summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorSilvio Rhatto <rhatto@riseup.net>2014-05-16 16:46:54 -0300
committerSilvio Rhatto <rhatto@riseup.net>2014-05-16 16:46:54 -0300
commiteae903f8a412ced8dfa0454b658f0305eb1971f7 (patch)
tree26ed0eb9ab0ff54a70d6252dd35ca7f7e5cb5e6a /lib
parent778cab6307cf870d7913aea9a2afcdb68594155e (diff)
parent4edea3d52e0c04651508fba9bae6ed0d81ccaa01 (diff)
downloadkeyringer-eae903f8a412ced8dfa0454b658f0305eb1971f7.tar.gz
keyringer-eae903f8a412ced8dfa0454b658f0305eb1971f7.tar.bz2
Merge branch 'release/0.3.4'
Diffstat (limited to 'lib')
-rwxr-xr-xlib/keyringer/actions/edit21
-rwxr-xr-xlib/keyringer/actions/encrypt4
-rwxr-xr-xlib/keyringer/actions/find2
-rwxr-xr-xlib/keyringer/functions4
4 files changed, 24 insertions, 7 deletions
diff --git a/lib/keyringer/actions/edit b/lib/keyringer/actions/edit
index ff220a1..3ccf977 100755
--- a/lib/keyringer/actions/edit
+++ b/lib/keyringer/actions/edit
@@ -38,12 +38,27 @@ fi
# Prompt
echo "Press any key to open the decrypted data with $APP, Ctrl-C to abort"
-echo "WARNING: please make sure that $APP doesn't leak data to external applications os files"
-read key
+echo "WARNING: please make sure that $APP doesn't leak data to external applications or files"
+echo "Press ENTER to continue"
+read -s key
$APP "$TMPWORK"
+# Wait for background process to finish
+wait
+
+# Workaround for some applications running in client/server mode, handling open file requests
+# to a daemon and exiting immediatelly, making keyringer guess the editing is over and the file
+# must be encrypted again (See #49).
+#
+# Thus, we cannot just wipe the file and exit keyringer, as the user might have a buffered copy
+# of the unencrypted file in the application, which can lead to information leakage if the user
+# saves the file and leaves the editor.
+echo "Press any key when done using the file and you're sure that $APP is closed."
+read -s -n 1
+
# Encrypt again
-$GPG --yes -o "$KEYDIR/$FILE" --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE") "$TMPWORK"
+export KEYRINGER_ADD_EXTENSION=false
+keyringer_exec encrypt "$BASEDIR" "$FILE" "$TMPWORK"
# Check exit status
errcrypt="$?"
diff --git a/lib/keyringer/actions/encrypt b/lib/keyringer/actions/encrypt
index e9bf453..7415267 100755
--- a/lib/keyringer/actions/encrypt
+++ b/lib/keyringer/actions/encrypt
@@ -57,9 +57,11 @@ if [ ! -z "$3" ]; then
#
# Useful when opening files and the application needs the
# extension to guess the file type.
- if ! echo $BASEPATH | grep -q -e "\.$EXTENSION$"; then
+ if [ "$KEYRINGER_ADD_EXTENSION" != "false" ] && ! echo $BASEPATH | grep -q -e "\.$EXTENSION$"; then
echo "Appending '$EXTENSION' into secret name..."
FILE="$BASEPATH.$EXTENSION"
+ else
+ FILE="$BASEPATH"
fi
else
FILE="$BASEPATH"
diff --git a/lib/keyringer/actions/find b/lib/keyringer/actions/find
index 21afc7a..9b18d66 100755
--- a/lib/keyringer/actions/find
+++ b/lib/keyringer/actions/find
@@ -15,5 +15,5 @@ shift
ARGS="`echo "$*" | sed -e "s|^/*||"`"
# Run find command
-cd "$KEYDIR/$RELATIVE_PATH" && find -iname "*$ARGS*" | sed -e 's|^./||g'
+cd "$KEYDIR/$RELATIVE_PATH" && find | grep -i "$ARGS" | sed -e 's|^./||g'
cd "$CWD"
diff --git a/lib/keyringer/functions b/lib/keyringer/functions
index ad18f44..50d01db 100755
--- a/lib/keyringer/functions
+++ b/lib/keyringer/functions
@@ -287,7 +287,7 @@ function keyringer_set_env {
# Avoid viminfo, see https://keyringer.pw/trac/ticket/50
if $EDITOR --help | grep -q -e "^VIM"; then
if ! echo $EDITOR | grep -q -- "-i NONE"; then
- EDITOR="$EDITOR -i NONE"
+ EDITOR="$EDITOR -i NONE '+set nowritebackup' '+set nobackup'"
fi
fi
@@ -436,7 +436,7 @@ function keyringer_get_file {
elif [ ! -f "$KEYDIR/$FILE" ]; then
# Try to find a similar file
count=0
- candidates=(`keyringer_exec find "$BASEDIR" "$1*.asc"`)
+ candidates=(`keyringer_exec find "$BASEDIR" | grep -i "$1" | grep -e '.asc$'`)
if [ ! -z "$candidates" ]; then
echo "Could not find exact match for \"$1\", please choose one of the following secrets:"