- Never left empty. + , externalGitConfig :: TMVar RemoteGitConfig } -newExternal :: ExternalType -> UUID -> RemoteConfig -> Annex External -newExternal externaltype u c = liftIO $ External +newExternal :: ExternalType -> UUID -> RemoteConfig -> RemoteGitConfig -> Annex External +newExternal externaltype u c gc = liftIO $ External <$> pure externaltype <*> pure u <*> atomically newEmptyTMVar <*> atomically (newTMVar ExternalLock) <*> atomically (newTMVar c) + <*> atomically (newTMVar gc) type ExternalType = String diff --git a/Remote/GCrypt.hs b/Remote/GCrypt.hs index 38b85d91b..c35f17920 100644 --- a/Remote/GCrypt.hs +++ b/Remote/GCrypt.hs @@ -169,8 +169,8 @@ noCrypto = error "cannot use gcrypt remote without encryption enabled" unsupportedUrl :: a unsupportedUrl = error "using non-ssh remote repo url with gcrypt is not supported" -gCryptSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -gCryptSetup mu _ c = go $ M.lookup "gitrepo" c +gCryptSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +gCryptSetup mu _ c _ = go $ M.lookup "gitrepo" c where remotename = fromJust (M.lookup "name" c) go Nothing = error "Specify gitrepo=" diff --git a/Remote/Git.hs b/Remote/Git.hs index 627a6066b..0528f9f88 100644 --- a/Remote/Git.hs +++ b/Remote/Git.hs @@ -93,8 +93,8 @@ list autoinit = do - No attempt is made to make the remote be accessible via ssh key setup, - etc. -} -gitSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -gitSetup Nothing _ c = do +gitSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +gitSetup Nothing _ c _ = do let location = fromMaybe (error "Specify location=url") $ Url.parseURIRelaxed =<< M.lookup "location" c g <- Annex.gitRepo @@ -103,7 +103,7 @@ gitSetup Nothing _ c = do [] -> error "could not find existing git remote with specified location" _ -> error "found multiple git remotes with specified location" return (c, u) -gitSetup (Just u) _ c = do +gitSetup (Just u) _ c _ = do inRepo $ Git.Command.run [ Param "remote" , Param "add" diff --git a/Remote/Glacier.hs b/Remote/Glacier.hs index 6ba36ccd2..800b16875 100644 --- a/Remote/Glacier.hs +++ b/Remote/Glacier.hs @@ -78,17 +78,17 @@ gen r u c gc = new <$> remoteCost gc veryExpensiveRemoteCost { chunkConfig = NoChunks } -glacierSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -glacierSetup mu mcreds c = do +glacierSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +glacierSetup mu mcreds c gc = do u <- maybe (liftIO genUUID) return mu - glacierSetup' (isJust mu) u mcreds c -glacierSetup' :: Bool -> UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -glacierSetup' enabling u mcreds c = do + glacierSetup' (isJust mu) u mcreds c gc +glacierSetup' :: Bool -> UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +glacierSetup' enabling u mcreds c gc = do (c', encsetup) <- encryptionSetup c c'' <- setRemoteCredPair encsetup c' (AWS.creds u) mcreds let fullconfig = c'' `M.union` defaults unless enabling $ - genVault fullconfig u + genVault fullconfig gc u gitConfigSpecialRemote u fullconfig "glacier" "true" return (fullconfig, u) where @@ -110,9 +110,10 @@ nonEmpty k | otherwise = return True store :: Remote -> Key -> L.ByteString -> MeterUpdate -> Annex Bool -store r k b p = go =<< glacierEnv c u +store r k b p = go =<< glacierEnv c gc u where c = config r + gc = gitconfig r u = uuid r params = glacierParams c [ Param "archive" @@ -133,9 +134,10 @@ prepareRetrieve :: Remote -> Preparer Retriever prepareRetrieve = simplyPrepare . byteRetriever . retrieve retrieve :: Remote -> Key -> (L.ByteString -> Annex Bool) -> Annex Bool -retrieve r k sink = go =<< glacierEnv c u +retrieve r k sink = go =<< glacierEnv c gc u where c = config r + gc = gitconfig r u = uuid r params = glacierParams c [ Param "archive" @@ -178,7 +180,7 @@ remove r k = glacierAction r checkKey :: Remote -> CheckPresent checkKey r k = do showChecking r - go =<< glacierEnv (config r) (uuid r) + go =<< glacierEnv (config r) (gitconfig r) (uuid r) where go Nothing = error "cannot check glacier" go (Just e) = do @@ -207,10 +209,10 @@ checkKey r k = do ] glacierAction :: Remote -> [CommandParam] -> Annex Bool -glacierAction r = runGlacier (config r) (uuid r) +glacierAction r = runGlacier (config r) (gitconfig r) (uuid r) -runGlacier :: RemoteConfig -> UUID -> [CommandParam] -> Annex Bool -runGlacier c u params = go =<< glacierEnv c u +runGlacier :: RemoteConfig -> RemoteGitConfig -> UUID -> [CommandParam] -> Annex Bool +runGlacier c gc u params = go =<< glacierEnv c gc u where go Nothing = return False go (Just e) = liftIO $ @@ -223,10 +225,10 @@ glacierParams c params = datacenter:params fromMaybe (error "Missing datacenter configuration") (M.lookup "datacenter" c) -glacierEnv :: RemoteConfig -> UUID -> Annex (Maybe [(String, String)]) -glacierEnv c u = do +glacierEnv :: RemoteConfig -> RemoteGitConfig -> UUID -> Annex (Maybe [(String, String)]) +glacierEnv c gc u = do liftIO checkSaneGlacierCommand - go =<< getRemoteCredPairFor "glacier" c creds + go =<< getRemoteCredPairFor "glacier" c gc creds where go Nothing = return Nothing go (Just (user, pass)) = do @@ -245,8 +247,8 @@ archive r k = fileprefix ++ key2file k where fileprefix = M.findWithDefault "" "fileprefix" $ config r -genVault :: RemoteConfig -> UUID -> Annex () -genVault c u = unlessM (runGlacier c u params) $ +genVault :: RemoteConfig -> RemoteGitConfig -> UUID -> Annex () +genVault c gc u = unlessM (runGlacier c gc u params) $ error "Failed creating glacier vault." where params = @@ -266,7 +268,7 @@ genVault c u = unlessM (runGlacier c u params) $ - not supported. -} jobList :: Remote -> [Key] -> Annex ([Key], [Key]) -jobList r keys = go =<< glacierEnv (config r) (uuid r) +jobList r keys = go =<< glacierEnv (config r) (gitconfig r) (uuid r) where params = [ Param "job", Param "list" ] nada = ([], []) diff --git a/Remote/Helper/Special.hs b/Remote/Helper/Special.hs index cf0524dc4..48cf09867 100644 --- a/Remote/Helper/Special.hs +++ b/Remote/Helper/Special.hs @@ -178,8 +178,6 @@ specialRemote' cfg c preparestorer prepareretriever prepareremover preparecheckp } cip = cipherKey c isencrypted = isJust (extractCipher c) - gpgencopts = getGpgEncParams encr - gpgdecopts = getGpgDecParams encr safely a = catchNonAsync a (\e -> warning (show e) >> return False) @@ -201,7 +199,7 @@ specialRemote' cfg c preparestorer prepareretriever prepareremover preparecheckp storechunk (Just (cipher, enck)) storer k content p = do cmd <- gpgCmd <$> Annex.getGitConfig withBytes content $ \b -> - encrypt cmd gpgencopts cipher (feedBytes b) $ + encrypt cmd encr cipher (feedBytes b) $ readBytes $ \encb -> storer (enck k) (ByteContent encb) p @@ -211,7 +209,7 @@ specialRemote' cfg c preparestorer prepareretriever prepareremover preparecheckp where go (Just retriever) = displayprogress p k $ \p' -> retrieveChunks retriever (uuid baser) chunkconfig - enck k dest p' (sink dest enc gpgdecopts) + enck k dest p' (sink dest enc encr) go Nothing = return False enck = maybe id snd enc @@ -244,26 +242,27 @@ specialRemote' cfg c preparestorer prepareretriever prepareremover preparecheckp - into place. (And it may even already be in the right place..) -} sink - :: FilePath + :: LensGpgEncParams c + => FilePath -> Maybe (Cipher, EncKey) - -> [CommandParam] + -> c -> Maybe Handle -> Maybe MeterUpdate -> ContentSource -> Annex Bool -sink dest enc gpgdecopts mh mp content = do +sink dest enc c mh mp content = do case (enc, mh, content) of (Nothing, Nothing, FileContent f) | f == dest -> noop | otherwise -> liftIO $ moveFile f dest (Just (cipher, _), _, ByteContent b) -> do cmd <- gpgCmd <$> Annex.getGitConfig - decrypt cmd gpgdecopts cipher (feedBytes b) $ + decrypt cmd c cipher (feedBytes b) $ readBytes write (Just (cipher, _), _, FileContent f) -> do cmd <- gpgCmd <$> Annex.getGitConfig withBytes content $ \b -> - decrypt cmd gpgdecopts cipher (feedBytes b) $ + decrypt cmd c cipher (feedBytes b) $ readBytes write liftIO $ nukeFile f (Nothing, _, FileContent f) -> do diff --git a/Remote/Hook.hs b/Remote/Hook.hs index fb5afcadb..20f5e5164 100644 --- a/Remote/Hook.hs +++ b/Remote/Hook.hs @@ -70,8 +70,8 @@ gen r u c gc = do where hooktype = fromMaybe (error "missing hooktype") $ remoteAnnexHookType gc -hookSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -hookSetup mu _ c = do +hookSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +hookSetup mu _ c _ = do u <- maybe (liftIO genUUID) return mu let hooktype = fromMaybe (error "Specify hooktype=") $ M.lookup "hooktype" c diff --git a/Remote/Rsync.hs b/Remote/Rsync.hs index a0e30c7f7..28709bdab 100644 --- a/Remote/Rsync.hs +++ b/Remote/Rsync.hs @@ -137,8 +137,8 @@ rsyncTransport gc url loginopt = maybe [] (\l -> ["-l",l]) login fromNull as xs = if null xs then as else xs -rsyncSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -rsyncSetup mu _ c = do +rsyncSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +rsyncSetup mu _ c _ = do u <- maybe (liftIO genUUID) return mu -- verify configuration is sane let url = fromMaybe (error "Specify rsyncurl=") $ diff --git a/Remote/S3.hs b/Remote/S3.hs index 1635d22bb..cf662c3d1 100644 --- a/Remote/S3.hs +++ b/Remote/S3.hs @@ -99,12 +99,14 @@ gen r u c gc = do , checkUrl = Nothing } -s3Setup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -s3Setup mu mcreds c = do +s3Setup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +s3Setup mu mcreds c gc = do u <- maybe (liftIO genUUID) return mu - s3Setup' (isNothing mu) u mcreds c -s3Setup' :: Bool -> UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -s3Setup' new u mcreds c = if configIA c then archiveorg else defaulthost + s3Setup' (isNothing mu) u mcreds c gc +s3Setup' :: Bool -> UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +s3Setup' new u mcreds c gc + | configIA c = archiveorg + | otherwise = defaulthost where remotename = fromJust (M.lookup "name" c) defbucket = remotename ++ "-" ++ fromUUID u @@ -125,7 +127,7 @@ s3Setup' new u mcreds c = if configIA c then archiveorg else defaulthost c'' <- setRemoteCredPair encsetup c' (AWS.creds u) mcreds let fullconfig = c'' `M.union` defaults when new $ - genBucket fullconfig u + genBucket fullconfig gc u use fullconfig archiveorg = do @@ -146,7 +148,7 @@ s3Setup' new u mcreds c = if configIA c then archiveorg else defaulthost -- special constraints on key names M.insert "mungekeys" "ia" defaults info <- extractS3Info archiveconfig - withS3Handle archiveconfig u $ + withS3Handle archiveconfig gc u $ writeUUIDFile archiveconfig u info use archiveconfig @@ -154,12 +156,12 @@ s3Setup' new u mcreds c = if configIA c then archiveorg else defaulthost -- http connections to be reused across calls to the helper. prepareS3Handle :: Remote -> (S3Handle -> helper) -> Preparer helper prepareS3Handle r = resourcePrepare $ const $ - withS3Handle (config r) (uuid r) + withS3Handle (config r) (gitconfig r) (uuid r) -- Allows for read-only actions, which can be run without a S3Handle. prepareS3HandleMaybe :: Remote -> (Maybe S3Handle -> helper) -> Preparer helper prepareS3HandleMaybe r = resourcePrepare $ const $ - withS3HandleMaybe (config r) (uuid r) + withS3HandleMaybe (config r) (gitconfig r) (uuid r) store :: Remote -> S3Info -> S3Handle -> Storer store _r info h = fileStorer $ \k f p -> do @@ -311,11 +313,11 @@ checkKey r info Nothing k = case getpublicurl info of - so first check if the UUID file already exists and we can skip doing - anything. -} -genBucket :: RemoteConfig -> UUID -> Annex () -genBucket c u = do +genBucket :: RemoteConfig -> RemoteGitConfig -> UUID -> Annex () +genBucket c gc u = do showAction "checking bucket" info <- extractS3Info c - withS3Handle c u $ \h -> + withS3Handle c gc u $ \h -> go info h =<< checkUUIDFile c u info h where go _ _ (Right True) = noop @@ -408,16 +410,16 @@ sendS3Handle' -> ResourceT IO a sendS3Handle' h r = AWS.pureAws (hawscfg h) (hs3cfg h) (hmanager h) r -withS3Handle :: RemoteConfig -> UUID -> (S3Handle -> Annex a) -> Annex a -withS3Handle c u a = withS3HandleMaybe c u $ \mh -> case mh of +withS3Handle :: RemoteConfig -> RemoteGitConfig -> UUID -> (S3Handle -> Annex a) -> Annex a +withS3Handle c gc u a = withS3HandleMaybe c gc u $ \mh -> case mh of Just h -> a h Nothing -> do warnMissingCredPairFor "S3" (AWS.creds u) error "No S3 credentials configured" -withS3HandleMaybe :: RemoteConfig -> UUID -> (Maybe S3Handle -> Annex a) -> Annex a -withS3HandleMaybe c u a = do - mcreds <- getRemoteCredPair c (AWS.creds u) +withS3HandleMaybe :: RemoteConfig -> RemoteGitConfig -> UUID -> (Maybe S3Handle -> Annex a) -> Annex a +withS3HandleMaybe c gc u a = do + mcreds <- getRemoteCredPair c gc (AWS.creds u) case mcreds of Just creds -> do awscreds <- liftIO $ genCredentials creds diff --git a/Remote/Tahoe.hs b/Remote/Tahoe.hs index aff1aaee0..05b120d46 100644 --- a/Remote/Tahoe.hs +++ b/Remote/Tahoe.hs @@ -91,8 +91,8 @@ gen r u c gc = do , checkUrl = Nothing } -tahoeSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -tahoeSetup mu _ c = do +tahoeSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +tahoeSetup mu _ c _ = do furl <- fromMaybe (fromMaybe missingfurl $ M.lookup furlk c) <$> liftIO (getEnv "TAHOE_FURL") u <- maybe (liftIO genUUID) return mu diff --git a/Remote/WebDAV.hs b/Remote/WebDAV.hs index a135be466..08b1a5496 100644 --- a/Remote/WebDAV.hs +++ b/Remote/WebDAV.hs @@ -81,14 +81,14 @@ gen r u c gc = new <$> remoteCost gc expensiveRemoteCost } chunkconfig = getChunkConfig c -webdavSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> Annex (RemoteConfig, UUID) -webdavSetup mu mcreds c = do +webdavSetup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> Annex (RemoteConfig, UUID) +webdavSetup mu mcreds c gc = do u <- maybe (liftIO genUUID) return mu url <- case M.lookup "url" c of Nothing -> error "Specify url=" Just url -> return url (c', encsetup) <- encryptionSetup c - creds <- maybe (getCreds c' u) (return . Just) mcreds + creds <- maybe (getCreds c' gc u) (return . Just) mcreds testDav url creds gitConfigSpecialRemote u c' "webdav" "true" c'' <- setRemoteCredPair encsetup c' (davCreds u) creds @@ -234,8 +234,8 @@ mkColRecursive d = go =<< existsDAV d inLocation d mkCol ) -getCreds :: RemoteConfig -> UUID -> Annex (Maybe CredPair) -getCreds c u = getRemoteCredPairFor "webdav" c (davCreds u) +getCreds :: RemoteConfig -> RemoteGitConfig -> UUID -> Annex (Maybe CredPair) +getCreds c gc u = getRemoteCredPairFor "webdav" c gc (davCreds u) davCreds :: UUID -> CredPairStorage davCreds u = CredPairStorage @@ -291,7 +291,7 @@ data DavHandle = DavHandle DAVContext DavUser DavPass URLString withDAVHandle :: Remote -> (Maybe DavHandle -> Annex a) -> Annex a withDAVHandle r a = do - mcreds <- getCreds (config r) (uuid r) + mcreds <- getCreds (config r) (gitconfig r) (uuid r) case (mcreds, configUrl r) of (Just (user, pass), Just baseurl) -> withDAVContext baseurl $ \ctx -> diff --git a/Types/Remote.hs b/Types/Remote.hs index a39324163..dd4c7d2e5 100644 --- a/Types/Remote.hs +++ b/Types/Remote.hs @@ -50,7 +50,7 @@ data RemoteTypeA a = RemoteType { -- generates a remote of this type generate :: Git.Repo -> UUID -> RemoteConfig -> RemoteGitConfig -> a (Maybe (RemoteA a)), -- initializes or changes a remote - setup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> a (RemoteConfig, UUID) + setup :: Maybe UUID -> Maybe CredPair -> RemoteConfig -> RemoteGitConfig -> a (RemoteConfig, UUID) } instance Eq (RemoteTypeA a) where diff --git a/debian/changelog b/debian/changelog index 1c520cf5c..f5e8b0073 100644 --- a/debian/changelog +++ b/debian/changelog @@ -20,6 +20,8 @@ git-annex (6.20160512) UNRELEASED; urgency=medium * Fix crash when entering/changing view in a subdirectory of a repo that has a dotfile in its root. * Support building with ghc 8.0.1. + * Pass the various gnupg-options configs to gpg in several cases where + they were not before. -- Joey Hess <id@joeyh.name> Wed, 11 May 2016 16:08:38 -0400 |