Added new encryption=sharedpubkey mode for special remotes.

This is useful for makking a special remote that anyone with a clone of the
repo and your public keys can upload files to, but only you can decrypt the
files stored in it.
This commit is contained in:
Joey Hess 2016-05-10 16:50:31 -04:00
parent 2d00523609
commit e219289c83
Failed to extract signature
7 changed files with 114 additions and 63 deletions

View file

@ -297,9 +297,9 @@ shellOrRsync r ashell arsync
setGcryptEncryption :: RemoteConfig -> String -> Annex ()
setGcryptEncryption c remotename = do
let participants = remoteconfig Git.GCrypt.remoteParticipantConfigKey
case extractCipher c of
case cipherKeyIds =<< extractCipher c of
Nothing -> noCrypto
Just (EncryptedCipher _ _ (KeyIds { keyIds = ks})) -> do
Just (KeyIds { keyIds = ks}) -> do
setConfig participants (unwords ks)
let signingkey = ConfigKey $ Git.GCrypt.remoteSigningKey remotename
cmd <- gpgCmd <$> Annex.getGitConfig
@ -307,8 +307,6 @@ setGcryptEncryption c remotename = do
case filter (`elem` ks) skeys of
[] -> noop
(k:_) -> setConfig signingkey k
Just (SharedCipher _) ->
unsetConfig participants
setConfig (remoteconfig Git.GCrypt.remotePublishParticipantConfigKey)
(Git.Config.boolConfig True)
where