[PATCH] Add --edit option to generate subcommand
Mildred Ki'Lya
mildred-ml at mildred.fr
Thu May 16 17:02:59 CEST 2019
When creating passwords, it's often very useful to add contextual
information about it at creation time, such as the e-mail address used
or the login name. With the --edit flag, it's possible to modify the
password file before it is encrypted.
---
src/completion/pass.bash-completion | 2 +-
src/completion/pass.fish-completion | 1 +
src/completion/pass.zsh-completion | 4 +++-
src/password-store.sh | 26 +++++++++++++++++++++-----
4 files changed, 26 insertions(+), 7 deletions(-)
diff --git a/src/completion/pass.bash-completion
b/src/completion/pass.bash-completion
index 95d3e1e..27fed85 100644
--- a/src/completion/pass.bash-completion
+++ b/src/completion/pass.bash-completion
@@ -109,7 +109,7 @@ _pass()
_pass_complete_entries
;;
generate)
- COMPREPLY+=($(compgen -W "-n --no-symbols -c --clip -f --force -i
--in-place" -- ${cur}))
+ COMPREPLY+=($(compgen -W "-n --no-symbols -c --clip -f --force -i
--in-place -e --edit" -- ${cur}))
_pass_complete_entries
;;
cp|copy|mv|rename)
diff --git a/src/completion/pass.fish-completion
b/src/completion/pass.fish-completion
index 8637874..1f80ed2 100644
--- a/src/completion/pass.fish-completion
+++ b/src/completion/pass.fish-completion
@@ -77,6 +77,7 @@ complete -c $PROG -f -A -n '__fish_pass_uses_command
generate' -s n -l no-symbol
complete -c $PROG -f -A -n '__fish_pass_uses_command generate' -s c -l
clip -d 'Put the password in clipboard'
complete -c $PROG -f -A -n '__fish_pass_uses_command generate' -s f -l
force -d 'Do not prompt before overwritting'
complete -c $PROG -f -A -n '__fish_pass_uses_command generate' -s i -l
in-place -d 'Replace only the first line with the generated password'
+complete -c $PROG -f -A -n '__fish_pass_uses_command generate' -s e -l
edit -d 'Edit file after generation'
complete -c $PROG -f -A -n '__fish_pass_uses_command generate' -a
"(__fish_pass_print_entry_dirs)"
complete -c $PROG -f -A -n '__fish_pass_needs_command' -a mv -d
'Command: rename existing password'
diff --git a/src/completion/pass.zsh-completion
b/src/completion/pass.zsh-completion
index 27ce15a..9801e81 100644
--- a/src/completion/pass.zsh-completion
+++ b/src/completion/pass.zsh-completion
@@ -55,7 +55,9 @@ _pass () {
"-f[force overwrite]" \
"--force[force overwrite]" \
"-i[replace first line]" \
- "--in-place[replace first line]"
+ "--in-place[replace first line]" \
+ "-e[edit file after generation]" \
+ "--edit[edit file after generation]"
_pass_complete_entries_with_subdirs
;;
cp|copy|mv|rename)
diff --git a/src/password-store.sh b/src/password-store.sh
index 284eabf..e95b091 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -292,7 +292,7 @@ cmd_usage() {
overwriting existing password unless forced.
$PROGRAM edit pass-name
Insert a new password or edit an existing password using ${EDITOR:-vi}.
- $PROGRAM generate [--no-symbols,-n] [--clip,-c] [--in-place,-i |
--force,-f] pass-name [pass-length]
+ $PROGRAM generate [--no-symbols,-n] [--clip,-c] [--in-place,-i |
--force,-f] [--edit,-e] pass-name [pass-length]
Generate a new password of pass-length (or $GENERATED_LENGTH if
unspecified) with optionally no symbols.
Optionally put it on the clipboard and clear board after $CLIP_TIME seconds.
Prompt before overwriting existing password unless forced.
@@ -507,8 +507,8 @@ cmd_edit() {
}
cmd_generate() {
- local opts qrcode=0 clip=0 force=0 characters="$CHARACTER_SET"
inplace=0 pass
- opts="$($GETOPT -o nqcif -l no-symbols,qrcode,clip,in-place,force -n
"$PROGRAM" -- "$@")"
+ local opts qrcode=0 clip=0 force=0 characters="$CHARACTER_SET"
inplace=0 edit=0 pass
+ opts="$($GETOPT -o nqcife -l
no-symbols,qrcode,clip,in-place,force,edit -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
@@ -517,6 +517,7 @@ cmd_generate() {
-c|--clip) clip=1; shift ;;
-f|--force) force=1; shift ;;
-i|--in-place) inplace=1; shift ;;
+ -e|--edit) edit=1; shift ;;
--) shift; break ;;
esac done
@@ -533,13 +534,28 @@ cmd_generate() {
[[ $inplace -eq 0 && $force -eq 0 && -e $passfile ]] && yesno "An entry
already exists for $path. Overwrite it?"
+ tmpdir #Defines $SECURE_TMPDIR
+ local tmp_file="$(mktemp -u "$SECURE_TMPDIR/XXXXXX")-${path//\//-}.txt"
+
read -r -n $length pass < <(LC_ALL=C tr -dc "$characters" < /dev/urandom)
[[ ${#pass} -eq $length ]] || die "Could not generate password from
/dev/urandom."
if [[ $inplace -eq 0 ]]; then
- echo "$pass" | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile"
"${GPG_OPTS[@]}" || die "Password encryption aborted."
+ echo "$pass" >"$tmp_file"
+ else
+ { echo "$pass"; $GPG -d "${GPG_OPTS[@]}" "$passfile" | tail -n +2; }
>"$tmp_file"
+ fi
+
+ if [[ $edit -ne 0 ]]; then
+ ${EDITOR:-vi} "$tmp_file"
+ [[ -f $tmp_file ]] || die "New password not saved."
+ pass="$(head -n 1 "$tmp_file")"
+ fi
+
+ if [[ $inplace -eq 0 ]]; then
+ $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}"
"$tmp_file" || die "Password encryption aborted."
else
local
passfile_temp="${passfile}.tmp.${RANDOM}.${RANDOM}.${RANDOM}.${RANDOM}.--"
- if { echo "$pass"; $GPG -d "${GPG_OPTS[@]}" "$passfile" | tail -n +2;
} | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile_temp"
"${GPG_OPTS[@]}"; then
+ if $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile_temp"
"${GPG_OPTS[@]}" "$tmp_file"; then
mv "$passfile_temp" "$passfile"
else
rm -f "$passfile_temp"
More information about the Password-Store
mailing list