diff options
| author | Joey Hess <joeyh@joeyh.name> | 2016-09-26 14:11:32 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2016-09-26 14:15:52 -0400 |
| commit | a1d5de397cd1b12080e4652965591827e6d50c86 (patch) | |
| tree | b2385eb31dba6e130cd2af2bd6b298cb0bc7bc0f /keysafe.hs | |
| parent | 2c6a13f5db2671038efbfdcdb9c63f4758bd2e18 (diff) | |
| download | keysafe-a1d5de397cd1b12080e4652965591827e6d50c86.tar.gz | |
Randomize the server list.
May help avoid some correlations. Once there are many servers, will spread
the load out amoung them.
This commit was sponsored by Ethan Aubin.
Diffstat (limited to 'keysafe.hs')
| -rw-r--r-- | keysafe.hs | 19 |
1 files changed, 10 insertions, 9 deletions
@@ -114,7 +114,8 @@ backup cmdline ui tunables secretkeysource secretkey = do _ <- esk `deepseq` addpercent 25 _ <- sis `seq` addpercent 25 let step = 50 `div` sum (map S.size shares) - storeShares (cmdLineStorageLocations cmdline) sis shares (addpercent step) + locs <- cmdLineStorageLocations cmdline + storeShares locs sis shares (addpercent step) backuplog <- mkBackupLog $ backupMade (mapMaybe getServer locs) secretkeysource passwordentropy case r of StoreSuccess -> do @@ -224,7 +225,8 @@ restore cmdline ui possibletunables secretkeydest = do <$> promptPassword ui True "Enter password" passworddesc let mksis tunables = shareIdents tunables name secretkeydest - r <- downloadInitialShares storagelocations ui mksis possibletunables + locs <- cmdLineStorageLocations cmdline + r <- downloadInitialShares locs ui mksis possibletunables case r of Nothing -> showError ui "No shares could be downloaded. Perhaps you entered the wrong name?" Just (tunables, shares, sis, usedservers) -> do @@ -236,12 +238,11 @@ restore cmdline ui possibletunables secretkeydest = do Right esk -> do final <- withProgress ui "Decrypting" (decryptdesc cost cores) $ \setpercent -> - go tunables [shares] usedservers sis setpercent $ + go locs tunables [shares] usedservers sis setpercent $ tryDecrypt candidatekeys esk final =<< getPasswordEntropy password name where - storagelocations = cmdLineStorageLocations cmdline - go tunables firstshares firstusedservers sis setpercent r = case r of + go locs tunables firstshares firstusedservers sis setpercent r = case r of DecryptFailed -> return $ \_ -> showError ui "Decryption failed! Probably you entered the wrong password." DecryptSuccess secretkey -> do @@ -257,13 +258,13 @@ restore cmdline ui possibletunables secretkeydest = do DecryptIncomplete kek -> do -- Download shares for another chunk. (nextshares, sis', nextusedservers) - <- retrieveShares storagelocations sis (return ()) + <- retrieveShares locs sis (return ()) let shares = firstshares ++ [nextshares] let usedservers = nub (firstusedservers ++ nextusedservers) case combineShares tunables shares of Left e -> return $ \_ -> showError ui e Right esk -> - go tunables shares usedservers sis' setpercent $ + go locs tunables shares usedservers sis' setpercent $ decrypt kek esk namedesc = unlines [ "When you backed up your secret key, you entered some information." @@ -337,9 +338,9 @@ userName = do u <- getUserEntryForID =<< getEffectiveUserID return $ Name $ BU8.fromString $ takeWhile (/= ',') (userGecos u) -cmdLineStorageLocations :: CmdLine.CmdLine -> StorageLocations +cmdLineStorageLocations :: CmdLine.CmdLine -> IO StorageLocations cmdLineStorageLocations cmdline - | CmdLine.localstorage cmdline = localStorageLocations lsd + | CmdLine.localstorage cmdline = return (localStorageLocations lsd) | otherwise = networkStorageLocations lsd where lsd = CmdLine.localstoragedirectory cmdline |