diff --git a/README.md b/README.md index 4ee4577ed1..1d54ce0c24 100644 --- a/README.md +++ b/README.md @@ -565,20 +565,12 @@ There are several configuration options available through the command line inter | **Option** | *Type* | Description | | ------------- | --------- | ----------- | -| `alwaystrust` | `bool` | Always trust public keys when encrypting. This trades some security against easier use. Use with caution. | | `askformore` | `bool` | If enabled - it will ask to add more data after use of `generate` command. | | `autoimport` | `bool` | Import missing keys stored in the pass repo (see `persistkeys`) without asking. | -| `autopull` | `bool` | Always do a `git pull` before a `git push`. Reduces the chance of git rejections. | -| `autopush` | `bool` | Always do a `git push` after a commit to the store. Makes sure your local changes are always available on your git remote. | +| `autosync` | `bool` | Always do a `git push` after a commit to the store. Makes sure your local changes are always available on your git remote. | | `cliptimeout` | `int` | How many seconds the secret is stored when using `-c`. | -| `gitrecurse` | `bool` | Automatically recurse any git operation to mounted sub-stores? | -| `loadkeys` | `bool` | Import missing keys store in the pass repo (see `persistkeys` and `autoimport`). | -| `debug` | `bool` | Enable debug output. | -| `nocolor` | `bool` | Disable colored output even on terminals. | | `noconfirm` | `bool` | Do not confirm recipient list when encrypting. | -| `nopager` | `bool` | Disable the pager feature when printing multi-page output. | | `path` | `string` | Path to the root store. | -| `persistkeys` | `bool` | Store every recipients public keys in the store. Makes it easier to set up an new machine or user. | | `safecontent` | `bool` | Only output _safe content_ (i.e. everything but the first line of a secret) to the terminal. Use _copy_ (`-c`) to retrieve the password in the clipboard. | ## API Stability diff --git a/action/action.go b/action/action.go index 56b4b38257..c4cb3591af 100644 --- a/action/action.go +++ b/action/action.go @@ -75,7 +75,7 @@ func New(v string) *Action { act.gpg = gpg.New(gpg.Config{ Debug: cfg.Debug, - AlwaysTrust: cfg.AlwaysTrust, + AlwaysTrust: true, }) return act diff --git a/action/git.go b/action/git.go index 5d6b3f83c0..788cee21d8 100644 --- a/action/git.go +++ b/action/git.go @@ -10,9 +10,9 @@ import ( // Git runs git commands inside the store or mounts func (s *Action) Git(c *cli.Context) error { store := c.String("store") - recurse := s.Store.GitRecurse() - if c.IsSet("recurse") { - recurse = c.Bool("recurse") + recurse := true + if c.IsSet("no-recurse") { + recurse = !c.Bool("no-recurse") } force := c.Bool("force") return s.Store.Git(store, recurse, force, c.Args()...) diff --git a/config/config.go b/config/config.go index 5efae6a1d0..a73ff8376b 100644 --- a/config/config.go +++ b/config/config.go @@ -16,48 +16,32 @@ import ( // Config is the gopass config structure type Config struct { - AlwaysTrust bool `json:"alwaystrust"` // always trust public keys when encrypting - AskForMore bool `json:"askformore"` // ask for more data on generate - AutoImport bool `json:"autoimport"` // import missing public keys w/o asking - AutoPull bool `json:"autopull"` // pull from git before push - AutoPush bool `json:"autopush"` // push to git remote after commit - CheckRecipients bool `json:"checkrecipients"` // only encrypt to valid recipients - ClipTimeout int `json:"cliptimeout"` // clear clipboard after seconds - Debug bool `json:"debug"` // enable debug output - FsckFunc store.FsckCallback `json:"-"` - GitRecurse bool `json:"gitrecurse"` - ImportFunc store.ImportCallback `json:"-"` - LoadKeys bool `json:"loadkeys"` // load missing keys from store - Mounts map[string]string `json:"mounts,omitempty"` - NoColor bool `json:"nocolor"` // disable colors in output - NoConfirm bool `json:"noconfirm"` // do not confirm recipients when encrypting - NoPager bool `json:"nopager"` // do not start a pager for longer output - Path string `json:"path"` // path to the root store - PersistKeys bool `json:"persistkeys"` // store recipient keys in store - SafeContent bool `json:"safecontent"` // avoid showing passwords in terminal - Version string `json:"version"` + AskForMore bool `json:"askformore"` // ask for more data on generate + AutoImport bool `json:"autoimport"` // import missing public keys w/o asking + AutoSync bool `json:"autosync"` // push to git remote after commit, pull before push if necessary + ClipTimeout int `json:"cliptimeout"` // clear clipboard after seconds + Debug bool `json:"-"` + FsckFunc store.FsckCallback `json:"-"` + ImportFunc store.ImportCallback `json:"-"` + Mounts map[string]string `json:"mounts,omitempty"` + NoColor bool `json:"-"` + NoPager bool `json:"-"` + NoConfirm bool `json:"noconfirm"` // do not confirm recipients when encrypting + Path string `json:"path"` // path to the root store + SafeContent bool `json:"safecontent"` // avoid showing passwords in terminal + Version string `json:"version"` } // New creates a new config with sane default values func New() *Config { return &Config{ - AlwaysTrust: true, - AskForMore: false, - AutoImport: true, - AutoPull: true, - AutoPush: true, - CheckRecipients: true, - ClipTimeout: 45, - Debug: false, - GitRecurse: true, - LoadKeys: true, - Mounts: make(map[string]string), - NoColor: false, - NoConfirm: false, - NoPager: false, - PersistKeys: true, - SafeContent: false, - Version: "", + AskForMore: false, + AutoImport: true, + ClipTimeout: 45, + Mounts: make(map[string]string), + NoConfirm: false, + SafeContent: false, + Version: "", } } diff --git a/main.go b/main.go index a079ee387d..9c3becd136 100644 --- a/main.go +++ b/main.go @@ -300,8 +300,8 @@ func main() { Usage: "Store to operate on", }, cli.BoolFlag{ - Name: "recurse, r", - Usage: "Recurse to mounted sub-stores", + Name: "no-recurse, n", + Usage: "Do not recurse to mounted sub-stores", }, cli.BoolFlag{ Name: "force, f", diff --git a/store/root/config.go b/store/root/config.go index 65e6f4821f..2b4a3d2d1d 100644 --- a/store/root/config.go +++ b/store/root/config.go @@ -9,24 +9,17 @@ import ( // Config returns this root stores config as a config struct func (s *Store) Config() *config.Config { c := &config.Config{ - AlwaysTrust: s.alwaysTrust, - AskForMore: s.askForMore, - AutoImport: s.autoImport, - AutoPull: s.autoPull, - AutoPush: s.autoPush, - CheckRecipients: s.checkRecipients, - ClipTimeout: s.clipTimeout, - Debug: s.debug, - GitRecurse: s.gitRecurse, - LoadKeys: s.loadKeys, - Mounts: make(map[string]string, len(s.mounts)), - NoColor: s.noColor, - NoConfirm: s.noConfirm, - NoPager: s.noPager, - Path: s.path, - PersistKeys: s.persistKeys, - SafeContent: s.safeContent, - Version: s.version, + AskForMore: s.askForMore, + AutoSync: s.autoSync, + ClipTimeout: s.clipTimeout, + Debug: s.debug, + Mounts: make(map[string]string, len(s.mounts)), + NoColor: s.noColor, + NoConfirm: s.noConfirm, + NoPager: s.noPager, + Path: s.path, + SafeContent: s.safeContent, + Version: s.version, } for alias, sub := range s.mounts { c.Mounts[alias] = sub.Path() @@ -40,21 +33,14 @@ func (s *Store) UpdateConfig(cfg *config.Config) error { if cfg == nil { return fmt.Errorf("invalid config") } - s.alwaysTrust = cfg.AlwaysTrust s.askForMore = cfg.AskForMore - s.autoImport = cfg.AutoImport - s.autoPull = cfg.AutoPull - s.autoPush = cfg.AutoPush - s.debug = cfg.Debug - s.checkRecipients = cfg.CheckRecipients + s.autoSync = cfg.AutoSync s.clipTimeout = cfg.ClipTimeout - s.gitRecurse = cfg.GitRecurse - s.loadKeys = cfg.LoadKeys + s.debug = cfg.Debug s.noColor = cfg.NoColor s.noConfirm = cfg.NoConfirm s.noPager = cfg.NoPager s.path = cfg.Path - s.persistKeys = cfg.PersistKeys s.safeContent = cfg.SafeContent // add any missing mounts @@ -89,24 +75,9 @@ func (s *Store) Alias() string { return "" } -// NoConfirm returns true if no recipients should be confirmed on encryption -func (s *Store) NoConfirm() bool { - return s.noConfirm -} - -// AutoPush returns the value of auto push -func (s *Store) AutoPush() bool { - return s.autoPush -} - -// AutoPull returns the value of auto pull +// AutoSync returns the value of auto sync func (s *Store) AutoPull() bool { - return s.autoPull -} - -// AutoImport returns the value of auto import -func (s *Store) AutoImport() bool { - return s.autoImport + return s.autoSync } // SafeContent returns the value of safe content @@ -129,7 +100,7 @@ func (s *Store) NoPager() bool { return s.noPager } -// GitRecurse returns true if we should recurse git operations to substores -func (s *Store) GitRecurse() bool { - return s.gitRecurse +// NoConfirm returns true if no recipients should be confirmed on encryption +func (s *Store) NoConfirm() bool { + return s.noConfirm } diff --git a/store/root/recipients.go b/store/root/recipients.go index 0526377699..19a104710a 100644 --- a/store/root/recipients.go +++ b/store/root/recipients.go @@ -42,10 +42,6 @@ func (r *Store) addRecipient(prefix string, root tree.Tree, recp string, pretty // ImportMissingPublicKeys import missing public keys in any substore func (r *Store) ImportMissingPublicKeys() error { - if !r.loadKeys { - return nil - } - for alias, sub := range r.mounts { if err := sub.ImportMissingPublicKeys(); err != nil { fmt.Println(color.RedString("[%s] Failed to import missing public keys: %s", alias, err)) @@ -58,10 +54,6 @@ func (r *Store) ImportMissingPublicKeys() error { // SaveRecipients persists the recipients to disk. Only useful if persist keys is // enabled func (r *Store) SaveRecipients() error { - if !r.persistKeys { - return nil - } - for alias, sub := range r.mounts { if err := sub.SaveRecipients(); err != nil { fmt.Println(color.RedString("[%s] Failed to save recipients: %s", alias, err)) diff --git a/store/root/store.go b/store/root/store.go index 296c532552..0b9f32c18c 100644 --- a/store/root/store.go +++ b/store/root/store.go @@ -16,28 +16,22 @@ import ( // Store is the public facing password store type Store struct { - alwaysTrust bool // always trust public keys when encrypting - askForMore bool - autoImport bool // import missing public keys w/o asking - autoPull bool // pull from git before push - autoPush bool // push to git remote after commit - checkRecipients bool - clipTimeout int // clear clipboard after seconds - debug bool - fsckFunc store.FsckCallback - gpg *gpg.GPG - gitRecurse bool - importFunc store.ImportCallback - loadKeys bool // load missing keys from store - mounts map[string]*sub.Store - noColor bool // disable colors in output - noConfirm bool // do not confirm recipients when encrypting - noPager bool - path string // path to the root store - persistKeys bool // store recipient keys in store - safeContent bool // avoid showing passwords in terminal - store *sub.Store - version string + askForMore bool + autoImport bool + autoSync bool // push to git remote after commit + clipTimeout int // clear clipboard after seconds + debug bool + fsckFunc store.FsckCallback + gpg *gpg.GPG // TODO use gpger interface + importFunc store.ImportCallback + mounts map[string]*sub.Store + noColor bool // disable colors in output + noConfirm bool + noPager bool + path string // path to the root store + safeContent bool // avoid showing passwords in terminal + store *sub.Store + version string } // New creates a new store @@ -49,28 +43,22 @@ func New(cfg *config.Config) (*Store, error) { return nil, fmt.Errorf("need path") } r := &Store{ - alwaysTrust: cfg.AlwaysTrust, - askForMore: cfg.AskForMore, - autoImport: cfg.AutoImport, - autoPull: cfg.AutoPull, - autoPush: cfg.AutoPush, - checkRecipients: cfg.CheckRecipients, - clipTimeout: cfg.ClipTimeout, - debug: cfg.Debug, - fsckFunc: cfg.FsckFunc, - gitRecurse: cfg.GitRecurse, + askForMore: cfg.AskForMore, + autoImport: cfg.AutoImport, + autoSync: cfg.AutoSync, + clipTimeout: cfg.ClipTimeout, + debug: cfg.Debug, + fsckFunc: cfg.FsckFunc, gpg: gpg.New(gpg.Config{ Debug: cfg.Debug, - AlwaysTrust: cfg.AlwaysTrust, + AlwaysTrust: true, }), importFunc: cfg.ImportFunc, - loadKeys: cfg.LoadKeys, mounts: make(map[string]*sub.Store, len(cfg.Mounts)), noColor: cfg.NoColor, noConfirm: cfg.NoConfirm, noPager: cfg.NoPager, path: cfg.Path, - persistKeys: cfg.PersistKeys, safeContent: cfg.SafeContent, } diff --git a/store/sub/config.go b/store/sub/config.go index f4629c507d..e600695d91 100644 --- a/store/sub/config.go +++ b/store/sub/config.go @@ -9,18 +9,12 @@ import ( // Config returns this sub stores config as a config struct func (s *Store) Config() *config.Config { c := &config.Config{ - AlwaysTrust: s.alwaysTrust, - AutoImport: s.autoImport, - AutoPull: s.autoPull, - AutoPush: s.autoPush, - CheckRecipients: s.checkRecipients, - Debug: s.debug, - FsckFunc: s.fsckFunc, - ImportFunc: s.importFunc, - LoadKeys: s.loadKeys, - Mounts: make(map[string]string), - Path: s.path, - PersistKeys: s.persistKeys, + AutoSync: s.autoSync, + AutoImport: s.autoImport, + FsckFunc: s.fsckFunc, + ImportFunc: s.importFunc, + Mounts: make(map[string]string), + Path: s.path, } return c } @@ -30,17 +24,11 @@ func (s *Store) UpdateConfig(cfg *config.Config) error { if cfg == nil { return fmt.Errorf("invalid config") } - s.alwaysTrust = cfg.AlwaysTrust s.autoImport = cfg.AutoImport - s.autoPull = cfg.AutoPull - s.autoPush = cfg.AutoPush - s.checkRecipients = cfg.CheckRecipients - s.debug = cfg.Debug + s.autoSync = cfg.AutoSync s.fsckFunc = cfg.FsckFunc s.importFunc = cfg.ImportFunc - s.loadKeys = cfg.LoadKeys s.path = cfg.Path - s.persistKeys = cfg.PersistKeys // substores have no mounts diff --git a/store/sub/git.go b/store/sub/git.go index 6336a0a66d..dbeaf32208 100644 --- a/store/sub/git.go +++ b/store/sub/git.go @@ -28,10 +28,7 @@ func (s *Store) gitCmd(name string, args ...string) error { return err } // load keys only after git pull - if s.debug { - fmt.Printf("[DEBUG] loadKeys: %t - cmd.Args: %+v\n", s.loadKeys, cmd.Args) - } - if s.loadKeys && len(cmd.Args) > 1 && cmd.Args[1] == "pull" { + if len(cmd.Args) > 1 && cmd.Args[1] == "pull" { if s.debug { fmt.Printf("[DEBUG] importing possilby missing keys ...\n") } @@ -221,10 +218,8 @@ func (s *Store) gitPush(remote, branch string) error { return store.ErrGitNoRemote } - if s.autoPull { - if err := s.Git("pull", remote, branch); err != nil { - fmt.Println(color.YellowString("Failed to pull before git push: %s", err)) - } + if err := s.Git("pull", remote, branch); err != nil { + fmt.Println(color.YellowString("Failed to pull before git push: %s", err)) } return s.Git("push", remote, branch) diff --git a/store/sub/recipients.go b/store/sub/recipients.go index 6cbbe4666b..a26758a2c0 100644 --- a/store/sub/recipients.go +++ b/store/sub/recipients.go @@ -160,25 +160,6 @@ func (s *Store) saveRecipients(msg string) error { } } - if !s.persistKeys { - // push to remote repo - if s.autoPush { - if err := s.gitPush("", ""); err != nil { - if err == store.ErrGitNotInit { - return nil - } - if err == store.ErrGitNoRemote { - msg := "Warning: git has no remote. Ignoring auto-push option\n" + - "Run: gopass git remote add origin ..." - fmt.Println(color.YellowString(msg)) - return nil - } - return err - } - } - return nil - } - // save recipients' public keys if err := os.MkdirAll(filepath.Join(s.path, keyDir), dirMode); err != nil { return err @@ -203,19 +184,17 @@ func (s *Store) saveRecipients(msg string) error { } // push to remote repo - if s.autoPush { - if err := s.gitPush("", ""); err != nil { - if err == store.ErrGitNotInit { - return nil - } - if err == store.ErrGitNoRemote { - msg := "Warning: git has not remote. Ignoring auto-push option\n" + - "Run: gopass git remote add origin ..." - fmt.Println(color.YellowString(msg)) - return nil - } - return err + if err := s.gitPush("", ""); err != nil { + if err == store.ErrGitNotInit { + return nil } + if err == store.ErrGitNoRemote { + msg := "Warning: git has not remote. Ignoring auto-push option\n" + + "Run: gopass git remote add origin ..." + fmt.Println(color.YellowString(msg)) + return nil + } + return err } return nil diff --git a/store/sub/store.go b/store/sub/store.go index 6c6183ec50..e443eebf64 100644 --- a/store/sub/store.go +++ b/store/sub/store.go @@ -34,20 +34,16 @@ type gpger interface { // Store is password store type Store struct { - alias string - alwaysTrust bool - autoImport bool - autoPull bool - autoPush bool - checkRecipients bool - debug bool - fsckFunc store.FsckCallback - importFunc store.ImportCallback - loadKeys bool - path string - persistKeys bool - recipients []string - gpg gpger + alias string + alwaysTrust bool + autoImport bool + autoSync bool + debug bool + fsckFunc store.FsckCallback + importFunc store.ImportCallback + path string + recipients []string + gpg gpger } // New creates a new store, copying settings from the given root store @@ -59,22 +55,17 @@ func New(alias string, cfg *config.Config) (*Store, error) { return nil, fmt.Errorf("Need path") } s := &Store{ - alias: alias, - alwaysTrust: cfg.AlwaysTrust, - autoImport: cfg.AutoImport, - autoPull: cfg.AutoPull, - autoPush: cfg.AutoPush, - checkRecipients: cfg.CheckRecipients, - debug: cfg.Debug, - fsckFunc: cfg.FsckFunc, - importFunc: cfg.ImportFunc, - loadKeys: cfg.LoadKeys, - path: cfg.Path, - persistKeys: cfg.PersistKeys, - recipients: make([]string, 0, 1), + alias: alias, + autoImport: cfg.AutoImport, + autoSync: cfg.AutoSync, + debug: cfg.Debug, + fsckFunc: cfg.FsckFunc, + importFunc: cfg.ImportFunc, + path: cfg.Path, + recipients: make([]string, 0, 1), gpg: gpg.New(gpg.Config{ Debug: cfg.Debug, - AlwaysTrust: cfg.AlwaysTrust, + AlwaysTrust: true, }), } @@ -282,10 +273,6 @@ func (s *Store) useableKeys() ([]string, error) { recipients := make([]string, len(s.recipients)) copy(recipients, s.recipients) - if !s.checkRecipients { - return recipients, nil - } - kl, err := s.gpg.FindPublicKeys(recipients...) if err != nil { return recipients, err @@ -346,7 +333,7 @@ func (s *Store) SetConfirm(name string, content []byte, reason string, cb store. return err } - if !s.autoPush { + if !s.autoSync { return nil } @@ -495,7 +482,7 @@ func (s *Store) delete(name string, recurse bool) error { return err } - if s.autoPush { + if s.autoSync { if err := s.gitPush("", ""); err != nil { if err == store.ErrGitNotInit || err == store.ErrGitNoRemote { return nil @@ -528,8 +515,8 @@ func (s *Store) reencrypt(reason string) error { return err } // save original value of auto push - gitAutoPush := s.autoPush - s.autoPush = false + gitAutoSync := s.autoSync + s.autoSync = false for _, e := range entries { content, err := s.Get(e) if err != nil { @@ -541,9 +528,9 @@ func (s *Store) reencrypt(reason string) error { } } // restore value of auto push - s.autoPush = gitAutoPush + s.autoSync = gitAutoSync - if s.autoPush { + if s.autoSync { if err := s.gitPush("", ""); err != nil { if err == store.ErrGitNotInit { msg := "Warning: git is not initialized for this store. Ignoring auto-push option\n" +