From eb259a74840fc7e4769a3ba3384b635b3b4ef5be Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 7 Sep 2013 18:38:00 -0400 Subject: partially complete gcrypt remote (local send done; rest not) This is a git-remote-gcrypt encrypted special remote. Only sending files in to the remote works, and only for local repositories. Most of the work so far has involved making initremote work. A particular problem is that remote setup in this case needs to generate its own uuid, derivied from the gcrypt-id. That required some larger changes in the code to support. For ssh remotes, this will probably just reuse Remote.Rsync's code, so should be easy enough. And for downloading from a web remote, I will need to factor out the part of Remote.Git that does that. One particular thing that will need work is supporting hot-swapping a local gcrypt remote. I think it needs to store the gcrypt-id in the git config of the local remote, so that it can check it every time, and compare with the cached annex-uuid for the remote. If there is a mismatch, it can change both the cached annex-uuid and the gcrypt-id. That should work, and I laid some groundwork for it by already reading the remote's config when it's local. (Also needed for other reasons.) This commit was sponsored by Daniel Callahan. --- Git/GCrypt.hs | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) (limited to 'Git') diff --git a/Git/GCrypt.hs b/Git/GCrypt.hs index e22bd74a2..18d8fa771 100644 --- a/Git/GCrypt.hs +++ b/Git/GCrypt.hs @@ -44,23 +44,25 @@ encryptedRepo baserepo = go go _ = notencrypted notencrypted = error "not a gcrypt encrypted repository" +type RemoteName = String + {- gcrypt gives each encrypted repository a uique gcrypt-id, - which is stored in the repository (in encrypted form) - and cached in a per-remote gcrypt-id configuration setting. -} -remoteRepoId :: Repo -> Repo -> Maybe String +remoteRepoId :: Repo -> Maybe RemoteName -> Maybe String remoteRepoId = getRemoteConfig "gcrypt-id" -getRemoteConfig :: String -> Repo -> Repo -> Maybe String -getRemoteConfig field baserepo remote = do - name <- remoteName remote - Config.getMaybe (remoteConfigKey field name) baserepo +getRemoteConfig :: String -> Repo -> Maybe RemoteName -> Maybe String +getRemoteConfig field repo remotename = do + n <- remotename + Config.getMaybe (remoteConfigKey field n) repo {- Gpg keys that the remote is encrypted for. - If empty, gcrypt uses --default-recipient-self -} -particiantList :: Maybe Repo -> Repo -> Repo -> KeyIds -particiantList globalconfigrepo baserepo remote = KeyIds $ parse $ firstJust - [ getRemoteConfig "participants" baserepo remote - , Config.getMaybe defaultkey baserepo +getParticiantList :: Maybe Repo -> Repo -> Maybe RemoteName -> KeyIds +getParticiantList globalconfigrepo repo remotename = KeyIds $ parse $ firstJust + [ getRemoteConfig "gcrypt-participants" repo remotename + , Config.getMaybe defaultkey repo , Config.getMaybe defaultkey =<< globalconfigrepo ] where @@ -69,5 +71,8 @@ particiantList globalconfigrepo baserepo remote = KeyIds $ parse $ firstJust parse (Just l) = words l parse Nothing = [] -remoteConfigKey :: String -> String -> String -remoteConfigKey key field = "remote." ++ field ++ "." ++ key +remoteParticipantConfigKey :: RemoteName -> String +remoteParticipantConfigKey = remoteConfigKey "gcrypt-participants" + +remoteConfigKey :: String -> RemoteName -> String +remoteConfigKey key remotename = "remote." ++ remotename ++ "." ++ key -- cgit v1.2.3