[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Patch: make tarsnap-keymgmt generate all keys by default



Howdy,

After setting up tarsnap I decided that I preferred to have my keys encrypted with a passphrase. I initially tried to accomplish that with:

$ tarsnap-keymgmt --passphrased --outkeyfile tarsnap-encrypted.key tarsnap.key

That seems to produce only subset of the keys, since the following fails:

$ tarsnap --keyfile tarsnap-encrypted.key --list-archives
Please enter passphrase for keyfile ec2-a.tarsnap.key:
tarsnap: The read authorization key is required for --list-archives but is not available

Here's a trivial patch that makes tarsnap-keymgmt generate all keys (CRYPTO_KEYMASK_USER) by default. Probably the man page should be updated, but that's beyond my ambition at the moment.

Also, I think crypto_keys_export should fail when the keys argument is 0. It looks like that could result in calling malloc(0).

I suppose another way of handling this would be to require that some keys be specified (and perhaps offering an --all option?).

Thanks,
Daniel




Attachment: keymgmt-default-all-keys.patch
Description: Binary data