summaryrefslogtreecommitdiff
path: root/Remote/Helper
diff options
context:
space:
mode:
authorGravatar Joey Hess <joeyh@joeyh.name>2015-03-04 11:16:03 -0400
committerGravatar Joey Hess <joeyh@joeyh.name>2015-03-04 12:54:30 -0400
commit05697fe62116181511084a2eba28c5220e8a0363 (patch)
tree6965f56f5648d6dfa6c5e7d6e31e32eb3975b073 /Remote/Helper
parent0c3570844cf60428808d01a73c808e4f7232f082 (diff)
metadata: Fix encoding problem that led to mojibake when storing metadata strings that contained both unicode characters and a space (or '!') character.
The fix is to stop using w82s, which does not properly reconstitute unicode strings. Instrad, use utf8 bytestring to get the [Word8] to base64. This passes unicode through perfectly, including any invalid filesystem encoded characters. Note that toB64 / fromB64 are also used for creds and cipher embedding. It would be unfortunate if this change broke those uses. For cipher embedding, note that ciphers can contain arbitrary bytes (should really be using ByteString.Char8 there). Testing indicated it's not safe to use the new fromB64 there; I think that characters were incorrectly combined. For credpair embedding, the username or password could contain unicode. Before, that unicode would fail to round-trip through the b64. So, I guess this is not going to break any embedded creds that worked before. This bug may have affected some creds before, and if so, this change will not fix old ones, but should fix new ones at least.
Diffstat (limited to 'Remote/Helper')
-rw-r--r--Remote/Helper/Encryptable.hs24
1 files changed, 18 insertions, 6 deletions
diff --git a/Remote/Helper/Encryptable.hs b/Remote/Helper/Encryptable.hs
index c1243a518..2c1935ba9 100644
--- a/Remote/Helper/Encryptable.hs
+++ b/Remote/Helper/Encryptable.hs
@@ -20,13 +20,14 @@ module Remote.Helper.Encryptable (
) where
import qualified Data.Map as M
+import qualified "dataenc" Codec.Binary.Base64 as B64
+import Data.Bits.Utils
import Common.Annex
import Types.Remote
import Crypto
import Types.Crypto
import qualified Annex
-import Utility.Base64
-- Used to ensure that encryption has been set up before trying to
-- eg, store creds in the remote config that would need to use the
@@ -137,9 +138,9 @@ cipherKey c = fmap make <$> remoteCipher c
{- Stores an StorableCipher in a remote's configuration. -}
storeCipher :: RemoteConfig -> StorableCipher -> RemoteConfig
-storeCipher c (SharedCipher t) = M.insert "cipher" (toB64 t) c
+storeCipher c (SharedCipher t) = M.insert "cipher" (toB64bs t) c
storeCipher c (EncryptedCipher t _ ks) =
- M.insert "cipher" (toB64 t) $ M.insert "cipherkeys" (showkeys ks) c
+ M.insert "cipher" (toB64bs t) $ M.insert "cipherkeys" (showkeys ks) c
where
showkeys (KeyIds l) = intercalate "," l
@@ -149,11 +150,11 @@ extractCipher c = case (M.lookup "cipher" c,
M.lookup "cipherkeys" c,
M.lookup "encryption" c) of
(Just t, Just ks, encryption) | maybe True (== "hybrid") encryption ->
- Just $ EncryptedCipher (fromB64 t) Hybrid (readkeys ks)
+ Just $ EncryptedCipher (fromB64bs t) Hybrid (readkeys ks)
(Just t, Just ks, Just "pubkey") ->
- Just $ EncryptedCipher (fromB64 t) PubKey (readkeys ks)
+ Just $ EncryptedCipher (fromB64bs t) PubKey (readkeys ks)
(Just t, Nothing, encryption) | maybe True (== "shared") encryption ->
- Just $ SharedCipher (fromB64 t)
+ Just $ SharedCipher (fromB64bs t)
_ -> Nothing
where
readkeys = KeyIds . split ","
@@ -169,3 +170,14 @@ describeEncryption c = case extractCipher c of
PubKey -> Nothing
Hybrid -> Just "(hybrid mode)"
]
+
+{- Not using Utility.Base64 because these "Strings" are really
+ - bags of bytes and that would convert to unicode and not roung-trip
+ - cleanly. -}
+toB64bs :: String -> String
+toB64bs = B64.encode . s2w8
+
+fromB64bs :: String -> String
+fromB64bs s = fromMaybe bad $ w82s <$> B64.decode s
+ where
+ bad = error "bad base64 encoded data"