summaryrefslogtreecommitdiff
path: root/doc/upgrades/insecure_embedded_creds.mdwn
Commit message (Collapse)AuthorAge
* error, don't warn about insecure credsGravatar Joey Hess2014-09-18
| | | | | | | | | | A one-time warning was not good enough. A hard error will force the user to notice the problem. Perhaps worth noting that git-annex enableremote already failed with an error, and nobody reported a bug. Suggests that not many people have used the insecure configuration, or if they did, they went to the bother to embedcreds, but never re-enabled the special remote.
* git history is hard to kill, make sure it's clearGravatar anarcat2014-09-18
|
* numberGravatar Joey Hess2014-09-18
|
* deal with old repositories with non-encrypted credsGravatar Joey Hess2014-09-18
See 2fb7ad68637cc4e1092f835055a974f141808ca0 for backstory about how a repo could be in this state. When decryption fails, the repo must be using non-encrypted creds. Note that creds are encrypted/decrypted using the encryption cipher which is stored in the repo, so the decryption cannot fail due to missing gpg keys etc. (For !shared encryptiom, the cipher is iteself encrypted using some gpg key(s), and the decryption of the cipher happens earlier, so not affected by this change. Print a warning message for !shared repos, and continue on using the cipher. Wrote a page explaining what users hit by this bug should do. This commit was sponsored by Samuel Tardieu.