summaryrefslogtreecommitdiff
path: root/src/password-store.sh
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2014-04-12 20:06:30 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2014-04-12 20:06:30 +0200
commit2eaca82585204ffd37f7f5d3e397b2ac56638b40 (patch)
tree82b7c2e1113e2c461685950ac9943aacdf429751 /src/password-store.sh
parentcca731a2954036425e35d6f1601a7debb71c1c49 (diff)
downloadpass-1.5.tar.gz
pass-1.5.tar.bz2
pass-1.5.zip
Use pipefail and randomize intermediate encrypted.1.5
Matthew writes: If the initial decrypt fails then the rest of the line shouldn't continue, as it won't be a properly decrypted password being re-encrypted and written over the existing passfile. One solution to this would be to enable pipefail (set -o pipefail) - either just before, or at the start of this script. This would cause the failure of any of the commands in a pipe to set the return status of the whole pipeline to non-zero (the last failed command's return code is used). We take his suggestion with this patch. While we're at it, we take a little bit extra care (though not too much extra care) to select a more random intermediate password, in case folks have a strange habit of using a dot-new extension on files. Suggested-by: Matthew Richardson <m.richardson@ed.ac.uk> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src/password-store.sh')
-rwxr-xr-xsrc/password-store.sh6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/password-store.sh b/src/password-store.sh
index 0d03520..a7a5604 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -4,6 +4,7 @@
# This file is licensed under the GPLv2+. Please see COPYING for more information.
umask "${PASSWORD_STORE_UMASK:-077}"
+set -o pipefail
GPG_OPTS="--quiet --yes --compress-algo=none"
GPG="gpg"
@@ -209,12 +210,13 @@ case "$command" in
if [[ $reencrypt -eq 1 ]]; then
find "$PREFIX/$id_path" -iname '*.gpg' | while read -r passfile; do
+ fake_uniqueness_safety="$RANDOM"
passfile_dir=${passfile%/*}
passfile_dir=${passfile_dir#$PREFIX}
passfile_dir=${passfile_dir#/}
set_gpg_recipients "$passfile_dir"
- $GPG -d $GPG_OPTS "$passfile" | $GPG -e "${gpg_recipient_args[@]}" -o "$passfile.new" $GPG_OPTS &&
- mv -v "$passfile.new" "$passfile"
+ $GPG -d $GPG_OPTS "$passfile" | $GPG -e "${gpg_recipient_args[@]}" -o "$passfile.new.$fake_uniqueness_safety" $GPG_OPTS &&
+ mv -v "$passfile.new.$fake_uniqueness_safety" "$passfile"
done
git_add_file "$PREFIX/$id_path" "Reencrypted password store using new GPG id ${id_print}."
fi