Commit Graph

339 Commits

Author SHA1 Message Date
Jaromil
382070481f use getent with wrappers every /etc/passwd query 2019-08-22 17:07:12 +02:00
Jaromil
1574723502 rewrite some conditionals for less ambiguity
this restyles some code introduced by the sphinx feature and tries to fix parse
errors reported in issue #357
2019-08-22 14:37:47 +02:00
Jaromil
71a7241f9c remove unneeded umount on forge_key failure 2019-08-22 11:49:43 +02:00
Jaromil
94d8ad497f Fix inconsistent cleanup on forge_key failure
Address concern raised in #360
2019-08-22 11:47:58 +02:00
Jaromil
0b9080e0ca make gettext optional in _sudo()
address #355
2019-07-05 08:10:00 +02:00
Alexandre Pujol
6b4bd69dbc
Ensure GPG key is trusted. See #340 2019-06-27 19:58:58 +01:00
Jaromil
06039a9e47 fix warnings on first tomb open
fix issue #324
2019-06-26 08:56:05 +02:00
Jaromil
e45c005c88 documentation updates for release
known bugs, changelog and manual for sphinx
2019-05-30 18:48:30 +02:00
Jaromil
ace80c87db switch default random source to /dev/urandom
there is no need to default to a blocking source of random,
since /dev/random doesn't improves the quality of randomness in Linux
2019-05-22 09:55:02 +02:00
Jaromil
2b8eec6ba5 improve tomb umount checks avoiding grep call
consolidate use of `list_tomb_mounts` also inside umount_tomb
this should fix #315
2019-05-22 01:03:00 +02:00
Jaromil
7b06be5d43 before opening check if mountpoint is already used by a tomb
a simple check introduced on `tomb open` to list all tombs mounted and
control if any mountpoint is already in use, in case refuse opening.

fix #326
2019-05-22 00:30:48 +02:00
Jaromil
95f2f68654 Revert temp file mechanism for sphinx
for some reason to be investigated further using tomb's temp
file mechanism breaks the test suite of sphinx support

This reverts commit a6d252c949.
2019-05-18 09:51:55 +02:00
Jaromil
91e607efb5 improve gpg key listing command 2019-05-18 09:50:57 +02:00
Jaromil
ec31d2d280 improved gpg recipient output warning
dropped the dependency from grep, head, cut, sed (only using awk)
added human readeable GPG ID besides fingerprint on recipient check
2019-05-05 11:29:25 +02:00
Jaromil
eec64f4f65
Merge pull request #348 from AlexisDanizan/master
Bug fix #328
2019-05-05 10:39:16 +02:00
Jaromil
a6d252c949 correct use of tomb's internal temp file mechanism for sphinx 2019-05-05 10:21:38 +02:00
Jaromil
5ce9960207
Merge pull request #344 from heat-wave/feature/pitchforked-sphinx-integration
Pitchforked sphinx integration
2019-05-05 09:58:39 +02:00
alexisdanizan
f1f23c417b Bug fix #328 2019-05-01 22:43:04 +02:00
heat-wave
b054a83ee5 Pitchforked sphinx integration for remote password storage 2019-04-30 16:05:03 +01:00
Steve Divskinsy
522ad3abad
Update suggested command with missing flag
`tomb lock` suggested command was missing "-k" flag
2019-04-18 20:54:30 +09:30
heat-wave
f2eb1fd242 Expanded steganographic functionality with cloakify integration 2019-02-21 09:28:21 +00:00
James Reed
46286047f6
Align usage message lines (fix #335)
Print newlines only when necessary

Correct coma to comma in usage message
2018-11-26 10:48:19 -07:00
James Reed
477ab20443
Overhaul message printing 2018-11-24 15:48:25 -07:00
James Reed
1ba3c55241
Check for KDF header in is_valid_key 2018-11-03 15:15:48 -06:00
Alexandre Pujol
2f3826d88d
Fix modification time restoration. 2018-09-24 12:58:51 +01:00
Alexandre Pujol
aaa4637ed0
Track access/modification time of sensitive files
Collects the stats of tomb keys and tomb files then restore them when
Tomb exits. Can be extended to any file opened by Tomb. See #266
2018-09-23 22:21:05 +01:00
bjonnh
18b7541a98
subkey_id for display must be out of _fingerprint
I did a typo, the ($gpg_id) should have been out of the _fingerprint call.
2018-08-18 17:41:37 -05:00
bjonnh
b49a36a07b
Add support for multiple keys especially subkeys
Correcting issue #316
2018-08-17 14:03:33 -05:00
Jaromil
68a9589925 set ownership after dig and forge 2018-02-11 21:41:58 +01:00
Jaromil
f5ceddc0b7 put assuan commands to pinentry into a single function 2018-01-29 09:47:42 +01:00
SargoDevel
66ade86441 Added pinentry-qt5 support 2018-01-28 21:49:21 +01:00
Narrat
08ca0a8eef list_gnupg_ciphers: Remove check on gpg
This function is called after _ensure_dependencies(), which would bail out if gpg is not found
2018-01-07 21:56:19 +01:00
Narrat
5e3b0dec84 list_gnupg_ciphers: be language agnostic
The old awk implementation always worked on lines beginning with 'Ciphers:' until it found 'Hash:'.
This fails for locales where a respective gnupg2.mo entry exists (Example: Ciphers in german is translated as Verschlü.:).
This is replaced by pointing awk on a specific line, which is for gpg1 and gpg2 the same. Work is done until awk stumbles up on a line which marks a new section (marked by keyword and :)

This closes #299
2018-01-07 21:40:32 +01:00
Narrat
e15c58dfd7 list_gnupg_ciphers: Pipe everything into /dev/null
Firstly the printed binary path is in the wrong place. Reading the text, one assumes Ciphers coming next.
Secondly it doesn't make sense to check there for a missing gnupg installation. Before calling list_gnupg_ciphers(), there is a direct call for gpg --version. If that fails the whole text is scrambled and no error reported

Dropping the output from which allows to remove the space from printing the ciphers. The text is correctly aligned now
2018-01-07 21:03:21 +01:00
Narrat
61fdab85be Show only version of pinentry
pinentry --version invocation includes License information.
As the same applies for gpg, and the information is not displayed there, we should the same with pinentry.
And tomb doesn't deal with the gpg sourcecode in any way.

This closes #300
2018-01-07 20:03:04 +01:00
Jaromil
74689ea484 tagging the release 2018-01-03 20:34:18 +01:00
Jaromil
7951645db5 switch code indentation to hard tabs
also update code guidelines.
2018-01-03 20:27:14 +01:00
Jaromil
ae78659efb
Merge pull request #297 from dyne/restore-chown
restored change of ownership on tomb's contents
2018-01-03 19:42:52 +01:00
Jaromil
ab3044c6f5 restored change of ownership on tomb's contents
this reverts commit 843b7fdfc4
and refers to various issues, among them #268

on the long term its easy to realise how this is a usability feature for most
users, so we just provide a new '-p' flag to preserve ownership on open.
2018-01-03 18:34:50 +01:00
Alexandre Pujol
b20daeea6f
Fix: use is-at-least function to check program version 2018-01-03 14:46:23 +00:00
Jaromil
bc963cd1ae fix for correct execution of exec-hooks
this was broken in the latest release and fixes #271
2018-01-03 14:37:15 +01:00
Jaromil
3b1759b2b3 fix for hidden files without an extension as tombs
fix #147 introducing an extra check on TOMBNAME that, if returned
empty by the first transormation that removes the last .extension,
then is filled with the full TOMBFILE name without any transformation
2018-01-03 13:43:05 +01:00
Jaromil
60b72ad91f documentation and version updates
findmnt version shown
2018-01-03 10:44:27 +01:00
Jaromil
cf93551efa
Merge pull request #296 from dyne/use-findmnt
Replace 'mount -l' with 'findmnt'
2018-01-03 10:38:48 +01:00
Jaromil
9b1d1891cc
Merge pull request #290 from parazyd/use-shred-instead-wipe-patch
use shred instead of wipe
2018-01-03 10:03:50 +01:00
Jaromil
b72d67618b restore square parens detection in list_tomb_mounts() 2018-01-02 15:35:32 +01:00
Jaromil
3f107f9d31 small fix for usage of findmnt --raw flag 2018-01-02 14:04:53 +01:00
Jaromil
3593721967 drop zsh/regex module in favor of =~
As debated in issue #282 Zsh introduced a bug in v5.3.1 which briefly affected
our mechanism for closing tombs. The bug is fixed, but while investigating the
issue @aude realised there can be a better way to apply this regex for the
detection of mounted volumes on distro dependent /run/media/$USER paths.

This change drops usage of the regex optional module in Zsh to use the built-in
=~ comparison and improves the match using round parenthesis. It may fix the
close command on some distributions.
2018-01-02 14:04:53 +01:00
Victor Calvert
09ff889c1d Replace mount with findmnt
this fixes a mount-related functionality (finding the volume label) in new
versions of util-linux, that since v2.30 does not list anymore volume labels
with its mount -l command. Since findmnt needs sudo to list labels, this also
introduces the need for sudo in more commands: is_valid_tomb(), list, index and
search. The issue was examined in PR #283 and this is a rebase of it.
2018-01-02 13:39:35 +01:00
Jaromil
a7190eb2e2 drop zsh/regex module in favor of =~
As debated in issue #282 Zsh introduced a bug in v5.3.1 which briefly affected
our mechanism for closing tombs. The bug is fixed, but while investigating the
issue @aude realised there can be a better way to apply this regex for the
detection of mounted volumes on distro dependent /run/media/$USER paths.

This change drops usage of the regex optional module in Zsh to use the built-in
=~ comparison and improves the match using round parenthesis. It may fix the
close command on some distributions.
2018-01-02 12:35:11 +01:00