Llewellyn/Tomb
1
0
Fork 0
mirror of https://github.com/Llewellynvdm/Tomb.git synced 2025-04-06 01:31:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

another fix to key handling

Browse Source 
ultimately removing the case in which we guess if the key is near
the tomb: that is not anymore in documentation and we stop encouraging
to keep the key near the tomb.
This commit is contained in:
Jaromil 2014-02-21 22:40:06 +01:00
parent 7fb404d97c
commit 12f49bf2ff
1 changed files with 16 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
tomb
View File

@ -540,22 +540,17 @@ check_bin() {
# On success returns 0 and prints out the full path to the key # On success returns 0 and prints out the full path to the key
load_key() { load_key() {
# take the name of a tomb file as argument # take the name of a tomb file as argument
# this is used for guessing if the key is nearby
{ test "$1" = "" } || {
tombdir=`dirname $1`
tombfile=`basename $1`
tombname=${tombfile%%\.*}
}
if option_is_set -k ; then if option_is_set -k ; then
if [[ "`option_value -k`" == "-" ]]; then if [[ "`option_value -k`" == "-" ]]; then
xxx "load_key reading from stdin" xxx "load_key reading from stdin"
# take key from stdin # take key from stdin
tombkeydir=`safe_dir load_key_stdin` # global used to check if key from stdin tombkeydir=`safe_dir load_key_stdin` # global used to check if key from stdin
xxx "tempdir is $tombkeydir" xxx "tempdir is $tombkeydir"
act "waiting for the key to be piped from stdin... "
cat > ${tombkeydir}/stdin.tmp.key cat > ${tombkeydir}/stdin.tmp.key
print ok >&2
tombdir=${tombkeydir} tombdir=${tombkeydir}
tombfile=stdin.tmp tombfile=stdin.tmp.key
tombname="stdin" tombname="stdin"
elif [[ "`option_value -k`" != "" ]]; then elif [[ "`option_value -k`" != "" ]]; then
xxx "load_key argument: `option_value -k`" xxx "load_key argument: `option_value -k`"
@ -564,24 +559,20 @@ load_key() {
tombdir=`dirname $tombkey` tombdir=`dirname $tombkey`
tombfile=`basename $tombkey` tombfile=`basename $tombkey`
fi fi
fi
tombkey=${tombdir}/${tombfile}.key else # no -k specified
die "this operation requires a key file to be specified using the -k option"
xxx "load_key: ${tombkey}"
if [ -r "${tombkey}" ]; then
if [ "$tombkeydir" = "" ]; then
_message "We'll use this key: ${tombkey}"
else
_message "We'll use the key piped from stdin"
fi
else
_warning "Key not found, specify one using -k"
drop_key
return 1 return 1
fi fi
tombkey=${tombdir}/${tombfile}
xxx "load_key: ${tombkey}"
{ test -r "${tombkey}" } || {
_warning "Key not found, specify one using -k"
drop_key
return 1 }
# this does a check on the file header # this does a check on the file header
if ! is_valid_key ${tombkey}; then if ! is_valid_key ${tombkey}; then
_warning "The key seems invalid, the application/pgp header is missing" _warning "The key seems invalid, the application/pgp header is missing"
@ -1452,6 +1443,7 @@ mount_tomb() {
if [ $? = 255 ]; then if [ $? = 255 ]; then
die "too many tomb opened. Please close any of them to open another tomb" die "too many tomb opened. Please close any of them to open another tomb"
fi fi
xxx "next free loop device: $nstloop"
losetup -f ${tombdir}/${tombfile} losetup -f ${tombdir}/${tombfile}
cryptsetup isLuks ${nstloop} cryptsetup isLuks ${nstloop}
@ -1481,6 +1473,8 @@ mount_tomb() {
mapdate=`date +%s` mapdate=`date +%s`
mapper="tomb.${tombname}.${mapdate}.`basename $nstloop`" mapper="tomb.${tombname}.${mapdate}.`basename $nstloop`"
xxx "dev mapper device: $mapper"
xxx "tomb key: $tombkey"
keyname=`basename $tombkey | cut -d. -f1` keyname=`basename $tombkey | cut -d. -f1`
tombpass=`ask_key_password $tombkey` tombpass=`ask_key_password $tombkey`