Jaromil
489b3582cb
Disable escapes when piping secrets
...
Switched to use echo with -E flag to disable escapes in keys: escape
strings were discarded cryptsetup tomb operations when they were present
in the decoded key random passphrase. Issue #154
The solution adopted here includes wrapping all cryptsetup operations to
unify the behaviour adopted.
Worth noting that this problem possibly breaks all tombs and keys
created using the unstable Tomb from git development in the past 2
months. Regression tests with previous stable releases are OK.
2014-11-20 09:59:11 +01:00
gdrooid
6ce45a6f84
[i18n] Update translation files.
2014-11-16 17:30:59 +01:00
Jaromil
a568cdf546
imported python tomber into extras
...
more documentation updates
2014-11-16 15:21:11 +01:00
Jaromil
bbb290c81a
documentation updates
2014-11-16 13:55:51 +01:00
Jaromil
a0db66b18e
added also explicit stdout redirection to command -v
2014-11-16 13:11:42 +01:00
Jaromil
9f39d671a0
reverted to use command -v instead of hash
...
according to analysis made with @gdrooid
2014-11-16 12:38:31 +01:00
Jaromil
da46cbcd31
using zsh hash function instead of command -v to check for bins in path, using plain 2>/dev/null redirection everywhere
2014-11-16 11:37:30 +01:00
Jaromil
982c7591f2
avoid gettext being a requirement and list optional tools found in version output
2014-11-16 11:34:35 +01:00
Jaromil
aa35441d69
this should fix lo_mount() as reported in #154
2014-11-16 11:09:43 +01:00
Jaromil
d4c4a82d73
more detailed help messages and exclude videos from index
2014-11-15 04:14:40 +01:00
Jaromil
249c3cec1d
work also without gettext. versioning
2014-11-15 03:14:03 +01:00
Jaromil
8c8ab3fc5c
removed some minor debugging tests
2014-11-15 02:41:10 +01:00
Jaromil
edbd950120
switched to zsh/regex and zsh/mapfile
...
many operations moved to builtin zsh internals, improving speed
also fixes to the username detection and to the losetup check
2014-11-15 02:38:53 +01:00
Jaromil
4ce8771e99
Correct wrapping of cli argument arrays
...
Fixes also piping to ssh for remote tomb commands
This fix was suggested by @brianmay on #139
2014-11-14 20:12:30 +01:00
Jaromil
82e0533892
message fix
2014-11-14 19:43:26 +01:00
Jaromil
a7d7fad6a8
last minor fix to use _plot() instead of is_valid_tomb() on tomb creation commands
2014-11-14 19:27:57 +01:00
Jaromil
949a8c19e7
correct rendering of dev mapper filename and use of is_valid_tomb
2014-11-14 19:13:48 +01:00
Jaromil
106c4ab32e
fixed resize
2014-11-14 18:51:33 +01:00
Jaromil
98ab49315a
fixes to _tmp_create and its usage
2014-11-14 18:42:11 +01:00
Jaromil
828579e10d
better parses for bind-hooks
...
rw global vars VERSION etc facilitate re-source in test environment
2014-11-14 17:42:49 +01:00
Jaromil
9097a69631
indentation and small fix for umount to avoid warnings and correct check
2014-11-14 14:25:49 +01:00
Jaromil
c73f00eb19
adjusting strings to facilitate translation
2014-11-04 16:45:57 +01:00
Jaromil
943a46ef60
removed create_tomb, left deprecation notice
2014-11-04 16:45:37 +01:00
Jaromil
181f0fc636
revert to swish-e again
2014-11-04 16:45:08 +01:00
hellekin
6c71f2c94b
[cleanup] Process subcommands
2014-11-04 15:33:12 +01:00
hellekin
8df1575a44
[cleanup] Replace 'test' with [[ expr ]]
2014-11-04 15:33:12 +01:00
hellekin
b857122d7d
[cleanup] _load_key
2014-11-04 15:32:46 +01:00
hellekin
27ec914870
[cleanup] Fix path to user's temporary files
2014-11-04 15:32:46 +01:00
hellekin
fb12b50d7d
[cleanup] ask_password
2014-11-04 15:32:45 +01:00
Jaromil
dac8e4acae
remove base2 notation for flags
...
fixes bug that prevented to evaluate correctly 1/0 values for optional extensions
2014-11-04 15:32:45 +01:00
hellekin
788c133f94
[cleanup] More test cleanups
2014-11-04 15:32:45 +01:00
hellekin
14ed549a55
[cleanup] Consolidate temporary file creation
2014-11-04 15:32:45 +01:00
hellekin
226fd2a0f8
[cleanup] Only add directory to mounted if it's actually mounted
2014-11-04 15:32:45 +01:00
hellekin
fda78fbf8a
[cleanup] Disallow empty TOMBNAME
2014-11-04 15:32:45 +01:00
hellekin
0754e9acd2
[cleanup] "Safety functions" section
...
- more documentation
- follow style guide
- rationalize check_swap
2014-11-04 15:32:45 +01:00
hellekin
3e91b7bb9b
[cleanup] Document options functions
2014-11-04 15:32:45 +01:00
hellekin
cd1ceac92e
[cleanup] Introduce _whoami ; clean ; pass all tests with or without sudo
2014-11-04 15:32:44 +01:00
hellekin
b053898300
[cleanup] Privatize {,_}endgame event
2014-11-04 15:32:44 +01:00
hellekin
8e38a1c31b
[cleanup] Uppercase loop devices
2014-11-04 15:32:44 +01:00
hellekin
03a3456c98
[cleanup] Uppercase temporary files
2014-11-04 15:32:44 +01:00
hellekin
43225c790e
[clenaup] Uppercase secrets
2014-11-04 15:32:44 +01:00
hellekin
fe01a62467
[cleanup] Uppercase TOMBKEY*
2014-11-04 15:32:44 +01:00
hellekin
b91573dde5
[cleanup] Introduce _plot
2014-11-04 15:32:44 +01:00
hellekin
19abe7cf85
[cleanup] Uppercase global command context
2014-11-04 15:32:44 +01:00
hellekin
0e9453ebd8
[cleanup] Remove unused global variable
2014-11-04 15:32:44 +01:00
hellekin
b340721307
[cleanup] Uppercase global OPTS
2014-11-04 15:32:43 +01:00
hellekin
9539d0cc4b
[cleanup] Formalize tests for flags
2014-11-04 15:32:43 +01:00
hellekin
da183aa689
[cleanup] Fix log of commands by using arrays consistently
2014-11-04 15:32:43 +01:00
hellekin
b721de0ec1
Starting cleanup
2014-11-04 15:32:43 +01:00
Jaromil
3d29d6a422
use swish-e and not the debian-specific wrapper, fix #136
2014-10-24 01:20:36 +02:00
hellekin
a9bc4c2489
Remove fatally broken failure :)
2014-10-20 12:52:21 -03:00
Jaromil
3416ad2d2c
avoid using Tomb's PID in temp files and double the random #150
2014-10-20 16:34:45 +02:00
Jaromil
f2ffa9c67f
correct tomb_key variable usage in logs
2014-10-10 11:17:02 +02:00
Jaromil
f8df67fcd0
fixes empty variables used in output messages
...
there where variable names left over after the code refactoring
they have now correct names or are filled, messages stay the same
fixes #138
2014-10-10 00:05:00 +02:00
hellekin
4610af02c9
Tidy up options documentation
2014-10-05 13:41:19 -03:00
Jaromil
c7009e5c1b
Merge pull request #132 from gdrooid/i18n
...
Internationalization of all human language in Tomb using gettext
2014-09-16 18:56:45 +02:00
gdrooid
0d76ccc2df
Usage message translations.
...
Adds a new `_print` function to print strings without coloring or
other stuff added by the `_msg` function. It's used for the usage
message, letting it be translated.
The usage messages have been split into one-line strings, and added
back to the tomb.pot and *.po files.
2014-09-13 16:55:03 +02:00
gdrooid
55f6a0a927
Remove manual coloring from strings.
2014-09-09 13:20:06 +02:00
gdrooid
b73dfd65d7
Makes it possible to add any number of ::vars:: to the strings.
2014-09-09 13:15:31 +02:00
Jaromil
7918161803
revert to using /dev/null to ignore output when needed
...
should fix #134
2014-09-06 20:24:24 +02:00
gdrooid
20a59fdf7b
Update new strings to the new format.
2014-09-01 10:09:33 +02:00
gdrooid
118ace28ef
Update Spanish translations and fix minor issues.
...
Issues:
`gettext -s - "$2"` prints the -, instead of getting the desired effect
The custom expansion missed repeated variables in a single string
Some string fixes
2014-09-01 09:37:45 +02:00
gdrooid
61e6529f6a
Update Spanish translations.
2014-09-01 09:37:11 +02:00
gdrooid
bfc12248bd
Adapt _failure strings for new format.
...
Also, changes the way you pass an exit value to the _failure function:
exitv=1 _failure "Message"
2014-09-01 09:37:11 +02:00
gdrooid
d1bac626ef
Adapt _verbose strings to new format.
2014-09-01 09:36:49 +02:00
gdrooid
08c94cc110
Adapt _message strings to new format.
2014-09-01 09:35:24 +02:00
gdrooid
2b0a02f3d7
Adapt _warning messages to new format.
2014-09-01 09:34:02 +02:00
gdrooid
7d6c72a2e8
Adapt _success messages to new format.
2014-09-01 09:32:22 +02:00
gdrooid
bb863b7e17
Modify _msg function for new string format.
2014-09-01 09:28:32 +02:00
Jaromil
76248f2d66
documentation updates
2014-08-30 19:38:56 +02:00
Jaromil
e8aaf03b52
Completed refactoring of secret handling, all unit tests working.
...
This refactoring avoids writing of keys on filesystem, exception made
for the 'setkey' command. Loopfiles and tempfiles are automatically
wiped at exit, variable are filled with random data before unset.
2014-08-30 19:38:56 +02:00
Jaromil
16b319c256
More cleanup and refactoring.
...
Now most functions are stable. tomb open -k image.jpg can use images
directly as keys, works on tests, but needs more debugging.
2014-08-26 00:54:41 +02:00
Jaromil
5d9caf01e0
Cleanup and normalization of functions handling secrets
...
also now using a dash - after print and gettext options to avoid
parsing printed strings as options.
2014-08-25 23:32:32 +02:00
Jaromil
1d815a1f7e
More refactoring of how keys, passwords and secrets are stored
...
includes a working loopback and tempfile cleanup in endgame()
and several changes in order to avoid saving anything on disk
WIP addressing #124 and #126
2014-08-25 21:07:47 +02:00
Jaromil
f794b78795
Merge pull request #123 from gdrooid/i18n
...
Install and use translations.
2014-08-19 18:48:49 +02:00
Jaromil
31ab169e2f
Merge pull request #122 from gdrooid/master
...
Substitute /dev/null redirection with closing stdin/err. Cleanup some obsolete functions.
2014-08-17 21:10:18 +02:00
Jaromil
7bd21e4419
remove newline from decrypted key's secret, fixes #125
2014-08-17 21:05:22 +02:00
gdrooid
22f3ab09e5
Close std(out|err) instead of redirecting to /dev/null.
2014-08-15 01:43:52 +02:00
gdrooid
6c4bc38e6a
Small fixes/Remove dead options
2014-08-15 01:43:52 +02:00
Jaromil
9d718d0ebb
signal traps for endgame cleanups
2014-08-14 09:58:15 +02:00
gdrooid
7d434787b6
Install and use translations.
2014-08-11 23:01:58 +02:00
Jaromil
f7b83de6ca
cleanup implicitly exhumed key and move get_lukskey() closer to caller funcs
2014-08-06 11:21:08 +02:00
Jaromil
5158c380fe
refactoring of the way password and keys are handled internally
...
this change uses an hidden global variable within tomb to store the
decrypted key material, avoiding using one tempfile in RAM, avoiding
running the decryption more than once (which means sanity for KDF
usage) and overall simplifying the code also avoiding duplicates.
2014-08-06 07:43:25 +02:00
Jaromil
534476a849
fixes to piping keys stdin/out in image steganography
...
Also started refactoring code around key handling and
added some documentation.
2014-08-05 17:05:49 +02:00
Jaromil
b7e89e5246
fix to exhume key (steg) to correctly print on stdout when -k -
...
addressing issue #118
2014-08-03 19:54:43 +02:00
Jaromil
b425f82f99
Merge pull request #114 from gdrooid/master
...
Indent everything with spaces
2014-07-21 20:06:07 +02:00
Jaromil
da349afeda
Security fix for use in multi-user environments
...
The tomb mount is now readable by the opening uid only (711 r-x--x--x);
directory access is preserved to allow sharing access to certain subdirs.
Review and fix contributed by Morten Langlo
2014-07-14 18:58:09 +02:00
gdrooid
79fdca5342
Align everything with spaces.
2014-07-13 17:35:28 +02:00
gdrooid
2282782bc2
Remove trailing spaces.
2014-07-13 16:51:13 +02:00
Jaromil
f6885729ac
documentation updates for release
2014-06-09 12:22:33 +02:00
Jaromil
9bc0bd762b
Merge pull request #112 from reiven/master
...
fixed 'non interactive' e2fsck on resize, proposal for #111
2014-06-08 20:37:07 +02:00
Jaromil
108a4c00fc
setkey now works also in dev-mode
...
includes some minor code refactoring mostly around setkey
2014-06-08 20:30:35 +02:00
Federico Reiven
d2982307a8
fixed 'non interactive' e2fsck on resize, proposal for #111
2014-06-08 15:05:25 -03:00
Jaromil
052a86de0c
fixes to key password handling
...
refactoring of the code using ask_key_password for better support
of dev-mode password supplied from CLI. This also fixes all uses of
passwd command to change a key's password.
2014-06-08 19:33:35 +02:00
Jaromil
ba9d7e03fc
make sure sbin is in PATH
...
this helps find cryptsetup
2014-06-01 22:19:49 +02:00
Jaromil
85fe8fdc01
Merge pull request #107 from gdrooid/master
...
Message formatting inconsistencies
2014-05-11 09:28:01 +02:00
gdrooid
47d13addb2
message formatting fix
2014-05-06 08:12:19 +02:00
reiven
ff1ee165c2
fixed incorrect help for dig command
2014-05-05 13:12:42 -03:00
gdrooid
ee3caecafd
message formatting fix
2014-04-30 17:31:28 +02:00
gdrooid
c49606f2dc
documentation fix
2014-04-28 14:56:21 +02:00
Jaromil
9009fba9f5
re-fix for .gnupg home dir
2014-04-25 23:16:47 +02:00
Jaromil
cf66907fa2
fixes a nasty bug on forge when run without /home/jrml/.gnupg
...
thanks to Giuliana Dieni for debbugging
2014-04-04 14:52:40 +02:00
Jaromil
db42a8fd3f
documentation for a new minor release
2014-02-24 16:09:28 +01:00
Jaromil
12f49bf2ff
another fix to key handling
...
ultimately removing the case in which we guess if the key is near
the tomb: that is not anymore in documentation and we stop encouraging
to keep the key near the tomb.
2014-02-21 22:40:06 +01:00
Jaromil
7fb404d97c
documentation update for minor bugfix release
2014-02-20 11:12:21 +01:00
Jaromil
a7d330997e
fixed correct handling and deletion of keys when taken from stdin
2014-02-19 12:08:26 +01:00
Jaromil
10baee25a6
Resize now appends directly to tomb file
...
this avoids creating a delta file in ram, filling it eventually.
fixes #99
2014-01-13 00:17:24 +01:00
Jaromil
9991405124
sanitized the way key filenames are set
...
there was some inconsistency in the way load_keys was accepting
different parameters or guessing from the tomb filename.
fixes #98
2014-01-13 00:09:37 +01:00
Jaromil
325633d2fb
correct documentation on -s option
...
somewhere mentioned as --size, but the option is really just -s
fixes #100
2014-01-12 23:40:45 +01:00
Jaromil
f9805731f1
Merge pull request #101 from hellekin/swap
...
Better support for multiple swap partitions, avoids warning if swap is encrypted.
2014-01-12 14:35:17 -08:00
Jaromil
39bfce25f8
Change default cipher specification
...
new default is "aes-xts-plain64:sha256"
manpage now includes note on how to tune it
fixes #102
2014-01-12 23:32:23 +01:00
hellekin
42a51c53fc
Support encrypted swaps
2013-12-16 18:23:10 -03:00
hellekin
15517e0141
Support multiple swaps
2013-12-16 18:20:52 -03:00
hellekin
7f2fd4d60c
Support encrypted swap
2013-12-16 17:41:49 -03:00
hellekin
0e49dfc7a0
Detect non-partition swaps
2013-12-16 16:34:39 -03:00
Jaromil
8e9cc7d5c2
more post-hooks documentation and second argument passed with mountpoint
2013-09-19 15:37:21 +02:00
Jaromil
0ca70509cf
fix to engrave usage of qrencode
2013-09-18 02:19:14 +02:00
Jaromil
8f25001f57
fixed versioning and extras reorganization
2013-09-08 16:10:19 +02:00
Jaromil
fa75d0f7bc
check if loop mount is possible
...
if not abort gracefully with an explanation
(10x to Bucciarati and sdonk)
2013-09-05 12:45:40 +02:00
Jaromil
914ac9594e
last fixes and documentation for release
...
manual page updates and improvements to kdf argument handling
2013-06-20 12:46:20 +02:00
Jaromil
064b9c964c
Improved swish indexing
...
swish-e usage for indexing of file contents is stable
2013-06-20 10:30:54 +02:00
Jaromil
f3c18819d2
documentation and test improvements
...
also renamed 'backup' command into 'engrave'
2013-06-20 10:26:12 +02:00
Jaromil
551a7839f5
important fix for backward compatibility to 1.2
...
a grave bug has been affecting 1.3 and 1.3.1 releases, which makes keys
created with those versions incompatible with other Tomb versions.
This bug is now fixed and Tomb should be able again to open old tombs.
A script to sanitize keys will be released soon.
2013-06-20 00:45:23 +02:00
Jaromil
8d46ff46e1
new backup command to save keys on paper
...
Backup simply encodes a QRCode that can be print on paper and
hidden in books or so, to keep phisical backups of keys.
The QR can be simply scanned with any smartphone, saved into a file
and reused as a key.
2013-06-19 20:52:21 +02:00
Jaromil
8f4b0c6567
improvements to key handling
...
added a new 'change' command to change a Tomb's key
it replaces the same LUKS slot using luksChangeKey
2013-06-19 20:20:17 +02:00
Jaromil
9706ef1ab1
Index/Search support over file contents (Swish-e)
2013-06-12 18:15:55 +02:00
Jaromil
5c70938b67
create command deprecation
2013-06-12 15:39:46 +02:00
Jaromil
8e9fc7e803
Major fixes to KDF and steganography
...
With the advent of a proper test suite many bugs were found and
squashed both in the way KDF and steghide were used.
Key validation func is_valid_key() now attempts recovery for keys
that have broken headers or are naked text (back-compat to old exhume).
KDF and steg now work correctly.
2013-06-12 13:33:54 +02:00
Jaromil
bc3177141d
fix to tomb resize
...
also included into test script
2013-06-12 03:01:28 +02:00
Jaromil
8f9e9f9d2a
fixes to --tomb-pwd and new test script
2013-06-12 00:59:41 +02:00
Jaromil
61362ce34e
forge and create refuse to overwrite existing files
2013-06-11 23:37:20 +02:00
Jaromil
28a52f5851
fixes to the way paths are handled in load_keys
...
should fix issue #97
2013-06-11 18:34:17 +00:00
Jaromil
6e51d166be
search/index fixes
...
warning if mlocate not found and better search string handling
searches through all open tombs. mlocate seems to not support multiple strings well.
2013-06-11 16:49:58 +00:00
Jaromil
f43ab33872
Merge branch 'gpgfix' for gnupg result parsing and stdin keys
2013-06-11 15:57:20 +00:00
Jaromil
9e820f3de6
Fixes to GnuPG 1.4.11/1.4.12 result parsing
...
GnuPG 1 changes behaviour across 1.4.11 and 12 minor versions
when it comes to --status-fd and messaging on stderr/stdout.
This is a fix to make sure that gpg output is parsed correctly
2013-06-11 15:56:59 +00:00
Jaromil
772b731e5f
small fixes to tmpfile handling for key from stdin
2013-06-11 15:05:15 +00:00
gdrooid
d4b5d652f5
Fixed "tomb search" for real
...
Makes `tomb search` work as expected.
`tomb search tombname pattern` will search `pattern` in `tombname`.
2013-05-31 14:18:20 +03:00
gdrooid
778bca3864
Fixed "tomb search"
...
This way you can't specify a tomb to search in, but at least it will search for the patterns.
2013-05-30 20:24:51 +02:00
gdrooid
88b24de30a
Fixed 2 typos
...
changed a <tab> for a space
and corrected "sndexing"
2013-05-30 11:42:22 +03:00
Jaromil
c72ea9e52e
last cosmetics for release
...
pdf rendering of manpage, images and copyright to foundation
2013-05-29 23:12:47 +02:00
Jaromil
361a194700
fix to key password verification
...
last minute bug slipped in: it doesn't recognizes correct passwords
in some strange situations where gnupg doesn't returns correctly
(for instance when a .gnupg dir is not found in home)
2013-05-29 21:05:30 +00:00
Jaromil
2601dccb27
Temporary key from stdin
...
fix to temp dir and docu in help
2013-05-28 13:00:54 +02:00
Jaromil
917d8e8c6c
Literate programming documentation links
2013-05-28 12:53:26 +02:00
Jaromil
671350585e
Massive code cleanup
...
This commit doesn't changes anything substantial in the code,
but reorganizes it in foldable units (we use folding.el) and
fixes its markup for literate code documentation using our own
fork of shocco.
2013-05-28 11:57:58 +02:00
Jaromil
110ae83cd1
Relevant improvements to key password handling
...
now keys are verified in load_key() honoring commanline args
ask_key_password() will challenge user verifying using gnupg
drop_key() should be called after key has been used
this commit removes quite som duplicate code in password handling.
2013-05-27 22:49:44 +02:00
Jaromil
f37f7dd51d
Tomb size lower limit
...
Most filesystems can't deal with less than 10 MiB space
closes issue #68
2013-05-27 21:35:28 +02:00
Jaromil
568cc43ab6
Size unit is now MiB
...
More precise megabyte calculation as in IEC 2000 mebibyte
Cleans up use of dd/dcfldd
Solves issue #87
2013-05-27 21:24:17 +02:00
Jaromil
ad59dec3da
documentation updates
2013-05-25 16:29:19 +02:00
Jaromil
c20ca3a920
whitespace cleanup
2013-05-25 15:05:21 +02:00
Jaromil
37792ffdc5
cleanup of the main script
...
improved binary check, made resize optional
and set aside old install command (was already unused)
2013-05-25 15:04:16 +02:00
Jaromil
3eb93acc18
Directory reorganization
...
This commit re-organizes all the source distribution contents to
present users with the simple script, while moving the rest in extras.
Also autoconf/automake scripts were removed, back to minimalism.
The rationale of this change is that Tomb really only consists of a
script and users with no extra needs should just be presented with
it with no need for anything else. Any other thing on top of the Tomb
script is an extra and can be even distributed separately or integrated
in distributions.
2013-05-18 17:29:37 +02:00