aboutsummaryrefslogtreecommitdiff
path: root/Utility/Gpg.hs
Commit message (Collapse)AuthorAge
* relicense Utility/GPG.hs BSD as the rest of Utility isGravatar Joey Hess2017-03-10
| | | | | | | | | | The COPYRIGHT had Utility/DirWatcher* listed as GPL, but they were actually BSD licensed. No idea why I put the GPL on Utility/GPG.hs file originally. I wrote all of it, except for guilhem's small changes to it in a7f50205bb1ccd41d4a9ab4e11d984e643be755f, which seem too small to be independently copyrightable. I'm relicencing it BSD.
* Some optimisations to string splitting code.Gravatar Joey Hess2017-01-31
| | | | | | | | | | | | | | | | | | | Turns out that Data.List.Utils.split is slow and makes a lot of allocations. Here's a much simpler single character splitter that behaves the same (even in wacky corner cases) while running in half the time and 75% the allocations. As well as being an optimisation, this helps move toward eliminating use of missingh. (Data.List.Split.splitOn is nearly as slow as Data.List.Utils.split and allocates even more.) I have not benchmarked the effect on git-annex, but would not be surprised to see some parsing of eg, large streams from git commands run twice as fast, and possibly in less memory. This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
* Avoid backtraces on expected failures when built with ghc 8; only use ↵Gravatar Joey Hess2016-11-15
| | | | | | | | | | | | | backtraces for unexpected errors. ghc 8 added backtraces on uncaught errors. This is great, but git-annex was using error in many places for a error message targeted at the user, in some known problem case. A backtrace only confuses such a message, so omit it. Notably, commands like git annex drop that failed due to eg, numcopies, used to use error, so had a backtrace. This commit was sponsored by Ethan Aubin.
* test: Deal with gpg-agent behavior change that broke the test suite.Gravatar Joey Hess2016-10-18
| | | | | | | | gpg-agent started deleting its socket file on shutdown, and this tickled an ugly behavior in removeDirectoryRecursive, https://github.com/haskell/directory/issues/60 Running removeDirectoryRecursive again on exception avoids the problem.
* Improve gpg secret key list parser to deal with changes in gpg 2.1.15. Fixes ↵Gravatar Joey Hess2016-09-14
| | | | | | | | | | | key name display in webapp. gpg 2.1.15 (or so) seems to have added some new fields to the --with-colons --list-secret-keys output. These include "fpr" and "grp", and come before the "uid" line. So, the parser was giving up before it saw the name. Fix by continuing to look for the uid line until the next "sec" line. This commit was sponsored by Ole-Morten,Duesund on Patreon.
* support gpg.programGravatar Joey Hess2015-09-09
| | | | | | When gpg.program is configured, it's used to get the command to run for gpg. Useful on systems that have only a gpg2 command or want to use it instead of the gpg command.
* two more breakages introduced when removing the Params constructorGravatar Joey Hess2015-06-03
|
* remove Params constructor from Utility.SafeCommandGravatar Joey Hess2015-06-01
| | | | | | | | | | | | | | | | | | This removes a bit of complexity, and should make things faster (avoids tokenizing Params string), and probably involve less garbage collection. In a few places, it was useful to use Params to avoid needing a list, but that is easily avoided. Problems noticed while doing this conversion: * Some uses of Params "oneword" which was entirely unnecessary overhead. * A few places that built up a list of parameters with ++ and then used Params to split it! Test suite passes.
* rejigger imports for clean build with ghc 7.10's AMP changesGravatar Joey Hess2015-05-10
| | | | | The explict import Prelude after import Control.Applicative is a trick to avoid a warning.
* WIP on making --quiet silence progress, and infra for concurrent progress barsGravatar Joey Hess2015-04-03
|
* rename bothHandles -> ioHandlesGravatar Joey Hess2015-04-03
|
* update my email address and homepage urlGravatar Joey Hess2015-01-21
|
* Fix build with process 1.2.1.0.Gravatar Joey Hess2015-01-04
|
* Use haskell setenv library to clean up several ugly workarounds for ↵Gravatar Joey Hess2014-10-15
| | | | | | | | | inability to manipulate the environment on windows. Didn't know that this library existed! This includes making git-annex not re-exec itself on start on windows, and making the test suite on Windows run tests without forking.
* fix some mixed space+tab indentationGravatar Joey Hess2014-10-09
| | | | | | | | | This fixes all instances of " \t" in the code base. Most common case seems to be after a "where" line; probably vim copied the two space layout of that line. Done as a background task while listening to episode 2 of the Type Theory podcast.
* Windows: Avoid crashing trying to list gpg secret keys, for gcrypt which is ↵Gravatar Joey Hess2014-09-16
| | | | not yet supported on Windows.
* fix windows buildGravatar Joey Hess2014-08-10
|
* unify exception handling into Utility.ExceptionGravatar Joey Hess2014-08-07
| | | | | | | | | | | | | | | | | | | | Removed old extensible-exceptions, only needed for very old ghc. Made webdav use Utility.Exception, to work after some changes in DAV's exception handling. Removed Annex.Exception. Mostly this was trivial, but note that tryAnnex is replaced with tryNonAsync and catchAnnex replaced with catchNonAsync. In theory that could be a behavior change, since the former caught all exceptions, and the latter don't catch async exceptions. However, in practice, nothing in the Annex monad uses async exceptions. Grepping for throwTo and killThread only find stuff in the assistant, which does not seem related. Command.Add.undo is changed to accept a SomeException, and things that use it for rollback now catch non-async exceptions, rather than only IOExceptions.
* lift types from IO to AnnexGravatar Joey Hess2014-07-29
| | | | | | | | | | | Some remotes like External need to run store and retrieve actions in Annex, not IO. In order to do that lift, I had to dive pretty deep into the utilities, making Utility.Gpg and Utility.Tmp be partly converted to using MonadIO, and Control.Monad.Catch for exception handling. There should be no behavior changes in this commit. This commit was sponsored by Michael Barabanov.
* hlintGravatar Joey Hess2014-04-26
|
* work around a strance change in gpg behavior; needs a trustdb to exist even ↵Gravatar Joey Hess2014-01-07
| | | | when using --trust-model=always
* remove *>=> and >=*> ; use <$$> insteadGravatar Joey Hess2013-09-27
| | | | | | | | I forgot I had <$$> hidden away in Utility.Applicative. It allows doing the same kind of currying as does >=*> and I found using it made the code more readable for me. (*>=> was not used)
* webapp gpg key generationGravatar Joey Hess2013-09-17
| | | | | | | | | | | | | | | | | Now the webapp can generate a gpg key that is dedicated for use by git-annex. Since the key is single use, much of the complexity of generating gpg keys is avoided. Note that the key has no password, because gpg-agent is not available everywhere the assistant is installed. This is not a big security problem because the key is going to live on the same disk as the git annex repository, so an attacker with access to it can look directly in the repository to see the same files that get stored in the encrypted repository on the removable drive. There is no provision yet for backing up keys. This commit sponsored by Robert Beaty.
* gpg secret key generationGravatar Joey Hess2013-09-16
|
* gpg secret keys list parsingGravatar Joey Hess2013-09-16
| | | | | | Note that Utility.Format.prop_idempotent_deencode does not hold now that hex escaped characters are supported. quickcheck fails to notice this, so I have left it as-is for now.
* fix commentGravatar Joey Hess2013-09-07
|
* gpg: Force --no-textmode in case the user has it turned on in config.Gravatar Joey Hess2013-09-07
|
* fix windows buildGravatar Joey Hess2013-09-06
|
* Leverage an ambiguities between CiphersGravatar guilhem2013-09-05
| | | | | | | | | Cipher is now a datatype data Cipher = Cipher String | MacOnlyCipher String which makes more precise its interpretation MAC-only vs. MAC + used to derive a key for symmetric crypto.
* keep Utility.Gpg free of dependencies on git-annexGravatar Joey Hess2013-09-04
|
* Allow public-key encryption of file content.Gravatar guilhem2013-09-03
| | | | | | | | | | | | With the initremote parameters "encryption=pubkey keyid=788A3F4C". /!\ Adding or removing a key has NO effect on files that have already been copied to the remote. Hence using keyid+= and keyid-= with such remotes should be used with care, and make little sense unless the point is to replace a (sub-)key by another. /!\ Also, a test case has been added to ensure that the cipher and file contents are encrypted as specified by the chosen encryption scheme.
* Allow revocation of OpenPGP keys.Gravatar guilhem2013-08-29
| | | | | | | | | | | | | | | | | | | | | | | /!\ It is to be noted that revoking a key does NOT necessarily prevent the owner of its private part from accessing data on the remote /!\ The only sound use of `keyid-=` is probably to replace a (sub-)key by another, where the private part of both is owned by the same person/entity: git annex enableremote myremote keyid-=2512E3C7 keyid+=788A3F4C Reference: http://git-annex.branchable.com/bugs/Using_a_revoked_GPG_key/ * Other change introduced by this patch: New keys now need to be added with option `keyid+=`, and the scheme specified (upon initremote only) with `encryption=`. The motivation for this change is to open for new schemes, e.g., strict asymmetric encryption. git annex initremote myremote encryption=hybrid keyid=2512E3C7 git annex enableremote myremote keyid+=788A3F4C
* avoid more build warnings on WindowsGravatar Joey Hess2013-08-04
|
* Windows: Added support for encrypted special remotes.Gravatar Joey Hess2013-08-04
|
* get rid of __WINDOWS__, use mingw32_HOST_OSGravatar Joey Hess2013-08-02
| | | | | The latter is harder for me to remember, but avoids build failures in code used by the configure program.
* Allow building with gpg2.Gravatar Joey Hess2013-05-19
|
* fix the day's Windows permissions damageGravatar Joey Hess2013-05-14
|
* better error message for Windows stubGravatar Joey Hess2013-05-14
|
* fix buildGravatar Joey Hess2013-05-12
|
* fix permission damage (thanks, Windows)Gravatar Joey Hess2013-05-11
|
* clean up from windows portingGravatar Joey Hess2013-05-11
|
* fixup #if 0 stubs to use #ifndef mingw32_HOST_OSGravatar Joey Hess2013-05-10
| | | | | | That's needed in files used to build the configure program. For the other files, I'm keeping my __WINDOWS__ define, as I find that much easier to type. I may search and replace it to use the mingw32_HOST_OS thing later.
* stub out POSIX stuffGravatar Joey Hess2013-05-10
|
* Generate ciphers with a better entropy.Gravatar guilhem2013-04-06
| | | | | | | | | | Unless highRandomQuality=false (or --fast) is set, use Libgcypt's 'GCRY_VERY_STRONG_RANDOM' level by default for cipher generation, like it's done for OpenPGP key generation. On the assistant side, the random quality is left to the old (lower) level, in order not to scare the user with an enless page load due to the blocking PRNG waiting for IO actions.
* check that gpg generated as much data as we asked forGravatar Joey Hess2013-03-03
|
* improve comments and variable names WRT base64 encoded encryption keysGravatar Joey Hess2013-03-03
|
* Deal with incompatability in gpg2, which caused prompts for encryption ↵Gravatar Joey Hess2013-01-16
| | | | passphrases rather than using the supplied --passphrase-fd.
* whitespace fixesGravatar Joey Hess2012-12-13
|
* finished where indentation changesGravatar Joey Hess2012-12-13
|
* better streaming while encrypting/decryptingGravatar Joey Hess2012-11-18
| | | | | | Both the directory and webdav special remotes used to have to buffer the whole file contents before it could be decrypted, as they read from chunks. Now the chunks are streamed through gpg with no buffering.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-21 20:39:26 +0000