diff options
author | Jakob Unterwurzacher | 2017-05-30 19:01:32 +0200 |
---|---|---|
committer | Jakob Unterwurzacher | 2017-05-30 19:01:32 +0200 |
commit | 1e598e96fcd2ef53ab2ee1e2b408e4ebe920e59b (patch) | |
tree | 6dd5bcae81e54b4935ecda0817518eca0ee45ebc | |
parent | ca5f469ea334bc5e93e25dae11140887d77b9673 (diff) |
main: add "-info" option
Pretty-prints the config while stripping out sensitive
(and uninteresting) data
https://github.com/rfjakob/gocryptfs/issues/111
-rw-r--r-- | Documentation/MANPAGE.md | 10 | ||||
-rw-r--r-- | cli_args.go | 3 | ||||
-rw-r--r-- | help.go | 3 | ||||
-rw-r--r-- | info.go | 45 | ||||
-rw-r--r-- | main.go | 14 |
5 files changed, 72 insertions, 3 deletions
diff --git a/Documentation/MANPAGE.md b/Documentation/MANPAGE.md index c559bf1..054fc66 100644 --- a/Documentation/MANPAGE.md +++ b/Documentation/MANPAGE.md @@ -86,6 +86,16 @@ same name. By default, CIPHERDIR is used. #### -fusedebug Enable fuse library debug output +#### -h, -help +Print a short help text that shows the more-often used options. + +#### -hh +Long help text, shows all available options. + +#### -info +Pretty-print the contents of the config file for human consumption, +stripping out sensitive data. + #### -init Initialize encrypted directory diff --git a/cli_args.go b/cli_args.go index eb844e1..5f4b328 100644 --- a/cli_args.go +++ b/cli_args.go @@ -20,7 +20,7 @@ type argContainer struct { debug, init, zerokey, fusedebug, openssl, passwd, fg, version, plaintextnames, quiet, nosyslog, wpanic, longnames, allow_other, ro, reverse, aessiv, nonempty, raw64, - noprealloc, speed, hkdf, serialize_reads, forcedecode, hh bool + noprealloc, speed, hkdf, serialize_reads, forcedecode, hh, info bool masterkey, mountpoint, cipherdir, cpuprofile, extpass, memprofile, ko, passfile, ctlsock, fsname string // Configuration file name override @@ -126,6 +126,7 @@ func parseCliOpts() (args argContainer) { flagSet.BoolVar(&args.forcedecode, "forcedecode", false, "Force decode of files even if integrity check fails."+ " Requires gocryptfs to be compiled with openssl support and implies -openssl true") flagSet.BoolVar(&args.hh, "hh", false, "Show this long help text") + flagSet.BoolVar(&args.info, "info", false, "Display information about CIPHERDIR") flagSet.StringVar(&args.masterkey, "masterkey", "", "Mount with explicit master key") flagSet.StringVar(&args.cpuprofile, "cpuprofile", "", "Write cpu profile to specified file") flagSet.StringVar(&args.memprofile, "memprofile", "", "Write memory profile to specified file") @@ -7,7 +7,7 @@ import ( ) const tUsage = "" + - "Usage: " + tlog.ProgramName + " -init|-passwd [OPTIONS] CIPHERDIR\n" + + "Usage: " + tlog.ProgramName + " -init|-passwd|-info [OPTIONS] CIPHERDIR\n" + " or " + tlog.ProgramName + " [OPTIONS] CIPHERDIR MOUNTPOINT\n" // helpShort is what gets displayed when passed "-h" or on syntax error. @@ -27,6 +27,7 @@ Common Options (use -hh to show all): -h, -help This short help text -hh Long help text with all options -init Initialize encrypted directory + -info Display information about encrypted directory -masterkey Mount with explicit master key instead of password -nonempty Allow mounting over non-empty directory -nosyslog Do not redirect log messages to syslog @@ -0,0 +1,45 @@ +package main + +import ( + "encoding/json" + "fmt" + "io/ioutil" + "os" + "strings" + + "github.com/rfjakob/gocryptfs/internal/configfile" + "github.com/rfjakob/gocryptfs/internal/contentenc" + "github.com/rfjakob/gocryptfs/internal/exitcodes" + "github.com/rfjakob/gocryptfs/internal/tlog" +) + +// info pretty-prints the contents of the config file at "filename" for human +// consumption, stripping out sensitive data. +// This is called when you pass the "-info" option. +func info(filename string) { + // Read from disk + js, err := ioutil.ReadFile(filename) + if err != nil { + tlog.Fatal.Printf("info: ReadFile: %#v\n", err) + os.Exit(exitcodes.LoadConf) + } + // Unmarshal + var cf configfile.ConfFile + err = json.Unmarshal(js, &cf) + if err != nil { + tlog.Fatal.Printf("Failed to unmarshal config file") + os.Exit(exitcodes.LoadConf) + } + if cf.Version != contentenc.CurrentVersion { + tlog.Fatal.Printf("Unsupported on-disk format %d", cf.Version) + os.Exit(exitcodes.LoadConf) + } + // Pretty-print + fmt.Printf("Creator: %s\n", cf.Creator) + fmt.Printf("FeatureFlags: %s\n", strings.Join(cf.FeatureFlags, " ")) + fmt.Printf("EncryptedKey: %dB\n", len(cf.EncryptedKey)) + s := cf.ScryptObject + fmt.Printf("ScryptObject: Salt=%dB N=%d R=%d P=%d KeyLen=%d\n", + len(s.Salt), s.N, s.R, s.P, s.KeyLen) + os.Exit(0) +} @@ -214,7 +214,19 @@ func main() { } else { tlog.Debug.Printf("OpenSSL enabled") } - // Operation flags: -init or -passwd; otherwise: mount + // Operation flags + if args.info && args.init || args.info && args.passwd || args.passwd && args.init { + tlog.Fatal.Printf("At most one of -info, -init, -passwd is allowed") + os.Exit(exitcodes.Usage) + } + // "-info" + if args.info { + if flagSet.NArg() > 1 { + tlog.Fatal.Printf("Usage: %s -info CIPHERDIR", tlog.ProgramName) + os.Exit(exitcodes.Usage) + } + info(args.config) // does not return + } // "-init" if args.init { if flagSet.NArg() > 1 { |