commit - 4851eeb93b663c97ff3884a93d36bdc6e77fe73e
commit + b501f1d9144a3f3d2dc0afb91d96bc612fb8b6b9
blob - 68d79c963f04d9b580bdc76e05ba6245fea11974
blob + c78f78602562e188f4aaca934e7b1e380ba4f7f1
--- secstore
+++ secstore
# Encrypt the secret from stdin, and store the ciphertext in file specified
# on the command line.
sub secstore_add {
- our ($opt_N, $opt_f, $opt_n) = (0, 0, 0);
+ our $opt_f = 0;
my ($cmd, $sec) = ($ENV{SECSTORE_ENCCMD} // 'gpg -e --', '');
local *usage = sub {
- die "usage: secstore add [-Nfn] name\n";
+ die "usage: secstore add [-f] name\n";
};
- getopts('Nfn') && scalar(@ARGV) == 1 or usage();
+ getopts('f') && scalar(@ARGV) == 1 or usage();
my $outfile = $ARGV[0];
ckpath $outfile or die "bad path: $outfile\n";
print "Repeat:";
my $sec2 = <TTY>;
print "\n";
- if ($opt_n && !$opt_N) {
- chomp $sec;
- chomp $sec2;
- }
+ chomp $sec;
+ chomp $sec2;
system "stty echo";
close TTY;
while (<STDIN>) { $sec .= $_; }
}
+ $sec .= "\n" if $sec !~ tr/\n$//;
my $pid = open2(my $reader, my $writer, $cmd);
print $writer $sec;
undef $sec;
# get: decrypt file, and return plaintext.
sub get {
- my ($Nflag, $nflag, $file) = @_;
+ my $file = shift;
my $cmd = $ENV{SECSTORE_DECCMD} // "gpg -dq --";
ckpath $file or die "bad path: $file\n";
while (<$cmdreader>) { $out .= $_; }
waitpid $pid, 0;
$? == 0 or exit 1;
- chomp($out) if ($nflag && !$Nflag);
return $out;
}
# secstore_print: decrypt file, and print plaintext to stdout.
sub secstore_print {
- our ($opt_N, $opt_n);
local *usage = sub {
- die "usage: secstore print [-Nn] name ...";
+ die "usage: secstore print name ...";
};
- getopts('Nn') && scalar(@ARGV) == 1 or usage();
- print(get($opt_N, $opt_n, $ARGV[0]));
+ scalar(@ARGV) == 1 or usage();
+ print(get($ARGV[0]));
}
# copy: decrypt file, and copy to SECSTORE_COPY_INCMD, delete with
our ($opt_N, $opt_n, $opt_d, $opt_i, $opt_o, $opt_s);
local *usage = sub {
die
-"usage: secstore copy [-Nn] [-d delcmd] [-i incmd] [-o outcmd] [-s sleeptime]\n" .
-" name\n"
+"usage: secstore copy [-d delcmd] [-i incmd] [-o outcmd] [-s sleeptime] name\n"
};
- getopts('Nnd:i:o:s:') && scalar(@ARGV) == 1 or usage();
+ getopts('d:i:o:s:') && scalar(@ARGV) == 1 or usage();
my $delcmd = $opt_d // $ENV{SECSTORE_COPY_DELCMD} // "xclip </dev/null";
my $incmd = $opt_i // $ENV{SECSTORE_COPY_INCMD} // "xclip";
my $outcmd = $opt_o // $ENV{SECSTORE_COPY_OUTCMD} // "xclip -o";
my $sleep = $opt_s // $ENV{SECSTORE_COPY_SLEEP} // 60;
- my $pw = get $opt_N, $opt_n, $ARGV[0];
+ my $sec = get $ARGV[0];
+ chomp $sec;
# This is a huge cludge. The reason we have to do copying inside a detached
# process is because otherwise the following doesn't work (assuming xclip):
# $ tmux popup -E 'GPG_TTY=`tty` isecstore' && sleep 1 && xclip -o
my $pid = fork();
if (not defined $pid) {
- $pw = '';
+ $sec = '';
die "Fork failed: $!\n";
} elsif ($pid == 0) {
POSIX::setsid();
open(FH, "|-", $incmd) or
die "Could not open command '$incmd': $!\n";
- print FH $pw;
+ print FH $sec;
close FH;
if ($? != 0) {
system $delcmd;
exit 0;
}
- $pw = sha256 $pw;
+ $sec = sha256 $sec;
$pid = fork();
if (not defined $pid) {
system $delcmd;
POSIX::setsid();
sleep $sleep;
system($delcmd) if
- (sha256(`$outcmd`) eq $pw);
+ (sha256(`$outcmd`) eq $sec);
}
} else {
- $pw = '';
+ $sec = '';
waitpid $pid, 0;
exit $?;
}