diff options
author | Robin Krahl <robin.krahl@ireas.org> | 2020-09-06 23:44:18 +0200 |
---|---|---|
committer | Daniel Mueller <deso@posteo.net> | 2020-09-07 10:05:15 -0700 |
commit | 4d25d79f18cd2c5627c46727b425c745c78cf942 (patch) | |
tree | dda037f0b979415c6307d3b91ce9e81bf5636939 | |
parent | 1f8e482cfebb13b64002d65e61e29932770388be (diff) | |
download | nitrocli-4d25d79f18cd2c5627c46727b425c745c78cf942.tar.gz nitrocli-4d25d79f18cd2c5627c46727b425c745c78cf942.tar.bz2 |
Fail if multiple matching devices are attached
Previously, we just applied our filter (if any) to all attached Nitrokey
devices and selected the first match when connection to a Nitrokey
device. This may lead to unexpected behavior if multiple devices are
attached. This patch changes the find_device function to return an
error if multiple matching devices are found.
-rw-r--r-- | CHANGELOG.md | 3 | ||||
-rw-r--r-- | doc/nitrocli.1 | 13 | ||||
-rw-r--r-- | doc/nitrocli.1.pdf | bin | 40791 -> 40972 bytes | |||
-rw-r--r-- | src/commands.rs | 7 |
4 files changed, 19 insertions, 4 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index f5b6c93..fc288ee 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,9 @@ Unreleased - Added `envy` dependency in version `0.4.1` - Added `merge` dependency in version `0.1.0` - Added `directories` dependency in version `3.0.1` +- Reworked connection handling for multiple attached Nitrokey devices: + - Fail if multiple attached devices match the filter options (or no filter + options are set) 0.3.4 diff --git a/doc/nitrocli.1 b/doc/nitrocli.1 index 74cc2d9..680af3b 100644 --- a/doc/nitrocli.1 +++ b/doc/nitrocli.1 @@ -1,4 +1,4 @@ -.TH NITROCLI 1 2020-09-01 +.TH NITROCLI 1 2020-09-07 .SH NAME nitrocli \- access Nitrokey devices .SH SYNOPSIS @@ -10,12 +10,17 @@ nitrocli \- access Nitrokey devices It supports the Nitrokey Pro and the Nitrokey Storage. It can be used to access the encrypted volume, the one-time password generator, and the password safe. +.SS Device selection +Per default, \fBnitrocli\fR connects to any attached Nitrokey device. +You can use the \fB\-\-model\fR option to select the device to connect to. +\fBnitrocli\fR fails if more than one attached Nitrokey device matches +this filter or if multiple Nitrokey devices are attached and this option +is not set. .SH OPTIONS .TP \fB\-m\fR, \fB\-\-model pro\fR|\fBstorage\fR -Restrict connections to the given device model. -If this option is not set, nitrocli will connect to any connected Nitrokey Pro -or Nitrokey Storage device. +Restrict connections to the given device model, see the Device selection +section. .TP \fB\-\-no\-cache\fR If this option is set, nitrocli will not cache any inquired secrets using diff --git a/doc/nitrocli.1.pdf b/doc/nitrocli.1.pdf Binary files differindex 0646c84..015f379 100644 --- a/doc/nitrocli.1.pdf +++ b/doc/nitrocli.1.pdf diff --git a/src/commands.rs b/src/commands.rs index ff95c31..05038e0 100644 --- a/src/commands.rs +++ b/src/commands.rs @@ -61,6 +61,13 @@ fn find_device(config: &config::Config) -> anyhow::Result<nitrokey::DeviceInfo> let device = iter .next() .with_context(|| format!("Nitrokey device not found{}", format_filter(config)))?; + + anyhow::ensure!( + iter.next().is_none(), + "Multiple Nitrokey devices found{}. Use the --model and --serial-number options to \ + select one", + format_filter(config) + ); Ok(device) } |