trezor: show support in version string

Show enable_trezor in the version string if we were compiled
with `-tags enable_trezor`. And hide the `-trezor` flag from
the help output if we were not.

4 files changed, 19 insertions, 5 deletions

diff --git a/cli_args.go b/cli_args.go
index 114a27e..dd00658 100644
--- a/cli_args.go
+++ b/cli_args.go
@@ -12,6 +12,7 @@ import (
 	"github.com/rfjakob/gocryptfs/internal/configfile"
 	"github.com/rfjakob/gocryptfs/internal/exitcodes"
 	"github.com/rfjakob/gocryptfs/internal/prefer_openssl"
+	"github.com/rfjakob/gocryptfs/internal/readpassword"
 	"github.com/rfjakob/gocryptfs/internal/stupidgcm"
 	"github.com/rfjakob/gocryptfs/internal/tlog"
 )
@@ -152,7 +153,9 @@ func parseCliOpts() (args argContainer) {
 	flagSet.BoolVar(&args.sharedstorage, "sharedstorage", false, "Make concurrent access to a shared CIPHERDIR safer")
 	flagSet.BoolVar(&args.devrandom, "devrandom", false, "Use /dev/random for generating master key")
 	flagSet.BoolVar(&args.fsck, "fsck", false, "Run a filesystem check on CIPHERDIR")
-	flagSet.BoolVar(&args.trezor, "trezor", false, "Protect the masterkey using a SatoshiLabs Trezor instead of a password")
+	if readpassword.TrezorSupport {
+		flagSet.BoolVar(&args.trezor, "trezor", false, "Protect the masterkey using a SatoshiLabs Trezor instead of a password")
+	}
 
 	// Mount options with opposites
 	flagSet.BoolVar(&args.dev, "dev", false, "Allow device files")
diff --git a/internal/readpassword/trezor.go b/internal/readpassword/trezor.go
index 43e2805..a4d32cf 100644
--- a/internal/readpassword/trezor.go
+++ b/internal/readpassword/trezor.go
@@ -21,6 +21,8 @@ const (
 	trezorNonce             = "" // the "nonce" is optional and has no use in here
 	trezorKeyName           = "gocryptfs"
 	trezorKeyDerivationPath = `m/10019'/0'`
+	// TrezorSupport is true when gocryptfs has been compile with -tags enable_trezor
+	TrezorSupport = true
 )
 
 func trezorGetPin(title, description, ok, cancel string) ([]byte, error) {
diff --git a/internal/readpassword/trezor_disabled.go b/internal/readpassword/trezor_disabled.go
index c512f1b..96a6082 100644
--- a/internal/readpassword/trezor_disabled.go
+++ b/internal/readpassword/trezor_disabled.go
@@ -12,12 +12,14 @@ const (
 	// TrezorPayloadLen is the length of the payload data passed to Trezor's
 	// CipherKeyValue function.
 	TrezorPayloadLen = 32
+	// TrezorSupport is true when gocryptfs has been compile with -tags enable_trezor
+	TrezorSupport = false
 )
 
 // Trezor determinitically derives 32 bytes from the payload and the connected
 // USB security module.
 func Trezor(payload []byte) []byte {
-	tlog.Fatal.Printf("\"-trezor\" is not implemented yet.")
+	tlog.Fatal.Printf("This binary has been compiled without Trezor support")
 	os.Exit(1)
 	return nil
 }
diff --git a/main.go b/main.go
index f423cd1..26d09f5 100644
--- a/main.go
+++ b/main.go
@@ -129,16 +129,23 @@ func changePassword(args *argContainer) {
 // printVersion prints a version string like this:
 // gocryptfs v0.12-36-ge021b9d-dirty; go-fuse a4c968c; 2016-07-03 go1.6.2
 func printVersion() {
-	buildFlags := ""
+	var tagsSlice []string
 	if stupidgcm.BuiltWithoutOpenssl {
-		buildFlags = " without_openssl"
+		tagsSlice = append(tagsSlice, "without_openssl")
+	}
+	if readpassword.TrezorSupport {
+		tagsSlice = append(tagsSlice, "enable_trezor")
+	}
+	tags := ""
+	if tagsSlice != nil {
+		tags = " " + strings.Join(tagsSlice, " ")
 	}
 	built := fmt.Sprintf("%s %s", BuildDate, runtime.Version())
 	if raceDetector {
 		built += " -race"
 	}
 	fmt.Printf("%s %s%s; go-fuse %s; %s\n",
-		tlog.ProgramName, GitVersion, buildFlags, GitVersionFuse, built)
+		tlog.ProgramName, GitVersion, tags, GitVersionFuse, built)
 }
 
 func main() {