diff options
| author |  Joey Hess <joey@kitenet.net> | 2013-09-07 18:38:00 -0400 |
|---|---|---|
| committer | Joey Hess <joey@kitenet.net> | 2013-09-07 18:38:00 -0400 |
| commit | eb259a74840fc7e4769a3ba3384b635b3b4ef5be (patch) | |
| tree | 3a4df1961af9e3e4b6c58efef1a99885e0a375ca /Git/GCrypt.hs | |
| parent | 98ae5c42b47c7acf47d8436fcd061b1fbc0d9796 (diff) | |
partially complete gcrypt remote (local send done; rest not)
This is a git-remote-gcrypt encrypted special remote. Only sending files
in to the remote works, and only for local repositories.
Most of the work so far has involved making initremote work. A particular
problem is that remote setup in this case needs to generate its own uuid,
derivied from the gcrypt-id. That required some larger changes in the code
to support.
For ssh remotes, this will probably just reuse Remote.Rsync's code, so
should be easy enough. And for downloading from a web remote, I will need
to factor out the part of Remote.Git that does that.
One particular thing that will need work is supporting hot-swapping a local
gcrypt remote. I think it needs to store the gcrypt-id in the git config of the
local remote, so that it can check it every time, and compare with the
cached annex-uuid for the remote. If there is a mismatch, it can change
both the cached annex-uuid and the gcrypt-id. That should work, and I laid
some groundwork for it by already reading the remote's config when it's
local. (Also needed for other reasons.)
This commit was sponsored by Daniel Callahan.
Diffstat (limited to 'Git/GCrypt.hs')
| -rw-r--r-- | Git/GCrypt.hs | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/Git/GCrypt.hs b/Git/GCrypt.hs index e22bd74a2..18d8fa771 100644 --- a/Git/GCrypt.hs +++ b/Git/GCrypt.hs @@ -44,23 +44,25 @@ encryptedRepo baserepo = go go _ = notencrypted notencrypted = error "not a gcrypt encrypted repository" +type RemoteName = String + {- gcrypt gives each encrypted repository a uique gcrypt-id, - which is stored in the repository (in encrypted form) - and cached in a per-remote gcrypt-id configuration setting. -} -remoteRepoId :: Repo -> Repo -> Maybe String +remoteRepoId :: Repo -> Maybe RemoteName -> Maybe String remoteRepoId = getRemoteConfig "gcrypt-id" -getRemoteConfig :: String -> Repo -> Repo -> Maybe String -getRemoteConfig field baserepo remote = do - name <- remoteName remote - Config.getMaybe (remoteConfigKey field name) baserepo +getRemoteConfig :: String -> Repo -> Maybe RemoteName -> Maybe String +getRemoteConfig field repo remotename = do + n <- remotename + Config.getMaybe (remoteConfigKey field n) repo {- Gpg keys that the remote is encrypted for. - If empty, gcrypt uses --default-recipient-self -} -particiantList :: Maybe Repo -> Repo -> Repo -> KeyIds -particiantList globalconfigrepo baserepo remote = KeyIds $ parse $ firstJust - [ getRemoteConfig "participants" baserepo remote - , Config.getMaybe defaultkey baserepo +getParticiantList :: Maybe Repo -> Repo -> Maybe RemoteName -> KeyIds +getParticiantList globalconfigrepo repo remotename = KeyIds $ parse $ firstJust + [ getRemoteConfig "gcrypt-participants" repo remotename + , Config.getMaybe defaultkey repo , Config.getMaybe defaultkey =<< globalconfigrepo ] where @@ -69,5 +71,8 @@ particiantList globalconfigrepo baserepo remote = KeyIds $ parse $ firstJust parse (Just l) = words l parse Nothing = [] -remoteConfigKey :: String -> String -> String -remoteConfigKey key field = "remote." ++ field ++ "." ++ key +remoteParticipantConfigKey :: RemoteName -> String +remoteParticipantConfigKey = remoteConfigKey "gcrypt-participants" + +remoteConfigKey :: String -> RemoteName -> String +remoteConfigKey key remotename = "remote." ++ remotename ++ "." ++ key |