[prev in list] [next in list] [prev in thread] [next in thread]
List: password-store
Subject: Re: [pass] [PATCH] Added show obfuscation
From: Andrew DeMaria <ademariad () gmail ! com>
Date: 2015-11-28 17:19:07
Message-ID: CAHkd+q0wKsu8Lpd+1YUNwHsrBSjYjXvRpNxcv37hCTRSVzS=JA () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Fixed spacing that was ruined by a copy-paste.
On Sat, Nov 28, 2015 at 10:16 AM, Andrew DeMaria <ademariad@gmail.com>
wrote:
> I had wrote this a couple weeks ago, but just now noticed another patch
> submitted to the list. To highlight the couple of differences, this patch
> also makes "show" only display one line by default. The reason I did this
> was that it allowed for control of how many lines were displayed regardless
> of whether clip is used or not. It also makes it clear when using the
> colored output what to actually copy for the password.
>
> In addition, this uses the tput to actually output the control sequences.
>
> On Sat, Nov 28, 2015 at 10:06 AM, Andrew DeMaria <ademariad@gmail.com>
> wrote:
>
>> - Hides shown text using terminal color codes by default
>> - Adds --no-color/-n option to remove coloring
>> - By default display only the first line regardless of whether clip is
>> specified
>> - Full output can be toggled with --full/-f
>> ---
>> src/completion/pass.bash-completion | 2 +-
>> src/completion/pass.fish-completion | 2 ++
>> src/completion/pass.zsh-completion | 6 +++++-
>> src/password-store.sh | 28 ++++++++++++++++++++--------
>> 4 files changed, 28 insertions(+), 10 deletions(-)
>>
>> diff --git a/src/completion/pass.bash-completion
>> b/src/completion/pass.bash-completion
>> index efd4b70..bfd2492 100644
>> --- a/src/completion/pass.bash-completion
>> +++ b/src/completion/pass.bash-completion
>> @@ -80,7 +80,7 @@ _pass()
>> _pass_complete_entries
>> ;;
>> show|-*)
>> - COMPREPLY+=($(compgen -W "-c --clip" -- ${cur}))
>> + COMPREPLY+=($(compgen -W "-c --clip -n --no-color -f
>> --full" -- ${cur}))
>> _pass_complete_entries 1
>> ;;
>> insert)
>> diff --git a/src/completion/pass.fish-completion
>> b/src/completion/pass.fish-completion
>> index c32a42c..5913224 100644
>> --- a/src/completion/pass.fish-completion
>> +++ b/src/completion/pass.fish-completion
>> @@ -98,6 +98,8 @@ complete -c $PROG -f -A -n '__fish_pass_uses_command
>> edit' -a "(__fish_pass_prin
>>
>> complete -c $PROG -f -A -n '__fish_pass_needs_command' -a show -d
>> 'Command: show existing password'
>> complete -c $PROG -f -A -n '__fish_pass_uses_command show' -s c -l clip
>> -d 'Put password in clipboard'
>> +complete -c $PROG -f -A -n '__fish_pass_uses_command show' -s n -l
>> no-color -d 'Do not colorize text'
>> +complete -c $PROG -f -A -n '__fish_pass_uses_command show' -s f -l full
>> -d 'Output the full password'
>> complete -c $PROG -f -A -n '__fish_pass_uses_command show' -a
>> "(__fish_pass_print_entries)"
>> # When no command is given, `show` is defaulted.
>> complete -c $PROG -f -A -n '__fish_pass_needs_command' -s c -l clip -d
>> 'Put password in clipboard'
>> diff --git a/src/completion/pass.zsh-completion
>> b/src/completion/pass.zsh-completion
>> index 9bb3f97..3b0259a 100644
>> --- a/src/completion/pass.zsh-completion
>> +++ b/src/completion/pass.zsh-completion
>> @@ -108,7 +108,11 @@ _pass () {
>> _pass_cmd_show () {
>> _arguments : \
>> "-c[put it on the clipboard]" \
>> - "--clip[put it on the clipboard]"
>> + "--clip[put it on the clipboard]" \
>> + "--full[Output the entire text]" \
>> + "-f[Output the entire text]" \
>> + "--no-color[Do not colorize output]" \
>> + "-n[Do not colorize output]"
>> _pass_complete_entries
>> }
>> _pass_complete_entries_helper () {
>> diff --git a/src/password-store.sh b/src/password-store.sh
>> index d535a74..e4f33d6 100755
>> --- a/src/password-store.sh
>> +++ b/src/password-store.sh
>> @@ -16,6 +16,9 @@ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
>> X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"
>> CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}"
>>
>> +SHOW_PASS_OBFUS='{ echo -en "$(tput setaf 1)$(tput setab 1)"; cat -;
>> echo -en "$(tput sgr0)"; }'
>> +SHOW_PASS_CLEAR='{ cat -; }'
>> +
>> export GIT_DIR="${PASSWORD_STORE_GIT:-$PREFIX}/.git"
>> export GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"
>>
>> @@ -223,9 +226,11 @@ cmd_usage() {
>> List passwords.
>> $PROGRAM find pass-names...
>> List passwords that match pass-names.
>> - $PROGRAM [show] [--clip,-c] pass-name
>> + $PROGRAM [show] [--clip,-c] [--no-color,-n] [--full,-f] pass-name
>> Show existing password and optionally put it on the
>> clipboard.
>> + If no color is specified the password will be shown in
>> non-colorized text.
>> If put on the clipboard, it will be cleared in $CLIP_TIME
>> seconds.
>> + If full is specified the entire contents will be used
>> (copied or displayed), not just the first line
>> $PROGRAM grep search-string
>> Search for password files containing search-string when
>> decrypted.
>> $PROGRAM insert [--echo,-e | --multiline,-m] [--force,-f]
>> pass-name
>> @@ -294,26 +299,33 @@ cmd_init() {
>> }
>>
>> cmd_show() {
>> - local opts clip=0
>> - opts="$($GETOPT -o c -l clip -n "$PROGRAM" -- "$@")"
>> + local opts clip=0 no_color=0 full=0
>> + opts="$($GETOPT -o cnf -l clip,no-color,full -n "$PROGRAM" -- "$@")"
>> local err=$?
>> eval set -- "$opts"
>> while true; do case $1 in
>> -c|--clip) clip=1; shift ;;
>> + -n|--no-color) no_color=1; shift ;;
>> + -f|--full) full=1; shift ;;
>> --) shift; break ;;
>> esac done
>>
>> - [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c]
>> [pass-name]"
>> + [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c]
>> [--no-color,-n] [--full,-f] [pass-name]"
>>
>> local path="$1"
>> local passfile="$PREFIX/$path.gpg"
>> check_sneaky_paths "$path"
>> if [[ -f $passfile ]]; then
>> - if [[ $clip -eq 0 ]]; then
>> - $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
>> + local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile")"
>> + if [[ $full -eq 0 ]]; then
>> + local pass=$(echo "${pass}" | head -n 1 -)
>> + fi
>> + [[ -n $pass ]] || exit 1
>> + if [[ $clip -eq 0 && $no_color -eq 0 ]]; then
>> + echo "${pass}" | eval "${SHOW_PASS_OBFUS}"
>> + elif [[ $clip -eq 0 ]]; then
>> + echo "${pass}" | eval "${SHOW_PASS_CLEAR}"
>> else
>> - local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n
>> 1)"
>> - [[ -n $pass ]] || exit 1
>> clip "$pass" "$path"
>> fi
>> elif [[ -d $PREFIX/$path ]]; then
>> --
>> 2.6.2
>>
>>
>>
>
[Attachment #5 (text/html)]
<div dir="ltr">Fixed spacing that was ruined by a copy-paste.<br></div><div \
class="gmail_extra"><br><div class="gmail_quote">On Sat, Nov 28, 2015 at 10:16 AM, \
Andrew DeMaria <span dir="ltr"><<a href="mailto:ademariad@gmail.com" \
target="_blank">ademariad@gmail.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr"><div>I had wrote this a couple weeks ago, but \
just now noticed another patch submitted to the list. To highlight the couple of \
differences, this patch also makes "show" only display one line by default. \
The reason I did this was that it allowed for control of how many lines were \
displayed regardless of whether clip is used or not. It also makes it clear when \
using the colored output what to actually copy for the password.<br><br></div>In \
addition, this uses the tput to actually output the control sequences.<br></div><div \
class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div \
class="gmail_quote">On Sat, Nov 28, 2015 at 10:06 AM, Andrew DeMaria <span \
dir="ltr"><<a href="mailto:ademariad@gmail.com" \
target="_blank">ademariad@gmail.com</a>></span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">- Hides shown text using terminal color codes \
by default<br><div><div>- Adds --no-color/-n option to remove coloring<br>- By \
default display only the first line regardless of whether clip is specified<br>- Full \
output can be toggled with --full/-f<br>---<br> src/completion/pass.bash-completion \
| 2 +-<br> src/completion/pass.fish-completion | 2 ++<br> \
src/completion/pass.zsh-completion | 6 +++++-<br> src/password-store.sh \
| 28 ++++++++++++++++++++--------<br> 4 files changed, 28 insertions(+), 10 \
deletions(-)<br><br>diff --git a/src/completion/pass.bash-completion \
b/src/completion/pass.bash-completion<br>index efd4b70..bfd2492 100644<br>--- \
a/src/completion/pass.bash-completion<br>+++ \
b/src/completion/pass.bash-completion<br>@@ -80,7 +80,7 @@ _pass()<br> \
_pass_complete_entries<br> ;;<br> \
show|-*)<br>- COMPREPLY+=($(compgen -W "-c \
--clip" -- ${cur}))<br>+ COMPREPLY+=($(compgen -W \
"-c --clip -n --no-color -f --full" -- ${cur}))<br> \
_pass_complete_entries 1<br> ;;<br> \
insert)<br>diff --git a/src/completion/pass.fish-completion \
b/src/completion/pass.fish-completion<br>index c32a42c..5913224 100644<br>--- \
a/src/completion/pass.fish-completion<br>+++ \
b/src/completion/pass.fish-completion<br>@@ -98,6 +98,8 @@ complete -c $PROG -f -A -n \
'__fish_pass_uses_command edit' -a "(__fish_pass_prin<br><br> complete \
-c $PROG -f -A -n '__fish_pass_needs_command' -a show -d 'Command: show \
existing password'<br> complete -c $PROG -f -A -n '__fish_pass_uses_command \
show' -s c -l clip -d 'Put password in clipboard'<br>+complete -c $PROG \
-f -A -n '__fish_pass_uses_command show' -s n -l no-color -d 'Do not \
colorize text'<br>+complete -c $PROG -f -A -n '__fish_pass_uses_command \
show' -s f -l full -d 'Output the full password'<br> complete -c $PROG \
-f -A -n '__fish_pass_uses_command show' -a \
"(__fish_pass_print_entries)"<br> # When no command is given, `show` is \
defaulted.<br> complete -c $PROG -f -A -n '__fish_pass_needs_command' -s c \
-l clip -d 'Put password in clipboard'<br>diff --git \
a/src/completion/pass.zsh-completion b/src/completion/pass.zsh-completion<br>index \
9bb3f97..3b0259a 100644<br>--- a/src/completion/pass.zsh-completion<br>+++ \
b/src/completion/pass.zsh-completion<br>@@ -108,7 +108,11 @@ _pass () {<br> \
_pass_cmd_show () {<br> _arguments : \<br> "-c[put it on \
the clipboard]" \<br>- "--clip[put it on the \
clipboard]"<br>+ "--clip[put it on the clipboard]" \<br>+ \
"--full[Output the entire text]" \<br>+ "-f[Output the \
entire text]" \<br>+ "--no-color[Do not colorize output]" \
\<br>+ "-n[Do not colorize output]"<br> \
_pass_complete_entries<br> }<br> _pass_complete_entries_helper () {<br>diff --git \
a/src/password-store.sh b/src/password-store.sh<br>index d535a74..e4f33d6 \
100755<br>--- a/src/password-store.sh<br>+++ b/src/password-store.sh<br>@@ -16,6 \
+16,9 @@ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"<br> \
X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"<br> \
CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}"<br><br>+SHOW_PASS_OBFUS='{ \
echo -en "$(tput setaf 1)$(tput setab 1)"; cat -; echo -en "$(tput \
sgr0)"; }'<br>+SHOW_PASS_CLEAR='{ cat -; }'<br>+<br> export \
GIT_DIR="${PASSWORD_STORE_GIT:-$PREFIX}/.git"<br> export \
GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"<br><br>@@ -223,9 +226,11 @@ \
cmd_usage() {<br> List passwords.<br> $PROGRAM \
find pass-names...<br> List passwords that match \
pass-names.<br>- $PROGRAM [show] [--clip,-c] pass-name<br>+ \
$PROGRAM [show] [--clip,-c] [--no-color,-n] [--full,-f] pass-name<br> \
Show existing password and optionally put it on the clipboard.<br>+ \
If no color is specified the password will be shown in non-colorized text.<br> \
If put on the clipboard, it will be cleared in $CLIP_TIME seconds.<br>+ \
If full is specified the entire contents will be used (copied or displayed), not just \
the first line<br> $PROGRAM grep search-string<br> \
Search for password files containing search-string when decrypted.<br> \
$PROGRAM insert [--echo,-e | --multiline,-m] [--force,-f] pass-name<br>@@ -294,26 \
+299,33 @@ cmd_init() {<br> }<br><br> cmd_show() {<br>- local opts \
clip=0<br>- opts="$($GETOPT -o c -l clip -n "$PROGRAM" -- \
"$@")"<br>+ local opts clip=0 no_color=0 full=0<br>+ \
opts="$($GETOPT -o cnf -l clip,no-color,full -n "$PROGRAM" -- \
"$@")"<br> local err=$?<br> eval set -- \
"$opts"<br> while true; do case $1 in<br> -c|--clip) \
clip=1; shift ;;<br>+ -n|--no-color) no_color=1; shift ;;<br>+ \
-f|--full) full=1; shift ;;<br> --) shift; break ;;<br> esac \
done<br><br>- [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND \
[--clip,-c] [pass-name]"<br>+ [[ $err -ne 0 ]] && die "Usage: \
$PROGRAM $COMMAND [--clip,-c] [--no-color,-n] [--full,-f] [pass-name]"<br><br> \
local path="$1"<br> local \
passfile="$PREFIX/$path.gpg"<br> check_sneaky_paths \
"$path"<br> if [[ -f $passfile ]]; then<br>- if [[ \
$clip -eq 0 ]]; then<br>- $GPG -d "${GPG_OPTS[@]}" \
"$passfile" || exit $?<br>+ local pass="$($GPG -d \
"${GPG_OPTS[@]}" "$passfile")"<br>+ if [[ $full \
-eq 0 ]]; then<br>+ local pass=$(echo "${pass}" | head \
-n 1 -)<br>+ fi<br>+ [[ -n $pass ]] || exit 1<br>+ \
if [[ $clip -eq 0 && $no_color -eq 0 ]]; then<br>+ echo \
"${pass}" | eval "${SHOW_PASS_OBFUS}"<br>+ elif [[ \
$clip -eq 0 ]]; then<br>+ echo "${pass}" | eval \
"${SHOW_PASS_CLEAR}"<br> else<br>- local \
pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n \
1)"<br>- [[ -n $pass ]] || exit 1<br> \
clip "$pass" "$path"<br> fi<br> elif [[ -d \
$PREFIX/$path ]]; then<br>--<br>2.6.2<br><br><br></div></div></div> \
</blockquote></div><br></div> </div></div></blockquote></div><br></div>
["0001-Added-show-obfuscation.patch" (text/x-patch)]
From 61945ac96fa9f721211cee221751c29126755b0a Mon Sep 17 00:00:00 2001
From: Andrew DeMaria <lostonamountain@gmail.com>
Date: Thu, 13 Aug 2015 16:00:12 -0600
Subject: [PATCH] Added show obfuscation
- Hides shown text using terminal color codes by default
- Adds --no-color/-n option to remove coloring
- By default display only the first line regardless of whether clip is specified
- Full output can be toggled with --full/-f
---
src/completion/pass.bash-completion | 2 +-
src/completion/pass.fish-completion | 2 ++
src/completion/pass.zsh-completion | 6 +++++-
src/password-store.sh | 28 ++++++++++++++++++++--------
4 files changed, 28 insertions(+), 10 deletions(-)
diff --git a/src/completion/pass.bash-completion \
b/src/completion/pass.bash-completion index efd4b70..bfd2492 100644
--- a/src/completion/pass.bash-completion
+++ b/src/completion/pass.bash-completion
@@ -80,7 +80,7 @@ _pass()
_pass_complete_entries
;;
show|-*)
- COMPREPLY+=($(compgen -W "-c --clip" -- ${cur}))
+ COMPREPLY+=($(compgen -W "-c --clip -n --no-color -f --full" -- ${cur}))
_pass_complete_entries 1
;;
insert)
diff --git a/src/completion/pass.fish-completion \
b/src/completion/pass.fish-completion index c32a42c..5913224 100644
--- a/src/completion/pass.fish-completion
+++ b/src/completion/pass.fish-completion
@@ -98,6 +98,8 @@ complete -c $PROG -f -A -n '__fish_pass_uses_command edit' -a \
"(__fish_pass_prin
complete -c $PROG -f -A -n '__fish_pass_needs_command' -a show -d 'Command: show \
existing password' complete -c $PROG -f -A -n '__fish_pass_uses_command show' -s c \
-l clip -d 'Put password in clipboard' +complete -c $PROG -f -A -n \
'__fish_pass_uses_command show' -s n -l no-color -d 'Do not colorize text' +complete \
-c $PROG -f -A -n '__fish_pass_uses_command show' -s f -l full -d 'Output the full \
password' complete -c $PROG -f -A -n '__fish_pass_uses_command show' -a \
"(__fish_pass_print_entries)" # When no command is given, `show` is defaulted.
complete -c $PROG -f -A -n '__fish_pass_needs_command' -s c -l clip -d 'Put password \
in clipboard'
diff --git a/src/completion/pass.zsh-completion b/src/completion/pass.zsh-completion
index 9bb3f97..3b0259a 100644
--- a/src/completion/pass.zsh-completion
+++ b/src/completion/pass.zsh-completion
@@ -108,7 +108,11 @@ _pass () {
_pass_cmd_show () {
_arguments : \
"-c[put it on the clipboard]" \
- "--clip[put it on the clipboard]"
+ "--clip[put it on the clipboard]" \
+ "--full[Output the entire text]" \
+ "-f[Output the entire text]" \
+ "--no-color[Do not colorize output]" \
+ "-n[Do not colorize output]"
_pass_complete_entries
}
_pass_complete_entries_helper () {
diff --git a/src/password-store.sh b/src/password-store.sh
index d535a74..e4f33d6 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -16,6 +16,9 @@ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"
CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}"
+SHOW_PASS_OBFUS='{ echo -en "$(tput setaf 1)$(tput setab 1)"; cat -; echo -en \
"$(tput sgr0)"; }' +SHOW_PASS_CLEAR='{ cat -; }'
+
export GIT_DIR="${PASSWORD_STORE_GIT:-$PREFIX}/.git"
export GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"
@@ -223,9 +226,11 @@ cmd_usage() {
List passwords.
$PROGRAM find pass-names...
List passwords that match pass-names.
- $PROGRAM [show] [--clip,-c] pass-name
+ $PROGRAM [show] [--clip,-c] [--no-color,-n] [--full,-f] pass-name
Show existing password and optionally put it on the clipboard.
+ If no color is specified the password will be shown in non-colorized text.
If put on the clipboard, it will be cleared in $CLIP_TIME seconds.
+ If full is specified the entire contents will be used (copied or \
displayed), not just the first line $PROGRAM grep search-string
Search for password files containing search-string when decrypted.
$PROGRAM insert [--echo,-e | --multiline,-m] [--force,-f] pass-name
@@ -294,26 +299,33 @@ cmd_init() {
}
cmd_show() {
- local opts clip=0
- opts="$($GETOPT -o c -l clip -n "$PROGRAM" -- "$@")"
+ local opts clip=0 no_color=0 full=0
+ opts="$($GETOPT -o cnf -l clip,no-color,full -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
-c|--clip) clip=1; shift ;;
+ -n|--no-color) no_color=1; shift ;;
+ -f|--full) full=1; shift ;;
--) shift; break ;;
esac done
- [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c] [pass-name]"
+ [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c] [--no-color,-n] \
[--full,-f] [pass-name]"
local path="$1"
local passfile="$PREFIX/$path.gpg"
check_sneaky_paths "$path"
if [[ -f $passfile ]]; then
- if [[ $clip -eq 0 ]]; then
- $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
+ local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile")"
+ if [[ $full -eq 0 ]]; then
+ local pass=$(echo "${pass}" | head -n 1 -)
+ fi
+ [[ -n $pass ]] || exit 1
+ if [[ $clip -eq 0 && $no_color -eq 0 ]]; then
+ echo "${pass}" | eval "${SHOW_PASS_OBFUS}"
+ elif [[ $clip -eq 0 ]]; then
+ echo "${pass}" | eval "${SHOW_PASS_CLEAR}"
else
- local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n 1)"
- [[ -n $pass ]] || exit 1
clip "$pass" "$path"
fi
elif [[ -d $PREFIX/$path ]]; then
--
2.6.2
_______________________________________________
Password-Store mailing list
Password-Store@lists.zx2c4.com
http://lists.zx2c4.com/mailman/listinfo/password-store
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic