Commit Graph

317 Commits

Author SHA1 Message Date
James Reed
477ab20443
Overhaul message printing 2018-11-24 15:48:25 -07:00
James Reed
1ba3c55241
Check for KDF header in is_valid_key 2018-11-03 15:15:48 -06:00
Alexandre Pujol
2f3826d88d
Fix modification time restoration. 2018-09-24 12:58:51 +01:00
Alexandre Pujol
aaa4637ed0
Track access/modification time of sensitive files
Collects the stats of tomb keys and tomb files then restore them when
Tomb exits. Can be extended to any file opened by Tomb. See #266
2018-09-23 22:21:05 +01:00
bjonnh
18b7541a98
subkey_id for display must be out of _fingerprint
I did a typo, the ($gpg_id) should have been out of the _fingerprint call.
2018-08-18 17:41:37 -05:00
bjonnh
b49a36a07b
Add support for multiple keys especially subkeys
Correcting issue #316
2018-08-17 14:03:33 -05:00
Jaromil
68a9589925 set ownership after dig and forge 2018-02-11 21:41:58 +01:00
Jaromil
f5ceddc0b7 put assuan commands to pinentry into a single function 2018-01-29 09:47:42 +01:00
SargoDevel
66ade86441 Added pinentry-qt5 support 2018-01-28 21:49:21 +01:00
Narrat
08ca0a8eef list_gnupg_ciphers: Remove check on gpg
This function is called after _ensure_dependencies(), which would bail out if gpg is not found
2018-01-07 21:56:19 +01:00
Narrat
5e3b0dec84 list_gnupg_ciphers: be language agnostic
The old awk implementation always worked on lines beginning with 'Ciphers:' until it found 'Hash:'.
This fails for locales where a respective gnupg2.mo entry exists (Example: Ciphers in german is translated as Verschlü.:).
This is replaced by pointing awk on a specific line, which is for gpg1 and gpg2 the same. Work is done until awk stumbles up on a line which marks a new section (marked by keyword and :)

This closes #299
2018-01-07 21:40:32 +01:00
Narrat
e15c58dfd7 list_gnupg_ciphers: Pipe everything into /dev/null
Firstly the printed binary path is in the wrong place. Reading the text, one assumes Ciphers coming next.
Secondly it doesn't make sense to check there for a missing gnupg installation. Before calling list_gnupg_ciphers(), there is a direct call for gpg --version. If that fails the whole text is scrambled and no error reported

Dropping the output from which allows to remove the space from printing the ciphers. The text is correctly aligned now
2018-01-07 21:03:21 +01:00
Narrat
61fdab85be Show only version of pinentry
pinentry --version invocation includes License information.
As the same applies for gpg, and the information is not displayed there, we should the same with pinentry.
And tomb doesn't deal with the gpg sourcecode in any way.

This closes #300
2018-01-07 20:03:04 +01:00
Jaromil
74689ea484 tagging the release 2018-01-03 20:34:18 +01:00
Jaromil
7951645db5 switch code indentation to hard tabs
also update code guidelines.
2018-01-03 20:27:14 +01:00
Jaromil
ae78659efb
Merge pull request #297 from dyne/restore-chown
restored change of ownership on tomb's contents
2018-01-03 19:42:52 +01:00
Jaromil
ab3044c6f5 restored change of ownership on tomb's contents
this reverts commit 843b7fdfc4
and refers to various issues, among them #268

on the long term its easy to realise how this is a usability feature for most
users, so we just provide a new '-p' flag to preserve ownership on open.
2018-01-03 18:34:50 +01:00
Alexandre Pujol
b20daeea6f
Fix: use is-at-least function to check program version 2018-01-03 14:46:23 +00:00
Jaromil
bc963cd1ae fix for correct execution of exec-hooks
this was broken in the latest release and fixes #271
2018-01-03 14:37:15 +01:00
Jaromil
3b1759b2b3 fix for hidden files without an extension as tombs
fix #147 introducing an extra check on TOMBNAME that, if returned
empty by the first transormation that removes the last .extension,
then is filled with the full TOMBFILE name without any transformation
2018-01-03 13:43:05 +01:00
Jaromil
60b72ad91f documentation and version updates
findmnt version shown
2018-01-03 10:44:27 +01:00
Jaromil
cf93551efa
Merge pull request #296 from dyne/use-findmnt
Replace 'mount -l' with 'findmnt'
2018-01-03 10:38:48 +01:00
Jaromil
9b1d1891cc
Merge pull request #290 from parazyd/use-shred-instead-wipe-patch
use shred instead of wipe
2018-01-03 10:03:50 +01:00
Jaromil
b72d67618b restore square parens detection in list_tomb_mounts() 2018-01-02 15:35:32 +01:00
Jaromil
3f107f9d31 small fix for usage of findmnt --raw flag 2018-01-02 14:04:53 +01:00
Jaromil
3593721967 drop zsh/regex module in favor of =~
As debated in issue #282 Zsh introduced a bug in v5.3.1 which briefly affected
our mechanism for closing tombs. The bug is fixed, but while investigating the
issue @aude realised there can be a better way to apply this regex for the
detection of mounted volumes on distro dependent /run/media/$USER paths.

This change drops usage of the regex optional module in Zsh to use the built-in
=~ comparison and improves the match using round parenthesis. It may fix the
close command on some distributions.
2018-01-02 14:04:53 +01:00
Victor Calvert
09ff889c1d Replace mount with findmnt
this fixes a mount-related functionality (finding the volume label) in new
versions of util-linux, that since v2.30 does not list anymore volume labels
with its mount -l command. Since findmnt needs sudo to list labels, this also
introduces the need for sudo in more commands: is_valid_tomb(), list, index and
search. The issue was examined in PR #283 and this is a rebase of it.
2018-01-02 13:39:35 +01:00
Jaromil
a7190eb2e2 drop zsh/regex module in favor of =~
As debated in issue #282 Zsh introduced a bug in v5.3.1 which briefly affected
our mechanism for closing tombs. The bug is fixed, but while investigating the
issue @aude realised there can be a better way to apply this regex for the
detection of mounted volumes on distro dependent /run/media/$USER paths.

This change drops usage of the regex optional module in Zsh to use the built-in
=~ comparison and improves the match using round parenthesis. It may fix the
close command on some distributions.
2018-01-02 12:35:11 +01:00
Jaromil
c537676e92 wrap the cats 2017-12-12 11:29:53 +01:00
Jaromil
f6457090af documentation of the new 'ps' command 2017-12-11 17:55:02 +01:00
Jaromil
121a64bc80 improvements to the new ps and slam implementations 2017-12-11 17:55:02 +01:00
Jaromil
8e33be0472 new slam and list_processes 2017-12-11 17:55:02 +01:00
Jaromil
85ac179cc8 cleanup of umount_tomb and removed slam from inside 2017-12-11 17:55:02 +01:00
Jaromil
21347f3657 square parens detection in list_mounted_tombs 2017-12-11 17:53:38 +01:00
Jaromil
6182a56fb6 fix bug in message rendering: stop overriding $i if existing
this small bug caused rewriting the $i variable (often used as
iterator in loops) whenever a log message was produced. Fix also
includes an acceleration of log printing by substituting seq with
native zsh notation.
2017-12-11 17:53:17 +01:00
parazyd
c8be1c22dd
use shred instead of wipe 2017-12-07 11:36:59 +01:00
Florian Brandes
8d2cb2d852
Double check after umounting bind directories
Checking if a tomb is still present in the
output of mount after umounting binded directories.
Addresses issue #265
2017-07-23 10:28:06 +02:00
Amin Mesbah
04ec0189a6 Fix 3 grammatical errors. 2017-06-24 12:24:50 -07:00
Jaromil
127a8ed7ee exit code check on close
also removed pre-open and post-close as they don't really make sense
since all hooks are contained inside the Tomb. The post-close may be
implemented using a temp file, if a use case turns up for it.
2017-06-06 16:30:48 +02:00
Jaromil
056d0174f4 refactoring of exec-hooks
Renamed file from "post-hooks" to more appropriate "exec-hooks".
Implemented and documented a more consistent call system made of 4
different stages: pre-open, post-open, pre-close, post-close.
Addresses issue #265
2017-06-06 12:45:29 +02:00
Narrat
c658d33187 --version includes lsof as optional dep 2017-05-10 21:50:48 +02:00
Jaromil
18067a1c2e version bump 2017-04-16 17:18:16 +02:00
Jaromil
66aa7fdac7 minor corrections to new gpg related message formatting 2017-04-16 12:07:41 +02:00
Jaromil
3e0dd1e111 add debug message of loop device in umount_tomb 2017-04-16 12:00:47 +02:00
Alexandre Pujol
1050d43c59
Support for gpg encrypted tomb key loaded from stdin. See #255 2017-04-05 14:52:47 +01:00
Alexandre Pujol
c303513be4
Fix issues with GPG default key.
- Remove --no-options gpg option when using GPG key.
- Improve gpg default key tests

To use the default key, ~/.gnupg/gpg.conf needs:
  default-key <keyid>
  default-recipient-self
Or
  default-recipient <keyid>

Otherwise the first key in the keyring is used.
2017-04-03 13:24:25 +01:00
Alexandre Pujol
d720e4b2ce
Remove --shared flag when sharing a tomb key. See #252 2017-03-24 20:08:33 +00:00
Alexandre Pujol
bb77de0815
Fix compatibility with GnuPG 2.2.19
GnuPG 2.2.19 added a warning when no command was given. Some invocations
do not specify a command, added --decrypt in this these cases.
2017-03-20 19:14:47 +00:00
Alexandre Pujol
29a177aa05
Fix issue #251 2017-03-20 19:07:04 +00:00
Alexandre Pujol
c793e0b132
Add support for non hidden and hidden recipient
Use -r to provide non-hidden recipient,
Use -R to provide hidden recipient.
2017-03-03 21:19:04 +00:00