summaryrefslogtreecommitdiff
path: root/.gitignore (unfollow)
Commit message (Collapse)AuthorFilesLines
2019-07-17Account for missing [:graph:] on Busybox by using [:alnum:][:punct:]Daniel Janus1-1/+1
Some implementations of tr (notably the ones in Busybox and Toybox) do not support the [:graph:] character class, but they do support [:punct:] and [:alnum:]. This makes pass generate sane passwords in such environments. Discussed-on: https://lists.zx2c4.com/pipermail/password-store/2019-July/003702.html
2019-06-16Exclude invalid, disabled and revoked subkeys from subkey selectionAaron Jones1-1/+1
When rotating encryption subkeys, and revoking the old one, `pass init keyid` would re-encrypt your stored credentials to the (now revoked) old subkey(s) in addition to the new one too. It would also mistakenly encrypt to keys that have been disabled, and keys that were never validly signed by their master (certify) key. Fix all of these cases. It was decided NOT to also exclude expired subkeys. Signed-off-by: Aaron Jones <aaronmdjones@gmail.com>
2019-06-10emacs: Delete duplicate entries from password-store-listTino Calancha1-4/+5
Emacs backup files add a duplicate entry, that is, if you have the two files, foo.bar and foo.bar~, then you'd get two entries for `foo'. * password-store.el (password-store-list): Delete duplicate entries. Bump version to 2.0.2. Update Copyright notice.
2019-04-25emacs: Drop nil command argumentsSvend Sorensen1-3/+3
Drop nil arguments in `password-store--run` and `password-store--run-1`. This fixes an error running `password-store-generate`.
2019-04-05emacs: Release version 2.0.0 of Emacs packageSvend Sorensen1-1/+1
2019-04-05emacs: Supprt asynchronous pass operations which return output.Ian Eure1-30/+53
When using EXWM, if `password-store-get` is called and a pinentry program needs to be executed, Emacs deadlocks. This happens becuase Emacs blocks waiting for output from `gpg(1)`, which is blocked waiting for output from the pinentry-program, which is blocked waiting for Emacs to manage its window. This updates `password-store-copy` to work asynchronously. This should be fine, since its primary purpose is side-effecting, and it doesn’t matter when its evaluation completes. The ability to call `password-store-get` asynchronously with a callback has also been added to support this usecase. A new function has been added for general cases of async `pass` commands where the output is needed, `password-store--run-1`. While there is an existing `password-store--run-async`, it discards output -- it’s only used for `pass edit`, where it’s not needed. The body of `password-store--run` has been replacing it with one that uses `--run-1` and a wait loop which blocks until it’s complete. Supporting all this necessitated moving the file to lexical binding and dropping Emacs 24 support. The latter requirement could be worked around if there are concerns around it. **SECURITY INTERLUDE** I was unbelievably distressed to discover that the implementation of `password-store--run` redirects the decrypted file contents to disk, reads that into a buffer, then removes the file. This approach is preposterous and may warrant a CVE, as it exposes users to numerous conditions where their cleartext passwords could be recovered: - If the user hits C-g, the Emacs function may not get to the point of removing the file, leaving the password on disk. - It’s not a safe assumption that `make-temp-file` is secure, and even if it were, the time windows in play are likely to be very large, opening race conditions where the file contents can be read by an attacker before the file is removed. - Even if the file is removed, it could be recovered by examining the contents of deleted inodes. Information this sensitive should NEVER be persisted in cleartext in non-volatile storage. You may as well write it on a post-it and stick it on your monitor. re NicolasPetton/pass#25
2019-02-27clip: Add support for wl-clipboardBrett Cornwall3-6/+29
2018-10-31emacs: Fix typo in password-store-url function doc stringSvend Sorensen2-3/+7
"http://" was repeated, fix the second instance to read "https://".
2018-10-19bash-completion: detect whether to use gpg/gpg2 binary for complete keysElan Ruusamäe1-1/+4
Signed-off-by: Elan Ruusamäe <glen@pld-linux.org>
2018-10-19bash_completion: do not leak variables to globals scopeElan Ruusamäe1-6/+6
Signed-off-by: Elan Ruusamäe <glen@pld-linux.org>
2018-08-09Do not reencrypt symbolic linksAldis Berjoza2-0/+10
2018-08-03version: bump1.7.3Jason A. Donenfeld1-1/+1
2018-08-01show: do not store binary data in bash varsJason A. Donenfeld5-15/+18
Instead we're forced to base64 it, like we do with the clipboard.
2018-07-26Add custom bash completion for extensionsLars Flitter1-1/+12
Bash completion now allows usage of extension commands. (see pass.bash-completion for details)
2018-07-26Do not set foreground color for generated passwordLukas Fleischer1-1/+1
Since commit 63ef32a (generate: use nice ansi colors instead., 2014-05-08), generated passwords are highlighted to make them distinguishable from the Git output. However, setting the foreground color to white makes the password hardly readable when a "black on white" color scheme is used. Drop the hardcoded foreground color and use the bold attribute only instead. Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
2018-06-25Do not put passwords in herestringsJason A. Donenfeld1-3/+3
Bash sometimes writes these into temporary files, which isn't okay.
2018-06-24Simplify filename matching in redact_pass.vimTom Ryder2-40/+11
Use the autocmd pattern to match the password filename rather than doing it manually within the called function.
2018-06-14version: bump1.7.2Jason A. Donenfeld1-1/+1
2018-06-14show: buffer output before displaying, in case decryption failsJason A. Donenfeld1-2/+4
For the line-choosing case, this is actually a big deal since we weren't passing the error code back to the user either.
2018-06-14Close stdout for background task that restores clipboardAllan Odgaard3-3/+3
While we do not expect any output on stdout from the background task, keeping the file handle open means that anyone calling `pass` and waiting for stdout to be closed, will have to wait (by default) for 45 seconds.
2018-06-14Don't trap INT or TERM; they are redundant and can break `pass edit`.Nick Kousu1-2/+2
Some EDITORs, notably Linux vi(1), which is the fallback default in pass, apparently send INT when they exit, and when pass is run under bash (which is also its default)--if you have /dev/shm/ available--bash catches this and cleans up your edited password file *before* it can be reencrypted and saved. This only happens with `pass edit`; none of the other commands combine tmpdir and $EDITOR.
2018-06-14tests: fix compatibility with GnuPG 2.2.5Clément Lassieur1-1/+1
2018-06-14Add tests and documentation of passing options to grep(1)Norbert Buchmueller3-5/+18
2018-06-14Ensure signature regexes are anchoredJason A. Donenfeld1-4/+4
Fixes CVE-2018-12356. Reported-by: Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
2018-06-10Replace noplaintext.vim as redact_pass.vim pluginTom Ryder3-46/+121
Per debugging from Enno Nagel <enno.nagel+vim@gmail.com>, it's become apparent to me that to have any degree of confidence that none of these options have actually got any plaintext password data in them, we need to disable the options globally when a password file is edited. In particular, in the case of the 'viminfo' global option, it's not possible to disable it per path, and not terribly meaningful either; things like the last seach pattern or the contents of registers, i.e. global state of the editor, are recorded. There's no sensible approach I can see except to actually switch the feature off entirely by blanking it. I've therefore completely rewritten this, to make as thorough a check as possible that the Vim user is editing a pass(1) file by calling `pass edit`, and then to disable the "leaky" options globally, with an explicit warning so that the user can see it's been done. This plugin is also available as Vim script #5707: <https://www.vim.org/scripts/script.php?script_id=5707> Its homepage is here: <https://sanctum.geek.nz/cgit/vim-redact-pass.git/about/>
2018-05-24grep: allow grep options and argumentsSitaram Chamarty1-3/+3
Allow grep options and arguments. Typical uses may be, for instance, wanting to ignore case ('-i'), print a few lines of context around the matched line, multiple patterns with '-e', etc. (background: grep is deprecating GREP_OPTIONS, so eventually that will stop working).
2018-02-19fish: reduce completion runtimesMathis Antony1-14/+13
Fish completion spends most of the time in calls to `sed` in for loops over entries and directories. This patch removes the repeated calls to `sed`. Signed-off-by: Mathis Antony <sveitser@gmail.com>
2018-02-08generate: disallow zero length generated passwordsJason A. Donenfeld1-1/+2
2018-02-01generate: in-place should work when file is emptyJason A. Donenfeld1-1/+1
2017-12-18Quote array specifierJason A. Donenfeld1-1/+1
Otherwise this expands to a filename if one exists. Suggested-by: izaberina@gmail.com
2017-10-13protect dirname calls from pass-names that look like command-line optionsStacey Sheldon1-6/+6
With the $path variable being passed directly to dirname, any pass-names provided by the user that happened to look like options to dirname would be processed as options rather than as the path to be split. This results in a real mess when you happen to run one of: pass edit --help pass generate --help pass insert --help then in the cmd_foo() function, you have: mkdir -p -v "$PREFIX/$(dirname --help)" which (due to the -p option to mkdir) results in the creation of an entire directory hierarchy made up of the slash-separated help text from dirname.
2017-09-15passmenu: Don't eat whitespace at beginning/end of passwordDaniel Lublin1-1/+1
If IFS (Input Field Separator) is not emptied, read will actually strip spaces and tabs at the beginning/end end of the "line".
2017-08-29emacs: Release version 1.0.1 of Emacs packageSvend Sorensen2-5/+10
2017-08-29emacs: --run-async: Quote shell argumentsDamien Cassou1-4/+5
This is important for filenames with special characters such as spaces and parenthesis.
2017-08-29emacs: Update author's email addressSvend Sorensen1-2/+2
2017-08-29emacs: Fix package-lint violationsSvend Sorensen1-2/+3
2017-07-26emacs: Release version 1.0.0 of Emacs packageSvend Sorensen2-1/+8
2017-07-26emacs: Use with-editor to wrap "pass edit"Svend Sorensen2-9/+17
Instead of editing the password file directly using Emacs, "pass edit" is run. This allows password-store's git change tracking to work. This adds a dependency on the with-editor Emacs package.
2017-04-13Bump version1.7.1Jason A. Donenfeld1-1/+1
2017-04-13init: match only the public keyJason A. Donenfeld1-1/+1
2017-03-28Use $GPG variableJason A. Donenfeld1-3/+3
2017-03-20Fix compatibility with GnuPG 2.2.19Andreas Stieger2-2/+2
GnuPG 2.2.19 added a warning when no command was given. * src/password-store.sh (reencrypt_path): Add --decrypt to --list-only * tests/t0300-reencryption.sh (gpg_keys_from_encrypted_file): same https://bugs.gnupg.org/gnupg/msg9873 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=810adfd47801fc01e45fb71af9f05c91f7890cdb https://bugzilla.suse.com/show_bug.cgi?id=1028867
2017-03-01tests: fix on OSX by not using the tr hackJason A. Donenfeld3-5/+2
2017-02-26Bump version1.7Jason A. Donenfeld1-1/+1
2017-02-26Modernize makefileJason A. Donenfeld2-31/+36
2017-02-25CopyrightJason A. Donenfeld1-1/+1
2017-02-25StyleJason A. Donenfeld1-2/+2
2017-02-25git: use inner-most directoryJason A. Donenfeld2-27/+48
2017-02-25clip: sleep may require argv[0] to be sleepJason A. Donenfeld1-1/+1
2017-02-25man: document system extensionsJason A. Donenfeld1-2/+3