diff options
| author | Robin Krahl <robin.krahl@ireas.org> | 2020-09-06 23:44:18 +0200 |
|---|---|---|
| committer | Daniel Mueller <deso@posteo.net> | 2021-01-10 17:37:55 -0800 |
| commit | 6f029e744abc0f6d4cfe756d7e6b771be1be3999 (patch) | |
| tree | a97e03f1708d5d28673ca4864ba78bc17ca76929 | |
| parent | 0f163477f63d533f90b61c1f39423712567bf7ea (diff) | |
| download | nitrocli-6f029e744abc0f6d4cfe756d7e6b771be1be3999.tar.gz nitrocli-6f029e744abc0f6d4cfe756d7e6b771be1be3999.tar.bz2 | |
Fail if multiple matching devices are attached
Previously, we just applied our filter (if any) to all attached Nitrokey
devices and selected the first match when connection to a Nitrokey
device. This may lead to unexpected behavior if multiple devices are
attached. This patch changes the find_device function to return an
error if multiple matching devices are found.
| -rw-r--r-- | CHANGELOG.md | 3 | ||||
| -rw-r--r-- | doc/nitrocli.1 | 13 | ||||
| -rw-r--r-- | doc/nitrocli.1.pdf | bin | 40791 -> 40972 bytes | |||
| -rw-r--r-- | src/commands.rs | 7 |
4 files changed, 19 insertions, 4 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index a73f3d0..3b96ecf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,9 @@ Unreleased - Added `envy` dependency in version `0.4.2` - Added `merge` dependency in version `0.1.0` - Added `directories` dependency in version `3.0.1` +- Reworked connection handling for multiple attached Nitrokey devices: + - Fail if multiple attached devices match the filter options (or no filter + options are set) 0.3.4 diff --git a/doc/nitrocli.1 b/doc/nitrocli.1 index 74cc2d9..680af3b 100644 --- a/doc/nitrocli.1 +++ b/doc/nitrocli.1 @@ -1,4 +1,4 @@ -.TH NITROCLI 1 2020-09-01 +.TH NITROCLI 1 2020-09-07 .SH NAME nitrocli \- access Nitrokey devices .SH SYNOPSIS @@ -10,12 +10,17 @@ nitrocli \- access Nitrokey devices It supports the Nitrokey Pro and the Nitrokey Storage. It can be used to access the encrypted volume, the one-time password generator, and the password safe. +.SS Device selection +Per default, \fBnitrocli\fR connects to any attached Nitrokey device. +You can use the \fB\-\-model\fR option to select the device to connect to. +\fBnitrocli\fR fails if more than one attached Nitrokey device matches +this filter or if multiple Nitrokey devices are attached and this option +is not set. .SH OPTIONS .TP \fB\-m\fR, \fB\-\-model pro\fR|\fBstorage\fR -Restrict connections to the given device model. -If this option is not set, nitrocli will connect to any connected Nitrokey Pro -or Nitrokey Storage device. +Restrict connections to the given device model, see the Device selection +section. .TP \fB\-\-no\-cache\fR If this option is set, nitrocli will not cache any inquired secrets using diff --git a/doc/nitrocli.1.pdf b/doc/nitrocli.1.pdf Binary files differindex 0646c84..015f379 100644 --- a/doc/nitrocli.1.pdf +++ b/doc/nitrocli.1.pdf diff --git a/src/commands.rs b/src/commands.rs index ac3d020..883110a 100644 --- a/src/commands.rs +++ b/src/commands.rs @@ -61,6 +61,13 @@ fn find_device(config: &config::Config) -> anyhow::Result<nitrokey::DeviceInfo> let device = iter .next() .with_context(|| format!("Nitrokey device not found{}", format_filter(config)))?; + + anyhow::ensure!( + iter.next().is_none(), + "Multiple Nitrokey devices found{}. Use the --model and --serial-number options to \ + select one", + format_filter(config) + ); Ok(device) } |