Commit graph

20 commits

Author SHA1 Message Date
guilhem
00fc21bfec Generate ciphers with a better entropy.
Unless highRandomQuality=false (or --fast) is set, use Libgcypt's
'GCRY_VERY_STRONG_RANDOM' level by default for cipher generation, like
it's done for OpenPGP key generation.

On the assistant side, the random quality is left to the old (lower)
level, in order not to scare the user with an enless page load due to
the blocking PRNG waiting for IO actions.
2013-04-06 16:09:51 -04:00
Joey Hess
5895b2ac75 check that gpg generated as much data as we asked for 2013-03-03 20:39:01 -04:00
Joey Hess
13cfe5c582 improve comments and variable names WRT base64 encoded encryption keys 2013-03-03 19:44:48 -04:00
Joey Hess
88df952243 Deal with incompatability in gpg2, which caused prompts for encryption passphrases rather than using the supplied --passphrase-fd. 2013-01-16 15:27:46 -04:00
Joey Hess
0d50a6105b whitespace fixes 2012-12-13 00:45:27 -04:00
Joey Hess
f87a781aa6 finished where indentation changes 2012-12-13 00:24:19 -04:00
Joey Hess
81379bb29c better streaming while encrypting/decrypting
Both the directory and webdav special remotes used to have to buffer
the whole file contents before it could be decrypted, as they read
from chunks. Now the chunks are streamed through gpg with no buffering.
2012-11-18 15:27:44 -04:00
Joey Hess
5513e71723 avoid partial !! in gpg list-keys parser 2012-10-16 01:43:54 -04:00
Joey Hess
c6f3c410d4 fix gpg pipeline stall
Bug introduced in d1da9cf221, where
I removed a forkProcess when feeding gpg. Feeding it from a thread
solves the bug.
2012-09-09 13:11:54 -04:00
Joey Hess
dcd208513d Merge branch 'master' into assistant
Conflicts:
	debian/changelog
2012-08-17 08:22:43 -07:00
Joey Hess
fe8fee235b Pass --use-agent to gpg when in no tty mode. Thanks, Eskild Hustvedt. 2012-08-17 08:22:11 -07:00
Joey Hess
1db7d27a45 add back debug logging
Make Utility.Process wrap the parts of System.Process that I use,
and add debug logging to them.

Also wrote some higher-level code that allows running an action
with handles to a processes stdin or stdout (or both), and checking
its exit status, all in a single function call.

As a bonus, the debug logging now indicates whether the process
is being run to read from it, feed it data, chat with it (writing and
reading), or just call it for its side effect.
2012-07-19 00:46:52 -04:00
Joey Hess
d1da9cf221 switch from System.Cmd.Utils to System.Process
Test suite now passes with -threaded!

I traced back all the hangs with -threaded to System.Cmd.Utils. It seems
it's just crappy/unsafe/outdated, and should not be used. System.Process
seems to be the cool new thing, so converted all the code to use it
instead.

In the process, --debug stopped printing commands it runs. I may try to
bring that back later.

Note that even SafeSystem was switched to use System.Process. Since that
was a modified version of code from System.Cmd.Utils, it needed to be
converted too. I also got rid of nearly all calls to forkProcess,
and all calls to executeFile, which I'm also doubtful about working
well with -threaded.
2012-07-18 18:00:24 -04:00
Joey Hess
75b6ee81f9 avoid ByteString.Char8 where not needed
Its truncation behavior is a red flag, so avoid using it in these places
where only raw ByteStrings are used, without looking at the data inside.
2012-06-20 13:13:40 -04:00
Joey Hess
1c16f616df Added shared cipher mode to encryptable special remotes.
This option avoids gpg key distribution, at the expense of flexability, and
with the requirement that all clones of the git repository be equally
trusted.
2012-04-29 14:02:43 -04:00
Joey Hess
9ffd97442b don't use GPG_AGENT_INFO to force batch mode in test suite
Fails with gpg 2. Instead, use a different environment variable.

The clean fix would instead be to add an annex.gpg-options configuration.
But, that would be rather a lot of work and it's unlikely it would be
useful for much else.
2012-01-09 18:19:29 -04:00
Joey Hess
60c1aeeb6f Fix overbroad gpg --no-tty fix from last release.
Only set --no-tty when GPG_AGENT_INFO is set and batch mode is used.

In the test suite, set GPG_AGENT_INFO to /dev/null to avoid the test suite
relying on /dev/tty.
2012-01-07 12:38:08 -04:00
Joey Hess
769edd6b08 Run gpg with --no-tty. Closes: #654721 2012-01-05 13:44:09 -04:00
Joey Hess
82a145df91 test encrypted special remote
This involved adding a test harness to run gpg with a dummy key, and lots
of fun.
2011-12-20 23:24:06 -04:00
Joey Hess
c11cfea355 split out Utility.Gpg with the generic gpg interface, from Crypto 2011-12-20 23:24:06 -04:00