[pass] [PATCH] Added show obfuscation

Kjetil Torgrim Homme kjetil.homme at redpill-linpro.com
Tue Dec 1 17:01:39 CET 2015 

On 11/28/2015 06:06 PM, Andrew DeMaria wrote:
> - Hides shown text using terminal color codes by default
> - Adds --no-color/-n option to remove coloring

hmm.  I prefer not changing the default behaviour.

> - By default display only the first line regardless of whether clip is
> specified

I don't like this change in behaviour either :-)

> - Full output can be toggled with --full/-f

but all of it is unreadable by default, even the non-secret stuff (which
is presumably in line 2 and below) ...  IMHO, this alone is a good
reason to avoid the negative option "no-color".  to avoid overlap with
"-c|--clip", I suggest "-r|--redact"

BTW, there have been many iterations of patches to implement "tail -n
+2" to only print the "non-secret" part of a file, perhaps you could
integrate some of those ideas as well.  e.g., Mike Hobbs in «to display
the remainder of a multi-line file with "show -c"», suggests to emit the
non-secret part when using xclip.  David Timothy Strauss had the same
idea in July, and Von Welch has advocated adding --tail to print this
part of the data.


> +SHOW_PASS_OBFUS='{ echo -en "$(tput setaf 1)$(tput setab 1)"; cat -; echo -en "$(tput sgr0)"; }'
> +SHOW_PASS_CLEAR='{ cat -; }'
...
> +> +        if [[ $clip -eq 0 && $no_color -eq 0 ]]; then
> +            echo "${pass}" | eval "${SHOW_PASS_OBFUS}"

I really don't like eval, and it doesn't make the code easier to read or
validate.  how about using a function like this?

echo_pass() {
  local pass="$1"
  if [[ $no_color -eq 0 ]]; then
     echo -e "$(tput setaf 1)$(tput setab 1)${pass}$(tput sgr0)"
  else
     echo "$pass"
  fi
}

if [[ $clip -eq 0 ]]; then
  echo_pass "$pass"
else
  ...
fi


> +        elif [[ $clip -eq 0 ]]; then
> +            echo "${pass}" | eval "${SHOW_PASS_CLEAR}"
>          else
> -            local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n 1)"
> -            [[ -n $pass ]] || exit 1
>              clip "$pass" "$path"
>          fi
>      elif [[ -d $PREFIX/$path ]]; then
> --
> 2.6.2


-- 
Kjetil T. Homme
Redpill Linpro - Changing the game

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20151201/935613b5/attachment.asc>

More information about the Password-Store mailing list