summaryrefslogtreecommitdiff
path: root/contrib (follow)
Commit message (Collapse)AuthorAgeFilesLines
* emacs: Delete duplicate entries from password-store-listTino Calancha2019-06-101-4/+5
| | | | | | | | Emacs backup files add a duplicate entry, that is, if you have the two files, foo.bar and foo.bar~, then you'd get two entries for `foo'. * password-store.el (password-store-list): Delete duplicate entries. Bump version to 2.0.2. Update Copyright notice.
* emacs: Drop nil command argumentsSvend Sorensen2019-04-251-3/+3
| | | | | Drop nil arguments in `password-store--run` and `password-store--run-1`. This fixes an error running `password-store-generate`.
* emacs: Release version 2.0.0 of Emacs packageSvend Sorensen2019-04-051-1/+1
|
* emacs: Supprt asynchronous pass operations which return output.Ian Eure2019-04-051-30/+53
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using EXWM, if `password-store-get` is called and a pinentry program needs to be executed, Emacs deadlocks. This happens becuase Emacs blocks waiting for output from `gpg(1)`, which is blocked waiting for output from the pinentry-program, which is blocked waiting for Emacs to manage its window. This updates `password-store-copy` to work asynchronously. This should be fine, since its primary purpose is side-effecting, and it doesn’t matter when its evaluation completes. The ability to call `password-store-get` asynchronously with a callback has also been added to support this usecase. A new function has been added for general cases of async `pass` commands where the output is needed, `password-store--run-1`. While there is an existing `password-store--run-async`, it discards output -- it’s only used for `pass edit`, where it’s not needed. The body of `password-store--run` has been replacing it with one that uses `--run-1` and a wait loop which blocks until it’s complete. Supporting all this necessitated moving the file to lexical binding and dropping Emacs 24 support. The latter requirement could be worked around if there are concerns around it. **SECURITY INTERLUDE** I was unbelievably distressed to discover that the implementation of `password-store--run` redirects the decrypted file contents to disk, reads that into a buffer, then removes the file. This approach is preposterous and may warrant a CVE, as it exposes users to numerous conditions where their cleartext passwords could be recovered: - If the user hits C-g, the Emacs function may not get to the point of removing the file, leaving the password on disk. - It’s not a safe assumption that `make-temp-file` is secure, and even if it were, the time windows in play are likely to be very large, opening race conditions where the file contents can be read by an attacker before the file is removed. - Even if the file is removed, it could be recovered by examining the contents of deleted inodes. Information this sensitive should NEVER be persisted in cleartext in non-volatile storage. You may as well write it on a post-it and stick it on your monitor. re NicolasPetton/pass#25
* emacs: Fix typo in password-store-url function doc stringSvend Sorensen2018-10-312-3/+7
| | | | "http://" was repeated, fix the second instance to read "https://".
* Simplify filename matching in redact_pass.vimTom Ryder2018-06-242-40/+11
| | | | | Use the autocmd pattern to match the password filename rather than doing it manually within the called function.
* Replace noplaintext.vim as redact_pass.vim pluginTom Ryder2018-06-103-46/+121
| | | | | | | | | | | | | | | | | | | | | | | | | | | Per debugging from Enno Nagel <enno.nagel+vim@gmail.com>, it's become apparent to me that to have any degree of confidence that none of these options have actually got any plaintext password data in them, we need to disable the options globally when a password file is edited. In particular, in the case of the 'viminfo' global option, it's not possible to disable it per path, and not terribly meaningful either; things like the last seach pattern or the contents of registers, i.e. global state of the editor, are recorded. There's no sensible approach I can see except to actually switch the feature off entirely by blanking it. I've therefore completely rewritten this, to make as thorough a check as possible that the Vim user is editing a pass(1) file by calling `pass edit`, and then to disable the "leaky" options globally, with an explicit warning so that the user can see it's been done. This plugin is also available as Vim script #5707: <https://www.vim.org/scripts/script.php?script_id=5707> Its homepage is here: <https://sanctum.geek.nz/cgit/vim-redact-pass.git/about/>
* passmenu: Don't eat whitespace at beginning/end of passwordDaniel Lublin2017-09-151-1/+1
| | | | | If IFS (Input Field Separator) is not emptied, read will actually strip spaces and tabs at the beginning/end end of the "line".
* emacs: Release version 1.0.1 of Emacs packageSvend Sorensen2017-08-292-5/+10
|
* emacs: --run-async: Quote shell argumentsDamien Cassou2017-08-291-4/+5
| | | | | This is important for filenames with special characters such as spaces and parenthesis.
* emacs: Update author's email addressSvend Sorensen2017-08-291-2/+2
|
* emacs: Fix package-lint violationsSvend Sorensen2017-08-291-2/+3
|
* emacs: Release version 1.0.0 of Emacs packageSvend Sorensen2017-07-262-1/+8
|
* emacs: Use with-editor to wrap "pass edit"Svend Sorensen2017-07-262-9/+17
| | | | | | | Instead of editing the password file directly using Emacs, "pass edit" is run. This allows password-store's git change tracking to work. This adds a dependency on the with-editor Emacs package.
* pwsafe2pass: add importerSam Mason2017-02-251-0/+40
|
* keepassx2pass: port to python3Fabio Zanini2017-02-251-7/+8
|
* keepasss2csv2pass: improve and make more flexibleNathan Sommer2017-02-251-52/+176
| | | | | | | | | | | | | | | - Code is now PEP 8 compliant - Uses argparse module for command line arguments - Prints what it will do and prompts for confirmation before proceeding - Does not put URL and notes fields in the entry unless they are present in the CSV file - Adds a "user" field in the entry - There are now command line arguments for the following: - Exclude specific groups from being imported - Convert groups and names to lowercase - Use the name of the KeePass entry rather than the username as the pass entry name
* 1password2pass: modernizationAlex Dunn2016-12-211-15/+23
|
* dmenu: read likes -rJason A. Donenfeld2016-02-071-1/+1
|
* Moved to webpageJason A. Donenfeld2016-02-061-7/+0
|
* keepass2csv2passDavid Francoeur2016-02-061-0/+62
| | | | The CSV is generated by KeePassX 2.0 on Mac OSX
* passmenu: group commandsJason A. Donenfeld2016-02-061-1/+1
|
* passmenu: Use faster built-inJason A. Donenfeld2016-02-051-1/+1
|
* Add importer for Password Exporter for FirefoxDaniele Pizzolli2016-02-051-0/+181
| | | | | | | | | | | To assist the migration from the default Firefox password store to passff. Add also some basic tests. More info at: - <https://addons.mozilla.org/en-US/firefox/addon/password-exporter> - <https://addons.mozilla.org/en-US/firefox/addon/passff>
* passmenu: don't use awkJason A. Donenfeld2016-02-051-2/+1
| | | | | | | | Prof. Aho always seemed neat, but parsing a script inside a script for the simple purpose of removing the trailing new line seems a bit absurd. So, instead use two processes! One for getting the first line and one for removing the trailing line. Everybody loves more calls to fork(), right?
* keepass2pass.py: Don't import all entries twiceMartin Günther2016-02-051-7/+4
| | | | | | | | | Without this patch, all entries are processed twice: once in the first call to import_group (which recursively processes all entries), then in the following import_group on all subgroups. This leads to spurious warnings ("Duplicate needs merging") and extra text added to each entry.
* emacs: Add defvar for timeout timerPeter Vasil2015-10-271-1/+8
| | | | | Use a defvar for the timeout timer in order to have better control and not starting multiple timers when calling password-store-copy.
* lastpass2pass.rb: Check for nil names/groupingsBrian Tomlinson2015-10-201-3/+3
| | | | | In particular, people were encountering exceptions when `empty?` was called on a `nil` grouping.
* emacs: Guard against "%" in message stringSvend Sorensen2015-09-301-5/+5
| | | | | | | | | | | The output of pass may contain "%", which will cause `message` to throw the error: "Not enough arguments for format string". For example, `pass rename foo bar` outputs: [master c33f7a9] Rename foo to bar. 1 file changed, 0 insertions(+), 0 deletions(-) rename foo.gpg => bar.gpg (100%)
* passmenu: Space to tabsChris Down2015-07-241-2/+2
| | | | It seems this file doesn't use spaces any more.
* passmenu: Only pass first line to xdotoolChris Down2015-07-241-1/+3
| | | | | In 87ec1489fa98, I forgot that some people like to store more than one line in their password files. We should only pass the first line to xdotool.
* passmenu: Read from stdin when using xdotool to type passwordChris Down2015-07-241-1/+1
| | | | | | | This works around a bug in xdotool parsing when encountering quotes, see https://github.com/jordansissel/xdotool/issues/72. Thanks to Gerd Wachsmuth for the report.
* emacs: Make `password-store-password-length' customizableNicolas Petton2015-05-261-3/+10
|
* lastpass importer: more types supported and better checkingRaphaël Droz2015-05-111-3/+7
|
* contrib: add applescript supportSteffen Vogel2015-05-111-0/+92
|
* Add roboform import script.Jason A. Donenfeld2015-05-111-0/+162
|
* Correct permissionsJason A. Donenfeld2015-05-111-0/+0
|
* emacs: Remove dash from Package-RequiresSvend Sorensen2015-03-231-1/+1
|
* emacs: Remove dependency on dashSvend Sorensen2015-03-231-2/+1
| | | | Use delq instead of -reject from the dash package.
* emacs: Use spaces for indentationSvend Sorensen2015-03-221-19/+19
|
* emacs: Separate stdout and stderrSvend Sorensen2015-03-161-5/+10
| | | | | This fixes a problem where gnupg-agent messages would get mixed with the password content.
* Add tejr's scriptJason A. Donenfeld2015-01-151-0/+46
|
* emacs: Quote shell argumentsSvend Sorensen2015-01-081-1/+4
| | | | | Quote shell arguments for insert so that it handles passwords and entry names that contain special characters.
* keepassx2pass: Handle unicodeThibaut Horel2014-09-211-1/+1
|
* revelation2pass: fix import from entries without passwordsDaniel Poelzleithner2014-07-161-1/+4
|
* passmenu: type text with xdotoolJason A. Donenfeld2014-06-292-3/+17
| | | | Suggested-by: Christoph Egger <christoph@christoph-egger.org>
* keepassx2pass: Substitute empty string for NoneAndrew Spiers2014-06-291-1/+4
| | | | | | | | | | | | | | | | | | | | | | If keepassx2pass.py is given an xml file containing passwords with an empty title, like <title></title>, ElementTree.text returns None. This commit substitutes an empty string; which will produce a password with name '_', instead of raising AtttributeError, as shown in this exception:: Traceback (most recent call last): File "contrib/importers/keepassx2pass.py", line 80, in <module> main(sys.argv[1]) File "contrib/importers/keepassx2pass.py", line 77, in main import_group(group) File "contrib/importers/keepassx2pass.py", line 71, in import_group import_entry(entry, npath) File "contrib/importers/keepassx2pass.py", line 58, in import_entry print "Importing " + path_for(element, path) File "contrib/importers/keepassx2pass.py", line 37, in path_for title = cleanTitle(space_to_camelcase(element.find('title').text)) File "contrib/importers/keepassx2pass.py", line 16, in space_to_camelcase for word in value.split(" "): AttributeError: 'NoneType' object has no attribute 'split'
* emacs: Use PASSWORD_STORE_CLIP_TIME env variableSvend Sorensen2014-06-161-4/+7
| | | | | Timeout password after PASSWORD_STORE_CLIP_TIME seconds, if set. Otherwise timeout after 45 seconds. These are the setting used by pass.
* emacs: Use when instead of if/prognSvend Sorensen2014-06-161-5/+4
|
* emacs: Update pass website URLSvend Sorensen2014-06-161-1/+1
|