gitea-mirror/git-crypt
1
0
Fork 0
mirror of https://github.com/AGWA/git-crypt.git synced 2025-12-26 12:50:39 -08:00
Code Issues Packages Projects Releases Wiki Activity

Force Git to check out files by touching their mtimes

Browse Source 
Starting with Git 2.2.2, `git checkout -f HEAD` no longer checks out
files if their mtimes haven't changed.  This causes files to remain
encrypted in the work tree after running `git-crypt unlock`, and to
remain decrypted after running `git-crypt lock`'.

To fix this, git-crypt now figures out what files are encrypted (by
checking `git check-attr` on every file output by `git ls-files`),
touches those files, and then runs `git checkout` on them.
This commit is contained in:
Andrew Ayer
2015-01-27 21:15:07 -08:00
parent 2d2053296f
commit d5670c9552
1 changed files with 65 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
commands.cpp
View File

@@ -114,20 +114,16 @@ static void unconfigure_git_filters (const char* key_name)
git_unconfig("diff." + attribute_name(key_name));
}
static bool git_checkout_head (const std::string& top_dir)
static bool git_checkout (const std::vector<std::string>& paths)
{
std::vector<std::string> command;
command.push_back("git");
command.push_back("checkout");
command.push_back("-f");
command.push_back("HEAD");
command.push_back("--");
if (top_dir.empty()) {
command.push_back(".");
} else {
command.push_back(top_dir);
for (std::vector<std::string>::const_iterator path(paths.begin()); path != paths.end(); ++path) {
command.push_back(*path);
}
if (!successful_exit(exec_command(command))) {
@@ -260,18 +256,6 @@ static void get_git_status (std::ostream& output)
}
}
static bool check_if_head_exists ()
{
// git rev-parse HEAD
std::vector<std::string> command;
command.push_back("git");
command.push_back("rev-parse");
command.push_back("HEAD");
std::stringstream output;
return successful_exit(exec_command(command, output));
}
// returns filter and diff attributes as a pair
static std::pair<std::string, std::string> get_file_attributes (const std::string& filename)
{
@@ -372,6 +356,35 @@ static bool check_if_file_is_encrypted (const std::string& filename)
return check_if_blob_is_encrypted(object_id);
}
static void get_encrypted_files (std::vector<std::string>& files, const char* key_name)
{
// git ls-files -cz -- path_to_top
std::vector<std::string> command;
command.push_back("git");
command.push_back("ls-files");
command.push_back("-cz");
command.push_back("--");
const std::string path_to_top(get_path_to_top());
if (!path_to_top.empty()) {
command.push_back(path_to_top);
}
std::stringstream output;
if (!successful_exit(exec_command(command, output))) {
throw Error("'git ls-files' failed - is this a Git repository?");
}
while (output.peek() != -1) {
std::string filename;
std::getline(output, filename, '\0');
// TODO: get file attributes en masse for efficiency... unfortunately this requires machine-parseable output from git check-attr to be workable, and this is only supported in Git 1.8.5 and above (released 27 Nov 2013)
if (get_file_attributes(filename).first == attribute_name(key_name)) {
files.push_back(filename);
}
}
}
static void load_key (Key_file& key_file, const char* key_name, const char* key_path =0, const char* legacy_path =0)
{
if (legacy_path) {
@@ -785,23 +798,16 @@ void help_unlock (std::ostream& out)
}
int unlock (int argc, const char** argv)
{
// 0. Make sure working directory is clean (ignoring untracked files)
// We do this because we run 'git checkout -f HEAD' later and we don't
// want the user to lose any changes. 'git checkout -f HEAD' doesn't touch
// untracked files so it's safe to ignore those.
// 1. Make sure working directory is clean (ignoring untracked files)
// We do this because we check out files later, and we don't want the
// user to lose any changes. (TODO: only care if encrypted files are
// modified, since we only check out encrypted files)
// Running 'git status' also serves as a check that the Git repo is accessible.
std::stringstream status_output;
get_git_status(status_output);
// 1. Check to see if HEAD exists. See below why we do this.
bool head_exists = check_if_head_exists();
if (status_output.peek() != -1 && head_exists) {
// We only care that the working directory is dirty if HEAD exists.
// If HEAD doesn't exist, we won't be resetting to it (see below) so
// it doesn't matter that the working directory is dirty.
if (status_output.peek() != -1) {
std::clog << "Error: Working directory not clean." << std::endl;
std::clog << "Please commit your changes or 'git stash' them before running 'git-crypt unlock'." << std::endl;
return 1;
@@ -861,6 +867,7 @@ int unlock (int argc, const char** argv)
// 4. Install the key(s) and configure the git filters
std::vector<std::string> encrypted_files;
for (std::vector<Key_file>::iterator key_file(key_files.begin()); key_file != key_files.end(); ++key_file) {
std::string internal_key_path(get_internal_key_path(key_file->get_key_name()));
// TODO: croak if internal_key_path already exists???
@@ -871,18 +878,18 @@ int unlock (int argc, const char** argv)
}
configure_git_filters(key_file->get_key_name());
get_encrypted_files(encrypted_files, key_file->get_key_name());
}
// 5. Do a force checkout so any files that were previously checked out encrypted
// will now be checked out decrypted.
// If HEAD doesn't exist (perhaps because this repo doesn't have any files yet)
// just skip the checkout.
if (head_exists) {
if (!git_checkout_head(path_to_top)) {
std::clog << "Error: 'git checkout' failed" << std::endl;
std::clog << "git-crypt has been set up but existing encrypted files have not been decrypted" << std::endl;
return 1;
}
// 5. Check out the files that are currently encrypted.
// Git won't check out a file if its mtime hasn't changed, so touch every file first.
for (std::vector<std::string>::const_iterator file(encrypted_files.begin()); file != encrypted_files.end(); ++file) {
touch_file(*file);
}
if (!git_checkout(encrypted_files)) {
std::clog << "Error: 'git checkout' failed" << std::endl;
std::clog << "git-crypt has been set up but existing encrypted files have not been decrypted" << std::endl;
return 1;
}
return 0;
@@ -920,23 +927,16 @@ int lock (int argc, const char** argv)
return 2;
}
// 0. Make sure working directory is clean (ignoring untracked files)
// We do this because we run 'git checkout -f HEAD' later and we don't
// want the user to lose any changes. 'git checkout -f HEAD' doesn't touch
// untracked files so it's safe to ignore those.
// 1. Make sure working directory is clean (ignoring untracked files)
// We do this because we check out files later, and we don't want the
// user to lose any changes. (TODO: only care if encrypted files are
// modified, since we only check out encrypted files)
// Running 'git status' also serves as a check that the Git repo is accessible.
std::stringstream status_output;
get_git_status(status_output);
// 1. Check to see if HEAD exists. See below why we do this.
bool head_exists = check_if_head_exists();
if (status_output.peek() != -1 && head_exists) {
// We only care that the working directory is dirty if HEAD exists.
// If HEAD doesn't exist, we won't be resetting to it (see below) so
// it doesn't matter that the working directory is dirty.
if (status_output.peek() != -1) {
std::clog << "Error: Working directory not clean." << std::endl;
std::clog << "Please commit your changes or 'git stash' them before running 'git-crypt lock'." << std::endl;
return 1;
@@ -948,6 +948,7 @@ int lock (int argc, const char** argv)
std::string path_to_top(get_path_to_top());
// 3. unconfigure the git filters and remove decrypted keys
std::vector<std::string> encrypted_files;
if (all_keys) {
// unconfigure for all keys
std::vector<std::string> dirents = get_directory_contents(get_internal_keys_path().c_str());
@@ -956,6 +957,7 @@ int lock (int argc, const char** argv)
const char* this_key_name = (*dirent == "default" ? 0 : dirent->c_str());
remove_file(get_internal_key_path(this_key_name));
unconfigure_git_filters(this_key_name);
get_encrypted_files(encrypted_files, this_key_name);
}
} else {
// just handle the given key
@@ -971,18 +973,18 @@ int lock (int argc, const char** argv)
remove_file(internal_key_path);
unconfigure_git_filters(key_name);
get_encrypted_files(encrypted_files, key_name);
}
// 4. Do a force checkout so any files that were previously checked out decrypted
// will now be checked out encrypted.
// If HEAD doesn't exist (perhaps because this repo doesn't have any files yet)
// just skip the checkout.
if (head_exists) {
if (!git_checkout_head(path_to_top)) {
std::clog << "Error: 'git checkout' failed" << std::endl;
std::clog << "git-crypt has been locked but up but existing decrypted files have not been encrypted" << std::endl;
return 1;
}
// 4. Check out the files that are currently decrypted but should be encrypted.
// Git won't check out a file if its mtime hasn't changed, so touch every file first.
for (std::vector<std::string>::const_iterator file(encrypted_files.begin()); file != encrypted_files.end(); ++file) {
touch_file(*file);
}
if (!git_checkout(encrypted_files)) {
std::clog << "Error: 'git checkout' failed" << std::endl;
std::clog << "git-crypt has been locked but up but existing decrypted files have not been encrypted" << std::endl;
return 1;
}
return 0;