summaryrefslogtreecommitdiff
path: root/Remote/Helper/Encryptable.hs
diff options
context:
space:
mode:
authorGravatar Joey Hess <joey@kitenet.net>2014-08-12 15:35:29 -0400
committerGravatar Joey Hess <joey@kitenet.net>2014-08-12 15:35:29 -0400
commitcc54ff9e49260cd94f938e69e926a273e231ef4e (patch)
tree18bac6a6b81d29d36999c2ae0f5f58156941671b /Remote/Helper/Encryptable.hs
parent5e8092f5ef4e835cce437954c8313079f0df0baa (diff)
S3, Glacier, WebDAV: Fix bug that prevented accessing the creds when the repository was configured with encryption=shared embedcreds=yes.
Since encryption=shared, the encryption key is stored in the git repo, so there is no point at all in encrypting the creds, also stored in the git repo with that key. So `initremote` doesn't. The creds are simply stored base-64 encoded. However, it then tried to always decrypt creds when encryption was used..
Diffstat (limited to 'Remote/Helper/Encryptable.hs')
-rw-r--r--Remote/Helper/Encryptable.hs9
1 files changed, 6 insertions, 3 deletions
diff --git a/Remote/Helper/Encryptable.hs b/Remote/Helper/Encryptable.hs
index dd032ce33..69216a793 100644
--- a/Remote/Helper/Encryptable.hs
+++ b/Remote/Helper/Encryptable.hs
@@ -71,18 +71,21 @@ encryptionSetup c = maybe genCipher updateCipher $ extractCipher c
{- Gets encryption Cipher. The decrypted Ciphers are cached in the Annex
- state. -}
remoteCipher :: RemoteConfig -> Annex (Maybe Cipher)
-remoteCipher c = go $ extractCipher c
+remoteCipher = fmap fst <$$> remoteCipher'
+
+remoteCipher' :: RemoteConfig -> Annex (Maybe (Cipher, StorableCipher))
+remoteCipher' c = go $ extractCipher c
where
go Nothing = return Nothing
go (Just encipher) = do
cache <- Annex.getState Annex.ciphers
case M.lookup encipher cache of
- Just cipher -> return $ Just cipher
+ Just cipher -> return $ Just (cipher, encipher)
Nothing -> do
showNote "gpg"
cipher <- liftIO $ decryptCipher encipher
Annex.changeState (\s -> s { Annex.ciphers = M.insert encipher cipher cache })
- return $ Just cipher
+ return $ Just (cipher, encipher)
{- Checks if the remote's config allows storing creds in the remote's config.
-