summaryrefslogtreecommitdiff
path: root/src/password-store.sh (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Check for agent before batch processesJason A. Donenfeld2014-04-151-4/+19
|
* All globals are upper-case.Jason A. Donenfeld2014-04-151-43/+43
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Reorganize entire programJason A. Donenfeld2014-04-151-334/+360
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* find: match without regards to caseJason A. Donenfeld2014-04-151-3/+4
|
* find: add find/search commandJason A. Donenfeld2014-04-151-1/+22
| | | | | | | This relies on a patched version of tree to work, unfortunately. Hopefully upstream will accept our patch. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Use pipefail and randomize intermediate encrypted.1.5Jason A. Donenfeld2014-04-121-2/+4
| | | | | | | | | | | | | | | | | | | | | | Matthew writes: If the initial decrypt fails then the rest of the line shouldn't continue, as it won't be a properly decrypted password being re-encrypted and written over the existing passfile. One solution to this would be to enable pipefail (set -o pipefail) - either just before, or at the start of this script. This would cause the failure of any of the commands in a pipe to set the return status of the whole pipeline to non-zero (the last failed command's return code is used). We take his suggestion with this patch. While we're at it, we take a little bit extra care (though not too much extra care) to select a more random intermediate password, in case folks have a strange habit of using a dot-new extension on files. Suggested-by: Matthew Richardson <m.richardson@ed.ac.uk> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Fix GPG spelling.Jason A. Donenfeld2014-04-051-1/+1
|
* Use heredoc for unset error.Jason A. Donenfeld2014-03-231-4/+6
| | | | Suggested-by: Tom Vincent <pass@tlvince.com>
* umask: allow overridableJason A. Donenfeld2014-03-231-1/+1
| | | | Suggested-by: Matthew Richardson <m.richardson@ed.ac.uk>
* Heredoc refresh.Jason A. Donenfeld2014-03-231-43/+45
|
* clip: wait longer for slow systemsJason A. Donenfeld2014-03-231-1/+1
|
* gpg: allow the use of gpg1 with or without agentJason A. Donenfeld2014-03-221-10/+15
| | | | Suggested-by: Matthieu Weber <mweber@free.fr>
* clip: rename SELECTION to X_SELECTIONJason A. Donenfeld2014-03-221-5/+5
|
* Version bump ahead of release.Jason A. Donenfeld2014-03-221-1/+1
|
* clip: suppress kill errorJason A. Donenfeld2014-03-221-1/+1
|
* clip: use pkill instead of procJason A. Donenfeld2014-03-221-1/+1
|
* Prefer bash parameter expansion over basename(1)Tom Vincent2014-03-201-1/+1
|
* Fix argument order for mktempjbeta2014-03-201-2/+2
| | | | | mktemp expects all options before a template. This prevented the temporary file for "pass edit" mode from being created in /dev/shm.
* Configurable clipboard time.Jason A. Donenfeld2014-03-201-4/+5
|
* Allow selection to be overriden by $SELECTIONJason A. Donenfeld2014-03-201-4/+5
| | | | | | Some users want to use a different clipboard for pass. Suggested-by: nand <nand@nand.wakku.to>
* git: sign commits if enabledJason A. Donenfeld2014-03-201-1/+2
|
* clip: don't race between pass instances in restoreJason A. Donenfeld2014-03-201-2/+4
| | | | | | | We now make sure a previous pass clip restore finishes immediately when copying another password to the clipboard. This is currently only implemented on Linux.
* Style.Jason A. Donenfeld2014-03-201-3/+1
|
* Simplify exports.Jason A. Donenfeld2014-03-191-4/+3
|
* Copyright noticeJason A. Donenfeld2014-03-191-1/+1
|
* Team pass: enable multiple keys and per directoryJason A. Donenfeld2014-03-191-34/+63
| | | | | | | | | | The .gpg-id file may now have multiple keys in it, one per line. If a .gpg-id file exists inside a subdirectory, passwords inside that directory are encrypted to that/those ids. The init command has learned a -p/--path option for writing such a sub directory .gpg-id and now can take several arguments for ids.
* Shred shm files.Jason A. Donenfeld2014-03-181-1/+2
|
* Do not compress passwords.Jason A. Donenfeld2014-03-181-1/+1
| | | | | | | | | | | According to a forthcoming paper by Alfredo Pironti, OpenPGP compression can reveal entropy levels. We thus disable compression. Existing password stores can be reencrypted without compression using the "--reencrypt" flag for "init". Reported-by: Alfredo Pironti <alfredo.pironti@inria.fr> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* Use a glob in the pattern match instead of using two comparisons for [yY].Chris Down2013-09-141-1/+1
|
* Rephrase awkward/confusing message about enabling echo during password entry.Chris Down2013-09-141-3/+3
|
* Fix directory traversal for reencryption when $PREFIX is a symlinkBrian Shore2013-09-141-1/+1
|
* check if a passfile exists before checking for directoryBrian Mattern2013-05-221-13/+12
|
* Simplify sed to not use replacement.Jason A. Donenfeld2013-04-041-1/+1
|
* Tree should follow symlinks.Marvin Killing2013-02-231-1/+1
| | | | Make show/ls/list follow links by passing -l to tree.
* Bump version.Jason A. Donenfeld2012-10-181-1/+1
|
* Do not interpret backslashes when reading passwordsguns2012-10-171-4/+4
| | | | | | | | | | | | | | | | | The `read` builtin accepts backslash notation for common non-printing characters by default, like `\t` and `\n`. This requires that any literal backslashes must also be escaped as `\\`. Given that `gpg -e` does not interpret input, the `read` invocations are changed to do the same. Also, the right hand side of an `==` comparison within `[[ ]]` must be quoted in order to suppress pattern metacharacter expansion. Quoting the bash manual: When the == and != operators are used, the string to the right of the operator is considered a pattern and matched according to the rules described below under Pattern Matching.
* Restore exclusivity of options in multiline/echo check.Jason A. Donenfeld2012-10-091-1/+1
|
* Trim trailing slash in tree display.Jason A. Donenfeld2012-10-051-1/+1
|
* Make --no-echo default, and rename to --echo.Jason A. Donenfeld2012-10-031-8/+8
| | | | Reported-by: Paul Wise <pabs@debian.org>
* Check error code of gpg before copying to clipboard.1.4.1Jason A. Donenfeld2012-09-301-1/+3
|
* Explicitly use gpg2 rather than relying on symlink.Jason A. Donenfeld2012-09-301-10/+9
|
* Style fixes.1.4Jason A. Donenfeld2012-09-241-1/+2
|
* Normalize negation and bashism.Jason A. Donenfeld2012-09-221-7/+7
|
* Fix directory removal.Jason A. Donenfeld2012-09-221-5/+8
|
* Add man page comment to usage message.Jason A. Donenfeld2012-09-221-0/+2
|
* Bump version to 1.4.Jason A. Donenfeld2012-09-221-1/+1
|
* Normalize copyright headers.Jason A. Donenfeld2012-09-221-2/+2
|
* Allow git repo to be elsewhere via env var.Jason A. Donenfeld2012-09-221-2/+2
|
* Add support for PASSWORD_STORE_KEY env var.Jason A. Donenfeld2012-09-211-1/+3
|
* Add option to init to reencrypt all passwords.Jason A. Donenfeld2012-09-211-2/+22
| | | | Reported-by: Simon KP <si@eskp.net>