diff options
author | Andrew Cady <d@jerkface.net> | 2014-05-07 02:30:48 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2014-05-07 02:30:48 -0400 |
commit | bfc85bbd625b252d537aaa924e9f8a963b2dfe33 (patch) | |
tree | 1bd3be74c29ba0716c2540df0f1d524842bb84b2 | |
parent | f48861d8f12c3603cb25d7b79768b6031b3bbd1c (diff) | |
parent | f02732b70e71d3c36d576822fa5c1a71a22294a0 (diff) |
Merge branch 'master' of ssh://localhost/~joe/repo/kiki
-rw-r--r-- | HACKING | 27 | ||||
-rw-r--r-- | KeyRing.hs | 24 | ||||
-rw-r--r-- | kiki.hs | 8 |
3 files changed, 49 insertions, 10 deletions
@@ -0,0 +1,27 @@ | |||
1 | |||
2 | This file is used to document items of interest to developers wishing to become | ||
3 | contributers to the kiki project. | ||
4 | |||
5 | === Dependencies Policy === | ||
6 | * The current approach in terms of library dependencies is as follows: | ||
7 | |||
8 | 1) It should work with libraries bundled with Debian on both | ||
9 | Debian Wheezy and Debian Jessie. | ||
10 | |||
11 | 2) Development occurs on Jessie first, and then the build is | ||
12 | backported to Wheezy. | ||
13 | |||
14 | 3) When backporting, it is preferred to use libraries available | ||
15 | in Wheezy unless the effort would be too great and then it is | ||
16 | prefered to use dependency versions that are already packaged for | ||
17 | Jessie. | ||
18 | |||
19 | 4) Exceptions can be made for must-have features in libraries | ||
20 | not packaged for Jessie. In which case, it is prefered to use | ||
21 | a version packaged for Sid, and if not available in Sid, | ||
22 | Experimental, and if not Experimental, then whatever is currently | ||
23 | available through cabal/hackage. And finally as a last resort, | ||
24 | whatever is available via git. | ||
25 | |||
26 | * This approach keeps the code base fresh without limiting it's ease of install | ||
27 | and utility on existing systems. | ||
@@ -134,7 +134,7 @@ import System.FilePath ( takeDirectory ) | |||
134 | import System.IO (hPutStrLn,withFile,IOMode(..), Handle, hPutStr) | 134 | import System.IO (hPutStrLn,withFile,IOMode(..), Handle, hPutStr) |
135 | import Data.IORef | 135 | import Data.IORef |
136 | import System.Posix.IO ( fdToHandle ) | 136 | import System.Posix.IO ( fdToHandle ) |
137 | import qualified Data.Traversable as Traversable ( mapM ) | 137 | import qualified Data.Traversable as Traversable |
138 | import Data.Traversable ( sequenceA ) | 138 | import Data.Traversable ( sequenceA ) |
139 | #if ! MIN_VERSION_base(4,6,0) | 139 | #if ! MIN_VERSION_base(4,6,0) |
140 | import GHC.Exts ( Down(..) ) | 140 | import GHC.Exts ( Down(..) ) |
@@ -204,7 +204,7 @@ data InputFile = HomeSec | |||
204 | -- ^ Contents will be read from the first descriptor and updated | 204 | -- ^ Contents will be read from the first descriptor and updated |
205 | -- content will be writen to the second. Note: Don't use Pipe | 205 | -- content will be writen to the second. Note: Don't use Pipe |
206 | -- for 'Wallet' files. (TODO: Wallet support) | 206 | -- for 'Wallet' files. (TODO: Wallet support) |
207 | deriving (Eq,Ord) | 207 | deriving (Eq,Ord,Show) |
208 | 208 | ||
209 | -- type UsageTag = String | 209 | -- type UsageTag = String |
210 | type Initializer = String | 210 | type Initializer = String |
@@ -1199,6 +1199,9 @@ writeHostsFiles krd ctx (hostdbs0,hostdbs,u1,gpgnames,outgoing_names) = do | |||
1199 | return $ map (first $ resolveForReport $ Just ctx) rs | 1199 | return $ map (first $ resolveForReport $ Just ctx) rs |
1200 | return $ concat rss | 1200 | return $ concat rss |
1201 | 1201 | ||
1202 | isSecretKey :: Packet -> Bool | ||
1203 | isSecretKey (SecretKeyPacket {}) = True | ||
1204 | isSecretKey _ = False | ||
1202 | 1205 | ||
1203 | buildKeyDB :: InputFileContext -> Maybe String -> KeyRingOperation | 1206 | buildKeyDB :: InputFileContext -> Maybe String -> KeyRingOperation |
1204 | -> IO (KikiCondition ((KeyDB | 1207 | -> IO (KikiCondition ((KeyDB |
@@ -1238,7 +1241,11 @@ buildKeyDB ctx grip0 keyring = do | |||
1238 | 1241 | ||
1239 | -- KeyRings (todo: KikiCondition reporting?) | 1242 | -- KeyRings (todo: KikiCondition reporting?) |
1240 | (spilled,mwk,grip,accs,keys,unspilled) <- do | 1243 | (spilled,mwk,grip,accs,keys,unspilled) <- do |
1244 | #if MIN_VERSION_containers(0,5,0) | ||
1241 | ringPackets <- Map.traverseWithKey readp ringMap | 1245 | ringPackets <- Map.traverseWithKey readp ringMap |
1246 | #else | ||
1247 | ringPackets <- Traversable.traverse (uncurry readp) $ Map.mapWithKey (,) ringMap | ||
1248 | #endif | ||
1242 | let _ = ringPackets :: Map.Map InputFile (StreamInfo, Message) | 1249 | let _ = ringPackets :: Map.Map InputFile (StreamInfo, Message) |
1243 | 1250 | ||
1244 | let grip = grip0 `mplus` (fingerprint <$> fstkey) | 1251 | let grip = grip0 `mplus` (fingerprint <$> fstkey) |
@@ -1250,8 +1257,7 @@ buildKeyDB ctx grip0 keyring = do | |||
1250 | keys :: Map.Map KeyKey MappedPacket | 1257 | keys :: Map.Map KeyKey MappedPacket |
1251 | keys = Map.foldl slurpkeys Map.empty | 1258 | keys = Map.foldl slurpkeys Map.empty |
1252 | $ Map.mapWithKey filterSecrets ringPackets | 1259 | $ Map.mapWithKey filterSecrets ringPackets |
1253 | where isSecretKey (SecretKeyPacket {}) = True | 1260 | where |
1254 | isSecretKey _ = False | ||
1255 | filterSecrets f (_,Message ps) = | 1261 | filterSecrets f (_,Message ps) = |
1256 | filter (isSecretKey . packet) | 1262 | filter (isSecretKey . packet) |
1257 | $ zipWith (mappedPacketWithHint fname) ps [1..] | 1263 | $ zipWith (mappedPacketWithHint fname) ps [1..] |
@@ -1284,7 +1290,11 @@ buildKeyDB ctx grip0 keyring = do | |||
1284 | r <- performManipulations doDecrypt rt1 mwk manip | 1290 | r <- performManipulations doDecrypt rt1 mwk manip |
1285 | try r $ \(rt2,report) -> do | 1291 | try r $ \(rt2,report) -> do |
1286 | return $ KikiSuccess (report,(info,flattenKeys acc $ rtKeyDB rt2)) | 1292 | return $ KikiSuccess (report,(info,flattenKeys acc $ rtKeyDB rt2)) |
1293 | #if MIN_VERSION_containers(0,5,0) | ||
1287 | in fmap sequenceA $ Map.traverseWithKey trans spilled | 1294 | in fmap sequenceA $ Map.traverseWithKey trans spilled |
1295 | #else | ||
1296 | in fmap sequenceA $ Traversable.traverse (uncurry trans) $ Map.mapWithKey (,) spilled | ||
1297 | #endif | ||
1288 | try transformed0 $ \transformed -> do | 1298 | try transformed0 $ \transformed -> do |
1289 | let db_rings = Map.foldlWithKey' mergeIt Map.empty transformed | 1299 | let db_rings = Map.foldlWithKey' mergeIt Map.empty transformed |
1290 | where | 1300 | where |
@@ -1670,13 +1680,14 @@ writeRingKeys krd rt {- db wk secring pubring -} unspilled = do | |||
1670 | d <- sortByHint f keyMappedPacket (Map.elems db') | 1680 | d <- sortByHint f keyMappedPacket (Map.elems db') |
1671 | acc <- maybeToList $ Map.lookup f0 (rtRingAccess rt) | 1681 | acc <- maybeToList $ Map.lookup f0 (rtRingAccess rt) |
1672 | only_public <- maybeToList $ wantedForFill acc (fill stream) d | 1682 | only_public <- maybeToList $ wantedForFill acc (fill stream) d |
1683 | guard $ only_public || isSecretKey (keyPacket d) | ||
1673 | case fill stream of | 1684 | case fill stream of |
1674 | KF_Match usage -> do grip <- maybeToList $ rtGrip rt | 1685 | KF_Match usage -> do grip <- maybeToList $ rtGrip rt |
1675 | flattenTop f only_public | 1686 | flattenTop f only_public |
1676 | $ filterNewSubs f (parseSpec grip usage) d | 1687 | $ filterNewSubs f (parseSpec grip usage) d |
1677 | _ -> flattenTop f only_public d | 1688 | _ -> flattenTop f only_public d |
1678 | new_packets = filter isnew x | 1689 | new_packets = filter isnew x |
1679 | where isnew p = isNothing (Map.lookup f $ locations p) | 1690 | where isnew p = isNothing (Map.lookup (resolveForReport Nothing f0) $ locations p) |
1680 | guard (not $ null new_packets) | 1691 | guard (not $ null new_packets) |
1681 | return ((f0,isMutable stream),(new_packets,x)) | 1692 | return ((f0,isMutable stream),(new_packets,x)) |
1682 | let (towrites,report) = (\f -> foldl f ([],[]) s) $ | 1693 | let (towrites,report) = (\f -> foldl f ([],[]) s) $ |
@@ -2404,7 +2415,8 @@ readPacketsFromFile ctx fname = do | |||
2404 | case decodeOrFail input of | 2415 | case decodeOrFail input of |
2405 | Right (_,_,msg ) -> msg | 2416 | Right (_,_,msg ) -> msg |
2406 | Left (_,_,_) -> | 2417 | Left (_,_,_) -> |
2407 | --trace (fname++": read fail") $ | 2418 | -- FIXME |
2419 | -- trace (fname++": read fail") $ | ||
2408 | Message [] | 2420 | Message [] |
2409 | #else | 2421 | #else |
2410 | return $ decode input | 2422 | return $ decode input |
@@ -84,7 +84,7 @@ import Data.OpenPGP.Util (verify,fingerprint) | |||
84 | [(a, Int)] -> [a] -> ([[a]], [a]) | 84 | [(a, Int)] -> [a] -> ([[a]], [a]) |
85 | readPublicKey :: Char8.ByteString -> RSAPublicKey | 85 | readPublicKey :: Char8.ByteString -> RSAPublicKey |
86 | show_all :: KeyDB -> IO () | 86 | show_all :: KeyDB -> IO () |
87 | show_key :: forall t. | 87 | show_id :: forall t. |
88 | String -> t -> Map.Map KeyRing.KeyKey KeyData -> IO () | 88 | String -> t -> Map.Map KeyRing.KeyKey KeyData -> IO () |
89 | show_pem :: String -> String -> KeyDB -> IO () | 89 | show_pem :: String -> String -> KeyDB -> IO () |
90 | show_ssh :: String -> String -> KeyDB -> IO () | 90 | show_ssh :: String -> String -> KeyDB -> IO () |
@@ -299,7 +299,7 @@ show_ssh keyspec wkgrip db = do | |||
299 | blob = Base64.encode (L.unpack bs) | 299 | blob = Base64.encode (L.unpack bs) |
300 | putStrLn $ "ssh-rsa " ++ blob | 300 | putStrLn $ "ssh-rsa " ++ blob |
301 | 301 | ||
302 | show_key keyspec wkgrip db = do | 302 | show_id keyspec wkgrip db = do |
303 | let s = parseSpec "" keyspec | 303 | let s = parseSpec "" keyspec |
304 | let ps = do | 304 | let ps = do |
305 | (_,k) <- filterMatches (fst s) (Map.toList db) | 305 | (_,k) <- filterMatches (fst s) (Map.toList db) |
@@ -750,7 +750,7 @@ sync bExport bImport bSecret cmdarg args_raw = do | |||
750 | let shspec = Map.fromList [("--show-wk", const $ show_wk (rtSecring rt) grip) | 750 | let shspec = Map.fromList [("--show-wk", const $ show_wk (rtSecring rt) grip) |
751 | {-,("--show-all",const show_all) | 751 | {-,("--show-all",const show_all) |
752 | ,("--show-whose-key", const $ show_whose_key input_key) | 752 | ,("--show-whose-key", const $ show_whose_key input_key) |
753 | ,("--show-key",\[x] -> show_key x $ fromMaybe "" grip) | 753 | ,("--show-key",\[x] -> show_id x $ fromMaybe "" grip) |
754 | ,("--show-pem",\[x] -> show_pem x $ fromMaybe "" grip) | 754 | ,("--show-pem",\[x] -> show_pem x $ fromMaybe "" grip) |
755 | ,("--show-ssh",\[x] -> show_ssh x $ fromMaybe "" grip) | 755 | ,("--show-ssh",\[x] -> show_ssh x $ fromMaybe "" grip) |
756 | ,("--show-wip",\[x] -> show_wip x $ fromMaybe "" grip)-} | 756 | ,("--show-wip",\[x] -> show_wip x $ fromMaybe "" grip)-} |
@@ -859,7 +859,7 @@ kiki "show" args = do | |||
859 | let shspec = Map.fromList [("--working", const $ show_wk (rtSecring rt) grip) | 859 | let shspec = Map.fromList [("--working", const $ show_wk (rtSecring rt) grip) |
860 | ,("--all",const show_all) | 860 | ,("--all",const show_all) |
861 | ,("--whose-key", const $ show_whose_key input_key) | 861 | ,("--whose-key", const $ show_whose_key input_key) |
862 | ,("--key",\[x] -> show_key x $ fromMaybe "" grip) | 862 | ,("--key",\[x] -> show_id x $ fromMaybe "" grip) |
863 | ,("--pem",\[x] -> show_pem x $ fromMaybe "" grip) | 863 | ,("--pem",\[x] -> show_pem x $ fromMaybe "" grip) |
864 | ,("--ssh",\[x] -> show_ssh x $ fromMaybe "" grip) | 864 | ,("--ssh",\[x] -> show_ssh x $ fromMaybe "" grip) |
865 | ,("--wip",\[x] -> show_wip x $ fromMaybe "" grip) | 865 | ,("--wip",\[x] -> show_wip x $ fromMaybe "" grip) |