| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
Adding field accessors makes the json nicer.
|
| | |
|
| |
|
|
|
|
|
|
| |
offer to back them up.
Only ask once per key.
This commit was sponsored by Thomas Hochstein on Patreon.
|
| |
|
|
| |
Not documented at all as expecting html in --text. Such bad documentation..
|
| | |
|
| |
|
|
|
|
|
| |
This will prevent --autostart from prompting to get the newly restored key
backed up again.
This commit was sponsored by Remy van Elst on Patreon.
|
| | |
|
| |
|
|
|
|
|
|
| |
This will be used later when keysafe --autostart prompts if the user wants
to back up their gpg key. Making the change now before the backup log
format gets frozen.
This commit was sponsored by Josh Taylor on Patreon.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--autostart mode currently only uploads queued keys, but it will later
be expanded to do more. Including checking the BackupRecord for problems
when necessary.
The autostart file is installed by keysafe --backup, so that when keysafe
is installed with stack, and used, it will make sure it autostarts in the
future.
The autostart file is installed by the Makefile too. This will later
let --autostart check for keys that have not been backed up and prompt
about backing them up. This way, the user won't need to remember to run
keysafe to back things up.
Reused Utility.FreeDesktop from git-annex, and had to add some stuff it
depends on.
This commit was sponsored by Fernando Jimenez on Patreon.
|
| |
|
|
|
| |
This is worth doing to support falling back to HOME on systems using LDAP
or NIS where getpwent fails.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This allows the server list to contain 3 servers although only 1 is running
so far; uploads to the others will be queued.
It also allows a server to be spread amoung multiple addresses, which may
be useful later for scaling.
This changes BackupRecord serialization, but it's not been in a keysafe
release yet, so that's not a problem.
This commit was sponsored by Boyd Stephen Smith Jr. on Patreon.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
To aid in backing up keysafe servers with minimal information leakage.
This commit was sponsored by Andrea Rota.
|
| |
|
|
|
|
|
| |
Allow deserializing SecretKeySource so we can later know what gpg keys are
backed up.
Converted KeyId to Text as JSON can't handle ByteString.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
instead of every 60.
|
| |
|
|
|
|
|
|
| |
of work.
This got out of whack when sections were converted to rationals; there were
buckets that needed trivial proofs of work, and having these extra buckets
increased the total possible throughput.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This reverts commit 0f0aa21ea11f6eae368326b178d4c3eaf5cc5186.
Dunno why, but this prevents it printing anything. Needs investigation.
|
| |
|
|
|
|
| |
Socks can throw exceptions at connection time, and these are not caught
by the ExceptT, so catch at a higher level, and catch all exceptions to
prevent the client crashing.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This can be deleted by the user at any time, but it's useful in case a
server is known to be compromised, or a problem is found with keysafe's
implementation that makes a backup insecure.
This commit was sponsored by Nick Daly on Patreon.
|
| | |
|
| |
|
|
|
|
|
|
| |
This is useful both to test the server throttling of uploads, and to make
it harder for servers to know if an object actually contains secret key
information.
This commit was sponsored by Brock Spratlen on Patreon.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
gpg2 2.1.15 seems to have added some new fields to the --with-colons
--list-secret-keys output. These include "fpr" and "grp", and come before
the "uid" line. So, the parser was giving up before it saw the name. Fix by
continueing to look for the uid line until the next "sec" line.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The server has to run the hash once to verify a request, so a hash that
took 4 seconds could make the server do too much work if it's being flooded
with requests.
So, made the hash much less expensive.
This required keeping track of fractional seconds. Actually, I used
Rational for them, to avoid most rounding problems. That turned out nice.
I've only tuned the proofOfWorkHashTunable on my fanless overheating
laptop so far. It seems to be fairly reasonablly tuned though.
|
