diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-05-24 14:08:02 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-05-24 14:08:02 -0400 |
commit | da79965be64f26c5038b415cf90d28b9926f3e54 (patch) | |
tree | 04c4648d7f3e149f512331f0cfbc4fdf7ccb8e6b | |
parent | 8d2aea082e5a7981238bb6068ae5a2624e16028c (diff) |
initremote, enableremote: Support gpg subkeys suffixed with an exclamation mark, which forces gpg to use a specific subkey.
This commit was sponsored by Peter Hogg on Patreon.
-rw-r--r-- | CHANGELOG | 7 | ||||
-rw-r--r-- | Utility/Gpg.hs | 6 | ||||
-rw-r--r-- | doc/encryption/comment_10_6416ee43ffad1c306ef71247ae71a6c5._comment | 17 |
3 files changed, 29 insertions, 1 deletions
@@ -1,3 +1,10 @@ +git-annex (6.20170520) UNRELEASED; urgency=medium + + * initremote, enableremote: Support gpg subkeys suffixed with an + exclamation mark, which forces gpg to use a specific subkey. + + -- Joey Hess <id@joeyh.name> Wed, 24 May 2017 14:03:40 -0400 + git-annex (6.20170519) unstable; urgency=medium * Ssh password prompting improved when using -J for concurrency. diff --git a/Utility/Gpg.hs b/Utility/Gpg.hs index 336711b3f..c20be754f 100644 --- a/Utility/Gpg.hs +++ b/Utility/Gpg.hs @@ -157,7 +157,11 @@ pipeLazy (GpgCmd cmd) params feeder reader = do - a key id, or a name; See the section 'HOW TO SPECIFY A USER ID' of - GnuPG's manpage.) -} findPubKeys :: GpgCmd -> String -> IO KeyIds -findPubKeys cmd for = KeyIds . parse . lines <$> readStrict cmd params +findPubKeys cmd for + -- "subkey!" tells gpg to force use of a specific subkey, + -- so pass it through as-is rather than looking up the master key. + | "!" `isSuffixOf` for = return $ KeyIds [for] + | otherwise = KeyIds . parse . lines <$> readStrict cmd params where params = [Param "--with-colons", Param "--list-public-keys", Param for] parse = mapMaybe (keyIdField . splitc ':') diff --git a/doc/encryption/comment_10_6416ee43ffad1c306ef71247ae71a6c5._comment b/doc/encryption/comment_10_6416ee43ffad1c306ef71247ae71a6c5._comment new file mode 100644 index 000000000..ae2fb88a4 --- /dev/null +++ b/doc/encryption/comment_10_6416ee43ffad1c306ef71247ae71a6c5._comment @@ -0,0 +1,17 @@ +[[!comment format=mdwn + username="joey" + subject="""comment 10""" + date="2017-05-24T17:47:46Z" + content=""" +@Yurt, git-annex will let you specify the gpg key id using anything that gpg +accepts, including a keyid with a appended '!'. However, when I tried that, +gpg seemed to still pick the master key instead of the subkey. That +happens because git-annex runs the input through `gpg --list-public-keys` +(in order to convert eg, email addresses to key ids) +which always lists the master key even when given a subkey. + +I made a small change to git-annex to special case this '!' suffix +behavior. Seems to work in my very limited testing. + +Please file bug reports about this kind of thing! +"""]] |