Commit graph

21484 commits

Author SHA1 Message Date
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
7c8f63107d Added a comment 2014-09-23 21:15:29 +00:00
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
a29dba3027 Added a comment 2014-09-23 20:58:10 +00:00
http://joeyh.name/
c31ea37104 Added a comment 2014-09-23 20:27:25 +00:00
Joey Hess
21672e7b17 close 2014-09-23 16:19:45 -04:00
https://www.google.com/accounts/o8/id?id=AItOawn3p4i4lk_zMilvjnJ9sS6g2nerpgz0Fjc
ccc9ff16b2 Added a comment: Why different versions? 2014-09-23 10:59:32 +00:00
https://me.yahoo.com/a/wbh0dY54mcPwTpeOweuPQ8JiZrH3hg--#9b726
880f4e663b Added a comment 2014-09-23 01:15:23 +00:00
https://me.yahoo.com/a/wbh0dY54mcPwTpeOweuPQ8JiZrH3hg--#9b726
d2666edbec 2014-09-22 21:50:37 +00:00
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
6ffa03c357 removed 2014-09-22 20:22:49 +00:00
Joey Hess
fd5fa831fa fix urls 2014-09-22 14:12:10 -04:00
Joey Hess
7a3e4e6e41 Merge branch 'master' of ssh://git-annex.branchable.com 2014-09-22 14:10:59 -04:00
Joey Hess
c5b8ffcb42 update 2014-09-22 14:10:50 -04:00
Joey Hess
4058eeb252 Depend on new enough git for --no-gpg-sign to work. Closes: #762446 2014-09-22 13:50:16 -04:00
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
b60d61e561 2014-09-21 13:12:13 +00:00
dirkz
b0c4300868 2014-09-20 14:55:36 +00:00
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
70813b0e29 2014-09-19 21:45:42 +00:00
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
cb46e5ea58 Added a comment 2014-09-19 21:31:23 +00:00
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
184e9c5119 Added a comment: Understanding 2014-09-19 21:24:19 +00:00
https://www.google.com/accounts/o8/id?id=AItOawmK0703vNSIQsP1mGf-4MAPnsBZiSc6yVo
58805f73b5 Added a comment: Sync between two indirectly connected remotes need XMPP? 2014-09-19 19:37:36 +00:00
http://joeyh.name/
9ad3746abb Added a comment 2014-09-19 18:33:17 +00:00
https://www.google.com/accounts/o8/id?id=AItOawlog_5wIICaMcrKTexlFNA6IO6UTp323aE
8c7a1a6d43 Added a comment 2014-09-19 18:22:36 +00:00
Joey Hess
f5a36b275d add news item for git-annex 5.20140919 2014-09-19 13:10:33 -04:00
Joey Hess
264c65e8f8 prep release 2014-09-19 13:02:19 -04:00
Joey Hess
7a68a216af Merge branch 'master' of ssh://git-annex.branchable.com 2014-09-19 12:14:51 -04:00
rasmus
ddb2c91e24 Added a comment 2014-09-19 06:29:58 +00:00
Joey Hess
7faf2436f3 CVE id assigned 2014-09-19 01:38:51 -04:00
annexuser
80232ac871 Added a comment 2014-09-19 04:43:42 +00:00
http://joeyh.name/
0f7caf5c74 Added a comment 2014-09-19 02:59:36 +00:00
http://joeyh.name/
41ec41a69f Added a comment: I know what it is now 2014-09-19 02:43:22 +00:00
Joey Hess
ea2da4644d Merge branch 'master' of ssh://git-annex.branchable.com 2014-09-18 22:38:53 -04:00
Joey Hess
ffd8b90c55 fix indentation 2014-09-18 22:37:34 -04:00
rasmus
8b38cee935 Added a comment 2014-09-19 00:43:56 +00:00
Joey Hess
15c502588e error, don't warn about insecure creds
A one-time warning was not good enough. A hard error will force the user to
notice the problem.

Perhaps worth noting that git-annex enableremote already failed with an
error, and nobody reported a bug. Suggests that not many people have used
the insecure configuration, or if they did, they went to the bother to
embedcreds, but never re-enabled the special remote.
2014-09-18 19:03:15 -04:00
anarcat
23f60da002 git history is hard to kill, make sure it's clear 2014-09-18 22:27:46 +00:00
Joey Hess
9428a3b759 number 2014-09-18 18:25:33 -04:00
Joey Hess
417087d532 devblog 2014-09-18 18:24:20 -04:00
Joey Hess
0ed33c8b74 deal with old repositories with non-encrypted creds
See 2f3c3aa01f for backstory about how a repo
could be in this state.

When decryption fails, the repo must be using non-encrypted creds. Note
that creds are encrypted/decrypted using the encryption cipher which is
stored in the repo, so the decryption cannot fail due to missing gpg keys
etc. (For !shared encryptiom, the cipher is iteself encrypted using some
gpg key(s), and the decryption of the cipher happens earlier, so not
affected by this change.

Print a warning message for !shared repos, and continue on using the
cipher. Wrote a page explaining what users hit by this bug should do.

This commit was sponsored by Samuel Tardieu.
2014-09-18 17:58:03 -04:00
Joey Hess
2f3c3aa01f glacier, S3: Fix bug that caused embedded creds to not be encypted using the remote's key.
encryptionSetup must be called before setRemoteCredPair. Otherwise,
the RemoteConfig doesn't have the cipher in it, and so no cipher is used to
encrypt the embedded creds.

This is a security fix for non-shared encryption methods!

For encryption=shared, there's no security problem, just an
inconsistentency in whether the embedded creds are encrypted.

This is very important to get right, so used some types to help ensure that
setRemoteCredPair is only run after encryptionSetup. Note that the external
special remote bypasses the type safety, since creds can be set after the
initial remote config, if the external special remote program requests it.
Also note that IA remotes never use encryption, so encryptionSetup is not
run for them at all, and again the type safety is bypassed.

This leaves two open questions:

1. What to do about S3 and glacier remotes that were set up
   using encryption=pubkey/hybrid with embedcreds?
   Such a git repo has a security hole embedded in it, and this needs to be
   communicated to the user. Is the changelog enough?

2. enableremote won't work in such a repo, because git-annex will
   try to decrypt the embedded creds, which are not encrypted, so fails.
   This needs to be dealt with, especially for ecryption=shared repos,
   which are not really broken, just inconsistently configured.

   Noticing that problem for encryption=shared is what led to commit
   fbdeeeed5f, which tried to
   fix the problem by not decrypting the embedded creds.

This commit was sponsored by Josh Taylor.
2014-09-18 17:26:12 -04:00
Joey Hess
3becc6a433 Merge branch 'master' of ssh://git-annex.branchable.com 2014-09-18 15:44:26 -04:00
Joey Hess
fe994e58e5 clarify that sync only commits changes to files already added to the repo 2014-09-18 15:43:20 -04:00
http://joeyh.name/
e26f28f5fc Added a comment 2014-09-18 19:41:39 +00:00
http://joeyh.name/
ac635f7ada Added a comment 2014-09-18 19:28:56 +00:00
Joey Hess
4b38a572ab Merge branch 'master' of ssh://git-annex.branchable.com 2014-09-18 15:23:01 -04:00
Joey Hess
d84eab8a8a Revert "S3, Glacier, WebDAV: Fix bug that prevented accessing the creds when the repository was configured with encryption=shared embedcreds=yes."
This reverts commit fbdeeeed5f.

I can find no basis for that commit and think that I made it in error.
setRemoteCredPair always encrypts using the cipher from remoteCipher,
even when the cipher is shared.
2014-09-18 15:21:47 -04:00
xn
2ebcc69d63 Added a comment 2014-09-18 19:03:30 +00:00
Joey Hess
2d99b6b931 mention old-style chunking 2014-09-18 14:54:35 -04:00
http://joeyh.name/
74ad8ebb0c Added a comment 2014-09-18 18:52:17 +00:00
http://joeyh.name/
ce0f2dd114 Added a comment 2014-09-18 18:49:43 +00:00
http://joeyh.name/
019a0ec802 Added a comment 2014-09-18 18:27:37 +00:00
Joey Hess
282a1d2a5d Merge branch 'master' of ssh://git-annex.branchable.com 2014-09-18 14:26:45 -04:00
Joey Hess
44e7d6e1fe add: In direct mode, adding an annex symlink will check it into git, as was already done in indirect mode. 2014-09-18 14:24:47 -04:00