Restore -o and make explicit it means 'options local to subcommand' (Closes #182)

This commit is contained in:
hellekin 2014-12-26 23:42:39 -03:00
parent f1c6245c80
commit 45c5b53cc4

39
tomb
View File

@ -592,11 +592,12 @@ usage() {
_print "\000"
_print "Options:"
_print "\000"
_print " -c alternate encryption algorithm (forge and lock)"
_print " -s size of the tomb file when creating/resizing one (in MB)"
_print " -k path to the key to be used ('-k -' to read from stdin)"
_print " -n don't process the hooks found in tomb"
_print " -o mount options used to open (default: rw,noatime,nodev)"
_print " -o options passed to local command, e.g.:"
_print " - mount options used to open (default: rw,noatime,nodev)"
_print " - an alternate cipher to forge and lock"
_print " -f force operation (i.e. even if swap is active)"
[[ $KDF == 1 ]] && {
_print " --kdf generate passwords armored against dictionary attacks"
@ -1379,12 +1380,11 @@ dig_tomb() {
# Step two -- Create a detached key to lock a tomb with
#
# Synopsis: forge_key [destkey|-k destkey] [-c algo|--cipher=algo]
# Synopsis: forge_key [destkey|-k destkey] [-o cipher]
#
# Arguments:
# -k path to destination keyfile
# -o DEPRECATED use -c instead
# -c | --cipher Use an alternate algorithm
# -o Use an alternate algorithm
#
forge_key() {
# can be specified both as simple argument or using -k
@ -1410,11 +1410,8 @@ forge_key() {
ls -lh $destkey
_failure "Forging this key would overwrite an existing file. Operation aborted." }
# Update algorithm if it was passed on the command line with -c
{ option_is_set -o } && {
_warning "DEPRECATED: use -c or --cipher to specify an alternate encryption algorithm"
algopt="$(option_value -o)" }
{ option_is_set -c } && algopt="$(option_value -c)"
# Update algorithm if it was passed on the command line with -o
{ option_is_set -o } && algopt="$(option_value -o)"
[[ -n "$algopt" ]] && algo=$algopt
_message "Commanded to forge key ::1 key:: with cipher algorithm ::2 algorithm::" \
@ -1476,14 +1473,14 @@ forge_key() {
# Step three -- Lock tomb
#
# Synopsis: tomb_lock file.tomb file.tomb.key [-c cipher]
# Synopsis: tomb_lock file.tomb file.tomb.key [-o cipher]
#
# Lock the given tomb with the given key file, in fact formatting the
# loopback volume as a LUKS device.
# Default cipher 'aes-xts-plain64:sha256'can be overridden with -c
# Default cipher 'aes-xts-plain64:sha256'can be overridden with -o
lock_tomb_with_key() {
# old default was aes-cbc-essiv:sha256
# Override with -c or --cipher
# Override with -o
# for more alternatives refer to cryptsetup(8)
local cipher="aes-xts-plain64:sha256"
@ -1522,10 +1519,7 @@ lock_tomb_with_key() {
_load_key # Try loading key from option -k and set TOMBKEYFILE
# the encryption cipher for a tomb can be set when locking using -c
{ option_is_set -o } && {
_warning "DEPRECATED: use -c or --cipher to specify an alternate encryption algorithm"
algopt="$(option_value -o)" }
{ option_is_set -c } && algopt="$(option_value -c)"
{ option_is_set -o } && algopt="$(option_value -o)"
[[ -n "$algopt" ]] && cipher=$algopt
_message "Locking using cipher: ::1 cipher::" $cipher
@ -2429,7 +2423,9 @@ main() {
# Hi, dear developer! Are you trying to add a new subcommand, or
# to add some options? Well, keep in mind that option names are
# global: they cannot bear a different meaning or behaviour across
# subcommands.
# subcommands. The only exception is "-o" which means: "options
# passed to the local subcommand", and thus can bear a different
# meaning for different subcommands.
#
# For example, "-s" means "size" and accepts one argument. If you
# are tempted to add an alternate option "-s" (e.g., to mean
@ -2446,15 +2442,16 @@ main() {
#
main_opts=(q -quiet=q D -debug=D h -help=h v -version=v f -force=f -tmp: U: G: T: -no-color -unsafe)
subcommands_opts[__default]=""
# -o in open and mount is used to pass alternate mount options
subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: "
subcommands_opts[mount]=${subcommands_opts[open]}
subcommands_opts[create]="" # deprecated, will issue warning
# TODO: remove deprecated option -o in next major release (-c replaces it)
subcommands_opts[forge]="-ignore-swap k: -kdf: o: c: -cipher=c -tomb-pwd: -use-urandom "
# -o in forge and lock is used to pass an alternate cipher.
subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom "
subcommands_opts[dig]="-ignore-swap s: -size=s "
subcommands_opts[lock]="-ignore-swap k: -kdf: o: c: -cipher=c -tomb-pwd: "
subcommands_opts[lock]="-ignore-swap k: -kdf: o: -tomb-pwd: "
subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: "
subcommands_opts[engrave]="k: "