The GIO-based module will no longer attempt to create parent
directories when writing a share. Parent directories are assumed
to exist, and the module will throw an error if they do not.
It is simpler and more consistent with the behavior of the other
modules.
The put_file of the libmtp-based scheme module now supports
sending a file to any (pre-existing) directory on the device,
instead of only the root directory.
Add the gfsec-split program to split a secret into shares,
dispatch the shares to specific locations, and write a
configuration file allowing to reconstitute the secret using
the gfsec-use program.
Add a new function to the scheme module interface, to write a
file's contents at a specified location.
Only the file module implemements this function for now.
Do not have the module represent themselves with the
gfsec_scheme_module_t structure. Now a module must just take care
of providing the appropriate functions (currently only "get_file")
to perform the task.
The initialization function in scheme-module will assemble the
structures and call any initialization function required.
This patch introduces the notion of a "scheme module". Such a
module provides a "get_file" function to retrieve the contents of
a file located at a specified URI.
Currently available modules:
- the "file" module, supporting the "file://" URI scheme;
- the "libmtp" module, using the LibMTP library to support the
"mtp://' scheme;
- the "gio" module, using the GLib-GIO library to support the
"uuid://" and "label://" schemes.
The gfshare_ctx_free function of Libgfshare takes care of
randomizing the memory contents of its context before freeing it.
In order to do that, the gfshare_fill_rand global variable must
be initialized with a randomizing function.
In the static functions of the secretcfg module, do not check
the pointers passed as arguments. These functions are only called
from within that module, so we can be sure they are never called
with an invalid pointer.
Avoid cluttering of main by moving the hash value computation and
comparison into the get_share_data function. If the comparison is
invalid, return as if we did not find any data.
Before attempting to mount a GIO-backed volume, check if it is not
already mounted. Once the file has been retrieved, unmount the
volume only if we mounted it, but leave it mounted if it already was.
Allow to override the OUTFILE parameter in the configuration file
with a -o, --output option on the command line. Also detect if no
output file has been specified, either in the configuration file
or on the command line.
Allow to specify a base filename (without extension) to the -c
option. A .conf extension will automatically be added when looking
for a configuration file in the XDG directory.
Spawn a shell (or any command specified on the command line) once
the secret has been reconstituted and wait for the child process
to terminate, then delete the secret.
