[pass] [PATCH] Added show obfuscation

Andrew DeMaria ademariad at gmail.com
Sat Nov 28 18:16:30 CET 2015


I had wrote this a couple weeks ago, but just now noticed another patch
submitted to the list. To highlight the couple of differences, this patch
also makes "show" only display one line by default. The reason I did this
was that it allowed for control of how many lines were displayed regardless
of whether clip is used or not. It also makes it clear when using the
colored output what to actually copy for the password.

In addition, this uses the tput to actually output the control sequences.

On Sat, Nov 28, 2015 at 10:06 AM, Andrew DeMaria <ademariad at gmail.com>
wrote:

> - Hides shown text using terminal color codes by default
> - Adds --no-color/-n option to remove coloring
> - By default display only the first line regardless of whether clip is
> specified
> - Full output can be toggled with --full/-f
> ---
>  src/completion/pass.bash-completion |  2 +-
>  src/completion/pass.fish-completion |  2 ++
>  src/completion/pass.zsh-completion  |  6 +++++-
>  src/password-store.sh               | 28 ++++++++++++++++++++--------
>  4 files changed, 28 insertions(+), 10 deletions(-)
>
> diff --git a/src/completion/pass.bash-completion
> b/src/completion/pass.bash-completion
> index efd4b70..bfd2492 100644
> --- a/src/completion/pass.bash-completion
> +++ b/src/completion/pass.bash-completion
> @@ -80,7 +80,7 @@ _pass()
>                  _pass_complete_entries
>                  ;;
>              show|-*)
> -                COMPREPLY+=($(compgen -W "-c --clip" -- ${cur}))
> +                COMPREPLY+=($(compgen -W "-c --clip -n --no-color -f
> --full" -- ${cur}))
>                  _pass_complete_entries 1
>                  ;;
>              insert)
> diff --git a/src/completion/pass.fish-completion
> b/src/completion/pass.fish-completion
> index c32a42c..5913224 100644
> --- a/src/completion/pass.fish-completion
> +++ b/src/completion/pass.fish-completion
> @@ -98,6 +98,8 @@ complete -c $PROG -f -A -n '__fish_pass_uses_command
> edit' -a "(__fish_pass_prin
>
>  complete -c $PROG -f -A -n '__fish_pass_needs_command' -a show -d
> 'Command: show existing password'
>  complete -c $PROG -f -A -n '__fish_pass_uses_command show' -s c -l clip
> -d 'Put password in clipboard'
> +complete -c $PROG -f -A -n '__fish_pass_uses_command show' -s n -l
> no-color -d 'Do not colorize text'
> +complete -c $PROG -f -A -n '__fish_pass_uses_command show' -s f -l full
> -d 'Output the full password'
>  complete -c $PROG -f -A -n '__fish_pass_uses_command show' -a
> "(__fish_pass_print_entries)"
>  # When no command is given, `show` is defaulted.
>  complete -c $PROG -f -A -n '__fish_pass_needs_command' -s c -l clip -d
> 'Put password in clipboard'
> diff --git a/src/completion/pass.zsh-completion
> b/src/completion/pass.zsh-completion
> index 9bb3f97..3b0259a 100644
> --- a/src/completion/pass.zsh-completion
> +++ b/src/completion/pass.zsh-completion
> @@ -108,7 +108,11 @@ _pass () {
>  _pass_cmd_show () {
>      _arguments : \
>          "-c[put it on the clipboard]" \
> -        "--clip[put it on the clipboard]"
> +        "--clip[put it on the clipboard]" \
> +        "--full[Output the entire text]" \
> +        "-f[Output the entire text]" \
> +        "--no-color[Do not colorize output]" \
> +        "-n[Do not colorize output]"
>      _pass_complete_entries
>  }
>  _pass_complete_entries_helper () {
> diff --git a/src/password-store.sh b/src/password-store.sh
> index d535a74..e4f33d6 100755
> --- a/src/password-store.sh
> +++ b/src/password-store.sh
> @@ -16,6 +16,9 @@ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
>  X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"
>  CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}"
>
> +SHOW_PASS_OBFUS='{ echo -en "$(tput setaf 1)$(tput setab 1)"; cat -; echo
> -en "$(tput sgr0)"; }'
> +SHOW_PASS_CLEAR='{ cat -; }'
> +
>  export GIT_DIR="${PASSWORD_STORE_GIT:-$PREFIX}/.git"
>  export GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"
>
> @@ -223,9 +226,11 @@ cmd_usage() {
>              List passwords.
>          $PROGRAM find pass-names...
>              List passwords that match pass-names.
> -        $PROGRAM [show] [--clip,-c] pass-name
> +        $PROGRAM [show] [--clip,-c] [--no-color,-n] [--full,-f] pass-name
>              Show existing password and optionally put it on the clipboard.
> +            If no color is specified the password will be shown in
> non-colorized text.
>              If put on the clipboard, it will be cleared in $CLIP_TIME
> seconds.
> +            If full is specified the entire contents will be used (copied
> or displayed), not just the first line
>          $PROGRAM grep search-string
>              Search for password files containing search-string when
> decrypted.
>          $PROGRAM insert [--echo,-e | --multiline,-m] [--force,-f]
> pass-name
> @@ -294,26 +299,33 @@ cmd_init() {
>  }
>
>  cmd_show() {
> -    local opts clip=0
> -    opts="$($GETOPT -o c -l clip -n "$PROGRAM" -- "$@")"
> +    local opts clip=0 no_color=0 full=0
> +    opts="$($GETOPT -o cnf -l clip,no-color,full -n "$PROGRAM" -- "$@")"
>      local err=$?
>      eval set -- "$opts"
>      while true; do case $1 in
>          -c|--clip) clip=1; shift ;;
> +        -n|--no-color) no_color=1; shift ;;
> +        -f|--full) full=1; shift ;;
>          --) shift; break ;;
>      esac done
>
> -    [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c]
> [pass-name]"
> +    [[ $err -ne 0 ]] && die "Usage: $PROGRAM $COMMAND [--clip,-c]
> [--no-color,-n] [--full,-f] [pass-name]"
>
>      local path="$1"
>      local passfile="$PREFIX/$path.gpg"
>      check_sneaky_paths "$path"
>      if [[ -f $passfile ]]; then
> -        if [[ $clip -eq 0 ]]; then
> -            $GPG -d "${GPG_OPTS[@]}" "$passfile" || exit $?
> +        local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile")"
> +        if [[ $full -eq 0 ]]; then
> +            local pass=$(echo "${pass}" | head -n 1 -)
> +        fi
> +        [[ -n $pass ]] || exit 1
> +        if [[ $clip -eq 0 && $no_color -eq 0 ]]; then
> +            echo "${pass}" | eval "${SHOW_PASS_OBFUS}"
> +        elif [[ $clip -eq 0 ]]; then
> +            echo "${pass}" | eval "${SHOW_PASS_CLEAR}"
>          else
> -            local pass="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | head -n
> 1)"
> -            [[ -n $pass ]] || exit 1
>              clip "$pass" "$path"
>          fi
>      elif [[ -d $PREFIX/$path ]]; then
> --
> 2.6.2
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/password-store/attachments/20151128/de9327bf/attachment-0001.html>


More information about the Password-Store mailing list