mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-12-31 21:21:56 +00:00
Restore -o and make explicit it means 'options local to subcommand' (Closes #182)
This commit is contained in:
parent
f1c6245c80
commit
45c5b53cc4
39
tomb
39
tomb
@ -592,11 +592,12 @@ usage() {
|
||||
_print "\000"
|
||||
_print "Options:"
|
||||
_print "\000"
|
||||
_print " -c alternate encryption algorithm (forge and lock)"
|
||||
_print " -s size of the tomb file when creating/resizing one (in MB)"
|
||||
_print " -k path to the key to be used ('-k -' to read from stdin)"
|
||||
_print " -n don't process the hooks found in tomb"
|
||||
_print " -o mount options used to open (default: rw,noatime,nodev)"
|
||||
_print " -o options passed to local command, e.g.:"
|
||||
_print " - mount options used to open (default: rw,noatime,nodev)"
|
||||
_print " - an alternate cipher to forge and lock"
|
||||
_print " -f force operation (i.e. even if swap is active)"
|
||||
[[ $KDF == 1 ]] && {
|
||||
_print " --kdf generate passwords armored against dictionary attacks"
|
||||
@ -1379,12 +1380,11 @@ dig_tomb() {
|
||||
|
||||
# Step two -- Create a detached key to lock a tomb with
|
||||
#
|
||||
# Synopsis: forge_key [destkey|-k destkey] [-c algo|--cipher=algo]
|
||||
# Synopsis: forge_key [destkey|-k destkey] [-o cipher]
|
||||
#
|
||||
# Arguments:
|
||||
# -k path to destination keyfile
|
||||
# -o DEPRECATED use -c instead
|
||||
# -c | --cipher Use an alternate algorithm
|
||||
# -o Use an alternate algorithm
|
||||
#
|
||||
forge_key() {
|
||||
# can be specified both as simple argument or using -k
|
||||
@ -1410,11 +1410,8 @@ forge_key() {
|
||||
ls -lh $destkey
|
||||
_failure "Forging this key would overwrite an existing file. Operation aborted." }
|
||||
|
||||
# Update algorithm if it was passed on the command line with -c
|
||||
{ option_is_set -o } && {
|
||||
_warning "DEPRECATED: use -c or --cipher to specify an alternate encryption algorithm"
|
||||
algopt="$(option_value -o)" }
|
||||
{ option_is_set -c } && algopt="$(option_value -c)"
|
||||
# Update algorithm if it was passed on the command line with -o
|
||||
{ option_is_set -o } && algopt="$(option_value -o)"
|
||||
[[ -n "$algopt" ]] && algo=$algopt
|
||||
|
||||
_message "Commanded to forge key ::1 key:: with cipher algorithm ::2 algorithm::" \
|
||||
@ -1476,14 +1473,14 @@ forge_key() {
|
||||
|
||||
# Step three -- Lock tomb
|
||||
#
|
||||
# Synopsis: tomb_lock file.tomb file.tomb.key [-c cipher]
|
||||
# Synopsis: tomb_lock file.tomb file.tomb.key [-o cipher]
|
||||
#
|
||||
# Lock the given tomb with the given key file, in fact formatting the
|
||||
# loopback volume as a LUKS device.
|
||||
# Default cipher 'aes-xts-plain64:sha256'can be overridden with -c
|
||||
# Default cipher 'aes-xts-plain64:sha256'can be overridden with -o
|
||||
lock_tomb_with_key() {
|
||||
# old default was aes-cbc-essiv:sha256
|
||||
# Override with -c or --cipher
|
||||
# Override with -o
|
||||
# for more alternatives refer to cryptsetup(8)
|
||||
local cipher="aes-xts-plain64:sha256"
|
||||
|
||||
@ -1522,10 +1519,7 @@ lock_tomb_with_key() {
|
||||
_load_key # Try loading key from option -k and set TOMBKEYFILE
|
||||
|
||||
# the encryption cipher for a tomb can be set when locking using -c
|
||||
{ option_is_set -o } && {
|
||||
_warning "DEPRECATED: use -c or --cipher to specify an alternate encryption algorithm"
|
||||
algopt="$(option_value -o)" }
|
||||
{ option_is_set -c } && algopt="$(option_value -c)"
|
||||
{ option_is_set -o } && algopt="$(option_value -o)"
|
||||
[[ -n "$algopt" ]] && cipher=$algopt
|
||||
_message "Locking using cipher: ::1 cipher::" $cipher
|
||||
|
||||
@ -2429,7 +2423,9 @@ main() {
|
||||
# Hi, dear developer! Are you trying to add a new subcommand, or
|
||||
# to add some options? Well, keep in mind that option names are
|
||||
# global: they cannot bear a different meaning or behaviour across
|
||||
# subcommands.
|
||||
# subcommands. The only exception is "-o" which means: "options
|
||||
# passed to the local subcommand", and thus can bear a different
|
||||
# meaning for different subcommands.
|
||||
#
|
||||
# For example, "-s" means "size" and accepts one argument. If you
|
||||
# are tempted to add an alternate option "-s" (e.g., to mean
|
||||
@ -2446,15 +2442,16 @@ main() {
|
||||
#
|
||||
main_opts=(q -quiet=q D -debug=D h -help=h v -version=v f -force=f -tmp: U: G: T: -no-color -unsafe)
|
||||
subcommands_opts[__default]=""
|
||||
# -o in open and mount is used to pass alternate mount options
|
||||
subcommands_opts[open]="n -nohook=n k: -kdf: o: -ignore-swap -tomb-pwd: "
|
||||
subcommands_opts[mount]=${subcommands_opts[open]}
|
||||
|
||||
subcommands_opts[create]="" # deprecated, will issue warning
|
||||
|
||||
# TODO: remove deprecated option -o in next major release (-c replaces it)
|
||||
subcommands_opts[forge]="-ignore-swap k: -kdf: o: c: -cipher=c -tomb-pwd: -use-urandom "
|
||||
# -o in forge and lock is used to pass an alternate cipher.
|
||||
subcommands_opts[forge]="-ignore-swap k: -kdf: o: -tomb-pwd: -use-urandom "
|
||||
subcommands_opts[dig]="-ignore-swap s: -size=s "
|
||||
subcommands_opts[lock]="-ignore-swap k: -kdf: o: c: -cipher=c -tomb-pwd: "
|
||||
subcommands_opts[lock]="-ignore-swap k: -kdf: o: -tomb-pwd: "
|
||||
subcommands_opts[setkey]="k: -ignore-swap -kdf: -tomb-old-pwd: -tomb-pwd: "
|
||||
subcommands_opts[engrave]="k: "
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user