[pass] [PATCH] Do not interpret backslashes when reading passwords

[Sung Pae]

Hello,

The patch follows inline, and is also available at:

https://github.com/guns/password-store/commit/fece73d3432b2698c710a98a6c16a15bcbd6bde6.patch

Thank you for the excellent software.

    guns

---
From fece73d3432b2698c710a98a6c16a15bcbd6bde6 Mon Sep 17 00:00:00 2001
From: guns <self at sungpae.com>
Date: Tue, 16 Oct 2012 17:28:15 -0500
Subject: [PATCH] Do not interpret backslashes when reading passwords

The `read` builtin accepts backslash notation for common non-printing
characters by default, like `\t` and `\n`. This requires that any
literal backslashes must also be escaped as `\\`.

Given that `gpg -e` does not interpret input, the `read` invocations are
changed to do the same.

Also, the right hand side of an `==` comparison within `[[ ]]` must be
quoted in order to suppress pattern metacharacter expansion. Quoting the
bash manual:

    When the == and != operators are used, the string to the right of
    the operator is considered a pattern and matched according to the
    rules described below under Pattern Matching.
---
 src/password-store.sh | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/password-store.sh b/src/password-store.sh
index eabbb50..8dea924 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -261,11 +261,11 @@ case "$command" in
 			gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS
 		elif [[ $noecho -eq 1 ]]; then
 			while true; do
-				read -p "Enter password for $path: " -s password
+				read -r -p "Enter password for $path: " -s password
 				echo
-				read -p "Retype password for $path: " -s password_again
+				read -r -p "Retype password for $path: " -s password_again
 				echo
-				if [[ $password == $password_again ]]; then
+				if [[ $password == "$password_again" ]]; then
 					gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
 					break
 				else
@@ -273,7 +273,7 @@ case "$command" in
 				fi
 			done
 		else
-			read -p "Enter password for $path: " -e password
+			read -r -p "Enter password for $path: " -e password
 			gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password"
 		fi
 		git_add_file "$passfile" "Added given password for $path to store."
-- 
1.7.12.3

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20121016/9506d62c/attachment.asc>