From bd054e70ef1c0f9709b5bc216ba148cf088d7edb Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Wed, 15 Aug 2018 23:31:37 +0200 Subject: [PATCH] trezor: show support in version string Show enable_trezor in the version string if we were compiled with `-tags enable_trezor`. And hide the `-trezor` flag from the help output if we were not. --- cli_args.go | 5 ++++- internal/readpassword/trezor.go | 2 ++ internal/readpassword/trezor_disabled.go | 4 +++- main.go | 13 ++++++++++--- 4 files changed, 19 insertions(+), 5 deletions(-) diff --git a/cli_args.go b/cli_args.go index 114a27e..dd00658 100644 --- a/cli_args.go +++ b/cli_args.go @@ -12,6 +12,7 @@ import ( "github.com/rfjakob/gocryptfs/internal/configfile" "github.com/rfjakob/gocryptfs/internal/exitcodes" "github.com/rfjakob/gocryptfs/internal/prefer_openssl" + "github.com/rfjakob/gocryptfs/internal/readpassword" "github.com/rfjakob/gocryptfs/internal/stupidgcm" "github.com/rfjakob/gocryptfs/internal/tlog" ) @@ -152,7 +153,9 @@ func parseCliOpts() (args argContainer) { flagSet.BoolVar(&args.sharedstorage, "sharedstorage", false, "Make concurrent access to a shared CIPHERDIR safer") flagSet.BoolVar(&args.devrandom, "devrandom", false, "Use /dev/random for generating master key") flagSet.BoolVar(&args.fsck, "fsck", false, "Run a filesystem check on CIPHERDIR") - flagSet.BoolVar(&args.trezor, "trezor", false, "Protect the masterkey using a SatoshiLabs Trezor instead of a password") + if readpassword.TrezorSupport { + flagSet.BoolVar(&args.trezor, "trezor", false, "Protect the masterkey using a SatoshiLabs Trezor instead of a password") + } // Mount options with opposites flagSet.BoolVar(&args.dev, "dev", false, "Allow device files") diff --git a/internal/readpassword/trezor.go b/internal/readpassword/trezor.go index 43e2805..a4d32cf 100644 --- a/internal/readpassword/trezor.go +++ b/internal/readpassword/trezor.go @@ -21,6 +21,8 @@ const ( trezorNonce = "" // the "nonce" is optional and has no use in here trezorKeyName = "gocryptfs" trezorKeyDerivationPath = `m/10019'/0'` + // TrezorSupport is true when gocryptfs has been compile with -tags enable_trezor + TrezorSupport = true ) func trezorGetPin(title, description, ok, cancel string) ([]byte, error) { diff --git a/internal/readpassword/trezor_disabled.go b/internal/readpassword/trezor_disabled.go index c512f1b..96a6082 100644 --- a/internal/readpassword/trezor_disabled.go +++ b/internal/readpassword/trezor_disabled.go @@ -12,12 +12,14 @@ const ( // TrezorPayloadLen is the length of the payload data passed to Trezor's // CipherKeyValue function. TrezorPayloadLen = 32 + // TrezorSupport is true when gocryptfs has been compile with -tags enable_trezor + TrezorSupport = false ) // Trezor determinitically derives 32 bytes from the payload and the connected // USB security module. func Trezor(payload []byte) []byte { - tlog.Fatal.Printf("\"-trezor\" is not implemented yet.") + tlog.Fatal.Printf("This binary has been compiled without Trezor support") os.Exit(1) return nil } diff --git a/main.go b/main.go index f423cd1..26d09f5 100644 --- a/main.go +++ b/main.go @@ -129,16 +129,23 @@ func changePassword(args *argContainer) { // printVersion prints a version string like this: // gocryptfs v0.12-36-ge021b9d-dirty; go-fuse a4c968c; 2016-07-03 go1.6.2 func printVersion() { - buildFlags := "" + var tagsSlice []string if stupidgcm.BuiltWithoutOpenssl { - buildFlags = " without_openssl" + tagsSlice = append(tagsSlice, "without_openssl") + } + if readpassword.TrezorSupport { + tagsSlice = append(tagsSlice, "enable_trezor") + } + tags := "" + if tagsSlice != nil { + tags = " " + strings.Join(tagsSlice, " ") } built := fmt.Sprintf("%s %s", BuildDate, runtime.Version()) if raceDetector { built += " -race" } fmt.Printf("%s %s%s; go-fuse %s; %s\n", - tlog.ProgramName, GitVersion, buildFlags, GitVersionFuse, built) + tlog.ProgramName, GitVersion, tags, GitVersionFuse, built) } func main() {