From 8716a11be21613cb5751723fe6ea95542ed1c986 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Tue, 20 May 2014 12:39:53 -0300 Subject: Makefile: set correct modes for editor configurations --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 96742fc..cce55fd 100644 --- a/Makefile +++ b/Makefile @@ -27,7 +27,7 @@ install_lib: $(INSTALL) -D --mode=0755 -d lib/keyringer/actions $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions $(INSTALL) -D --mode=0755 lib/keyringer/actions/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions $(INSTALL) -D --mode=0755 -d lib/keyringer/editors $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors - $(INSTALL) -D --mode=0755 lib/keyringer/editors/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors + $(INSTALL) -D --mode=0644 lib/keyringer/editors/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors install_bin: $(INSTALL) -D --mode=0755 keyringer $(DESTDIR)/$(PREFIX)/bin/keyringer -- cgit v1.2.3 From 7c35a05b8557beb825e682675e3bfd6c53175201 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 11 Jun 2014 17:59:59 -0300 Subject: Use local tarballs folder by default --- .gitignore | 1 + Makefile | 18 ++++++++++-------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 814194e..55c4e77 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,5 @@ debian/keyringer debian/files debian/files debian/keyringer.substvars +tarballs .pc diff --git a/Makefile b/Makefile index cce55fd..c1e50e9 100644 --- a/Makefile +++ b/Makefile @@ -14,10 +14,11 @@ # Place - Suite 330, Boston, MA 02111-1307, USA # -PACKAGE = keyringer -VERSION = $(shell ./keyringer | head -n 1 | cut -d ' ' -f 2) -PREFIX ?= /usr/local -INSTALL = /usr/bin/install +PACKAGE = keyringer +VERSION = $(shell ./keyringer | head -n 1 | cut -d ' ' -f 2) +PREFIX ?= /usr/local +ARCHIVE ?= tarballs +INSTALL = /usr/bin/install clean: find . -name *~ | xargs rm -f # clean local backups @@ -53,7 +54,8 @@ build_man: sed -i -e 's/--/\\-\\-/g' share/man/keyringer.1 tarball: - git archive --prefix=keyringer-$(VERSION)/ --format=tar HEAD | bzip2 >../tarballs/keyringer-$(VERSION).tar.bz2 + mkdir -p $(ARCHIVE) + git archive --prefix=keyringer-$(VERSION)/ --format=tar HEAD | bzip2 > $(ARCHIVE)/keyringer-$(VERSION).tar.bz2 release: @make build_man @@ -65,8 +67,8 @@ release: git flow release finish -s $(VERSION) git checkout master @make tarball - gpg --use-agent --armor --detach-sign --output ../tarballs/keyringer-$(VERSION).tar.bz2.asc ../tarballs/keyringer-$(VERSION).tar.bz2 - scp ../tarballs/keyringer-$(VERSION).tar.bz2* keyringer:/var/sites/keyringer/releases/ + gpg --use-agent --armor --detach-sign --output $(ARCHIVE)/keyringer-$(VERSION).tar.bz2.asc $(ARCHIVE)/keyringer-$(VERSION).tar.bz2 + scp $(ARCHIVE)/keyringer-$(VERSION).tar.bz2* keyringer:/var/sites/keyringer/releases/ # We're doing tagging afterwards: # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=568375 #git tag -s $(VERSION) -m "Keyringer $(VERSION)" @@ -74,7 +76,7 @@ release: debian: git checkout debian - git-import-orig --upstream-vcs-tag=$(VERSION) ../tarballs/keyringer-$(VERSION).tar.bz2 + git-import-orig --upstream-vcs-tag=$(VERSION) $(ARCHIVE)/keyringer-$(VERSION).tar.bz2 # Fine tune debian/changelog prepared by git-dch dch -e git commit -a -m "Updating debian/changelog" -- cgit v1.2.3 From f51408e892c350bf8204b8180424b8d6f4bd0f0c Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sun, 6 Jul 2014 14:28:34 -0300 Subject: Reset 'expiry' on keyringer_check_expiration (closes #62) --- ChangeLog | 5 +++++ lib/keyringer/functions | 1 + 2 files changed, 6 insertions(+) diff --git a/ChangeLog b/ChangeLog index 3ded1f5..04cac73 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2014-07-06 - Silvio Rhatto + + Reset 'expiry' on keyringer_check_expiration, reported and fixed + by Jamie (closes #62) + 2014-05-20 - 0.3.6 - Silvio Rhatto Makefile fix diff --git a/lib/keyringer/functions b/lib/keyringer/functions index fdd8439..0360bb4 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -715,6 +715,7 @@ function keyringer_check_expiration { fi # Check the subkeys + expiry="" for expiry in `gpg --with-colons --fixed-list-mode --list-keys "$recipient" | grep ^sub | cut -d : -f 7`; do if [[ "$seconds" -lt "$expiry" ]]; then not_expired="1" -- cgit v1.2.3 From e8de5a2de78432768b623ea77c620a3a179a7b5f Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 13 Aug 2014 13:04:17 -0300 Subject: Limitations: clipboard and stdout --- share/man/keyringer.1.mdwn | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index 407baaa..cb0c6ba 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -284,6 +284,13 @@ Keyringer currently has the following limitations: so be careful when decrypting secrets and writing them to the disk or other storage media. + Pay special attention that keyringer outputs data to stdout, which could + be easilly spotted by any agent looking directly at you computer screen. + + The xclip action even copies secret data to the X11 clipboard, which can + be accessed by any application running in the user's X11 session, so use + this feature carefully. + # SEE ALSO The *README* file distributed with Keyringer contains full documentation. -- cgit v1.2.3 From cb21ca66b5b3eface2e51914801a54cb1ccb8233 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 16 Aug 2014 17:30:11 -0300 Subject: New action 'cp' --- ChangeLog | 4 +++- share/man/keyringer.1.mdwn | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 04cac73..87bf35f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ -2014-07-06 - Silvio Rhatto +2014-08-16 - Silvio Rhatto + + New 'cp' action Reset 'expiry' on keyringer_check_expiration, reported and fixed by Jamie (closes #62) diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index cb0c6ba..af098a3 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -128,6 +128,9 @@ del <*secret*> rm <*secret*> : Alias for *del* action. +cp <*secret*> <*dest*> +: Copy a secret. + mv <*secret*> <*dest*> : Rename a secret. -- cgit v1.2.3 From 20125ba1c35ee8bceb0e3ea1ab9c3b6017b11aa1 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 16 Aug 2014 20:10:22 -0300 Subject: New action 'cp' (2) --- lib/keyringer/actions/cp | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100755 lib/keyringer/actions/cp diff --git a/lib/keyringer/actions/cp b/lib/keyringer/actions/cp new file mode 100755 index 0000000..0629b61 --- /dev/null +++ b/lib/keyringer/actions/cp @@ -0,0 +1,33 @@ +#!/bin/bash +# +# Copy secrets. +# + +# Load functions +LIB="`dirname $0`/../functions" +source "$LIB" || exit 1 + +# Aditional parameters +CWD="`pwd`" + +# Avoid leading slash +ORIG="$(keyringer_filename `echo "$2" | sed -e "s|^/*||"`)" +DEST="`echo "$3" | sed -e "s|^/*||"`" + +# Set destination +if [ ! -d "$KEYDIR/$RELATIVE_PATH/$DEST" ]; then + keyringer_get_new_file $DEST +else + FILE="$DEST" +fi + +# Check if secret exists +if ! echo "$ORIG" | grep -q '*' && [ ! -e "$KEYDIR/$RELATIVE_PATH/$ORIG" ]; then + echo "Secret not found: $ORIG" + exit 1 +fi + +# Run move command +cd "$KEYDIR" && cp -a "./$RELATIVE_PATH/$ORIG" "./$FILE" +keyringer_exec git "$BASEDIR" add "keys/$FILE" +cd "$CWD" -- cgit v1.2.3 From f63b965d14466197240a207509bddb9f204d64bc Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 16 Aug 2014 20:25:01 -0300 Subject: Removing trailing spaces --- lib/keyringer/functions | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/keyringer/functions b/lib/keyringer/functions index 0360bb4..5dbb6b4 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -72,7 +72,7 @@ function keyringer_exec { action="$1" basedir="$2" shift 2 - + # Dispatch if keyringer_has_action "$action"; then "$ACTIONS/$action" "$basedir" $* @@ -171,7 +171,7 @@ function keyringer_set_tmpfile { else TMPWORK="$(mktemp "$template")" fi - + if [ "$?" != "0" ]; then printf "Error: can't set TMPWORK %s\n" "$TMPWORK" exit 1 @@ -250,7 +250,7 @@ function keyringer_git_ignore { function keyringer_set_env { if [ -z "$1" ]; then echo "Error: missing arguments for keyringer_set_env" - exit 1 + exit 1 fi ACTIONS="`dirname $0`" @@ -429,7 +429,7 @@ function keyringer_get_option { # Get a file argument function keyringer_get_file { FILE="$(keyringer_filename "$RELATIVE_PATH/$1")" - + if [ -z "$FILE" ]; then keyringer_action_usage exit 1 -- cgit v1.2.3 From df97a807e2c13a5d020d72f07058904b60f19cfd Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 16 Aug 2014 20:31:47 -0300 Subject: Edit: Unset RELATIVE_PATH before encrypting file --- ChangeLog | 2 ++ lib/keyringer/actions/edit | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 87bf35f..e9be9aa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 2014-08-16 - Silvio Rhatto + Edit: Unset RELATIVE_PATH before encrypting file + New 'cp' action Reset 'expiry' on keyringer_check_expiration, reported and fixed diff --git a/lib/keyringer/actions/edit b/lib/keyringer/actions/edit index a5f14d4..c9f3f12 100755 --- a/lib/keyringer/actions/edit +++ b/lib/keyringer/actions/edit @@ -59,9 +59,9 @@ wait echo "Press any key when done using the file and you're sure that $APPNAME is closed." read -s -n 1 -# Encrypt again +# Encrypt again. Unset RELATIVE_PATH as it was already used to determine FILE path export KEYRINGER_ADD_EXTENSION=false -keyringer_exec encrypt "$BASEDIR" "$FILE" "$TMPWORK" +RELATIVE_PATH="" keyringer_exec encrypt "$BASEDIR" "$FILE" "$TMPWORK" # Check exit status errcrypt="$?" -- cgit v1.2.3 From bfd718703aac6fe706ee751f232b0e80601913d1 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 15:04:52 -0300 Subject: Moving editors' files to shared folder --- Makefile | 4 ++-- keyringer | 24 +++++++++++++++++------- lib/keyringer/editors/vim | 5 ----- lib/keyringer/functions | 2 +- share/keyringer/editors/vim | 5 +++++ 5 files changed, 25 insertions(+), 15 deletions(-) delete mode 100644 lib/keyringer/editors/vim create mode 100644 share/keyringer/editors/vim diff --git a/Makefile b/Makefile index c1e50e9..07513f2 100644 --- a/Makefile +++ b/Makefile @@ -27,8 +27,8 @@ install_lib: $(INSTALL) -D --mode=0755 lib/keyringer/functions $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/functions $(INSTALL) -D --mode=0755 -d lib/keyringer/actions $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions $(INSTALL) -D --mode=0755 lib/keyringer/actions/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions - $(INSTALL) -D --mode=0755 -d lib/keyringer/editors $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors - $(INSTALL) -D --mode=0644 lib/keyringer/editors/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors + $(INSTALL) -D --mode=0755 -d share/keyringer/editors $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors + $(INSTALL) -D --mode=0644 share/keyringer/editors/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors install_bin: $(INSTALL) -D --mode=0755 keyringer $(DESTDIR)/$(PREFIX)/bin/keyringer diff --git a/keyringer b/keyringer index b8edc8e..a32f15b 100755 --- a/keyringer +++ b/keyringer @@ -149,13 +149,6 @@ ACTION="$2" # Turn off pathname expansion so expansion can work properly set -f -# Export globals for other scripts -export PREFERENCES="`dirname $CONFIG`/$KEYRING" -export KEYRINGER_VERSION -export CONFIG_VERSION -export KEYRING -export CONFIG - # Set functions location if [ -e "`dirname $(readlink -f $0)`/lib/$NAME/functions" ]; then # Development or local installation layout @@ -165,6 +158,15 @@ else LIB="`dirname $(readlink -f $0)`/../lib/$NAME/functions" fi +# Set shared files location +if [ -e "`dirname $(readlink -f $0)`/share/$NAME" ]; then + # Development or local installation layout + SHARE="`dirname $(readlink -f $0)`/share/$NAME" +else + # System installation layout + SHARE="`dirname $(readlink -f $0)`/../share/$NAME" +fi + # Set actions location if [ -e "`dirname $(readlink -f $0)`/lib/$NAME/actions" ]; then # Development or local installation layout @@ -174,6 +176,14 @@ else ACTIONS="`dirname $(readlink -f $0)`/../lib/$NAME/actions" fi +# Export globals for other scripts +export PREFERENCES="`dirname $CONFIG`/$KEYRING" +export KEYRINGER_VERSION +export CONFIG_VERSION +export KEYRING +export CONFIG +export SHARE + # Load functions source "$LIB" || exit 1 diff --git a/lib/keyringer/editors/vim b/lib/keyringer/editors/vim deleted file mode 100644 index 0f877df..0000000 --- a/lib/keyringer/editors/vim +++ /dev/null @@ -1,5 +0,0 @@ -" Use sane defaults for VIM to avoid data leakage -" See https://keyringer.pw/trac/ticket/50 -set nowritebackup -set nobackup -set viminfo="NONE" diff --git a/lib/keyringer/functions b/lib/keyringer/functions index 5dbb6b4..42c047d 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -287,7 +287,7 @@ function keyringer_set_env { # Avoid viminfo, see https://keyringer.pw/trac/ticket/50 if $EDITOR --help | grep -q -e "^VIM"; then if ! echo $EDITOR | grep -q -- "-i NONE"; then - EDITOR="$EDITOR -S `dirname $LIB`/editors/vim" + EDITOR="$EDITOR -S $SHARE/editors/vim" fi fi diff --git a/share/keyringer/editors/vim b/share/keyringer/editors/vim new file mode 100644 index 0000000..0f877df --- /dev/null +++ b/share/keyringer/editors/vim @@ -0,0 +1,5 @@ +" Use sane defaults for VIM to avoid data leakage +" See https://keyringer.pw/trac/ticket/50 +set nowritebackup +set nobackup +set viminfo="NONE" -- cgit v1.2.3 From 6ae4c3884701f31edbf84666a7b1b76dc01a1068 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 15:37:06 -0300 Subject: Shell completions: fix handling of keyrings with '-' in their names --- ChangeLog | 4 +++- lib/keyringer/completions/bash/keyringer | 3 +-- lib/keyringer/completions/zsh/_keyringer | 3 +-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index e9be9aa..0905d9f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ -2014-08-16 - Silvio Rhatto +2014-08-21 - Silvio Rhatto + + Shell completions: fix handling of keyrings with '-' in their names Edit: Unset RELATIVE_PATH before encrypting file diff --git a/lib/keyringer/completions/bash/keyringer b/lib/keyringer/completions/bash/keyringer index 0f2cb2b..b638418 100644 --- a/lib/keyringer/completions/bash/keyringer +++ b/lib/keyringer/completions/bash/keyringer @@ -69,7 +69,6 @@ _keyringer() { fi # Process config - source $config/config keyrings="`ls --color=never $config | sed -e '/^config$/d' | xargs`" # Available instances @@ -77,7 +76,7 @@ _keyringer() { # The current instance instance="${COMP_WORDS[1]}" - path="`eval echo '$'$instance`" + path="`grep -e "^$instance=" "$config/config" | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'`" # Command completions if [ "${#COMP_WORDS[@]}" == "2" ]; then diff --git a/lib/keyringer/completions/zsh/_keyringer b/lib/keyringer/completions/zsh/_keyringer index b4ccdd4..6142949 100644 --- a/lib/keyringer/completions/zsh/_keyringer +++ b/lib/keyringer/completions/zsh/_keyringer @@ -19,9 +19,8 @@ _keyringer() { fi # Process config - source $config/config local keyrings="`ls --color=never $config | sed -e '/^config$/d' | xargs`" - local keyring_path="`eval echo '$'$words[2]`" + local keyring_path="`grep -e "^$words[2]=" "$config/config" | tail -n 1 | cut -d = -f 2 | sed -e 's/"//g' -e "s/'//g" | sed -e 's/ *#.*$//'`" local instances="`echo $keyrings | sed -e 's/ /$\\\|^/g' -e 's/^/^/' -e 's/$/$/'`" _arguments \ -- cgit v1.2.3 From b3c2760b06af98eb47db82dfdc9cc0f6d8075c86 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 16:43:46 -0300 Subject: Minor zsh completion fixes --- ChangeLog | 1 + lib/keyringer/completions/zsh/_keyringer | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0905d9f..e741030 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,7 @@ 2014-08-21 - Silvio Rhatto Shell completions: fix handling of keyrings with '-' in their names + and minor zsh fixes. Edit: Unset RELATIVE_PATH before encrypting file diff --git a/lib/keyringer/completions/zsh/_keyringer b/lib/keyringer/completions/zsh/_keyringer index 6142949..bd08a8c 100644 --- a/lib/keyringer/completions/zsh/_keyringer +++ b/lib/keyringer/completions/zsh/_keyringer @@ -70,7 +70,7 @@ _keyringer() { case "$words[3]" in recipients) words[5]="$(echo $words[5] | sed -e "s|^/||")" # TODO: avoid leading slash - compadd "$@" $(cd $keyring_path/config/recipients && ls --color=never -p $words[5]'*' 2> /dev/null) + compadd "$@" $(cd $keyring_path/config/recipients && ls --color=never -p $words[5]* 2> /dev/null) ;; genpair) words[5]="$(echo $words[5] | sed -e "s|^/||")" # TODO: avoid leading slash @@ -87,7 +87,7 @@ _keyringer() { esac ;; *) - if [ $words[3] == "git" ]; then + if [[ $words[3] == "git" ]]; then # TODO true fi -- cgit v1.2.3 From 50c8eac52ededab3bc52db3d0d03f0b8aeef8e86 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 17:02:44 -0300 Subject: Shell completions: use KEYRINGER_CHECK_RECIPIENTS=false to avoid fatal errors --- ChangeLog | 6 +++++- lib/keyringer/completions/bash/keyringer | 6 +++--- lib/keyringer/completions/zsh/_keyringer | 6 +++--- 3 files changed, 11 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index e741030..9a2475a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,7 +1,11 @@ 2014-08-21 - Silvio Rhatto + Shell completions: use KEYRINGER_CHECK_RECIPIENTS=false to avoid + fatal errors + + Shell completions: minor zsh fixes + Shell completions: fix handling of keyrings with '-' in their names - and minor zsh fixes. Edit: Unset RELATIVE_PATH before encrypting file diff --git a/lib/keyringer/completions/bash/keyringer b/lib/keyringer/completions/bash/keyringer index b638418..27cf919 100644 --- a/lib/keyringer/completions/bash/keyringer +++ b/lib/keyringer/completions/bash/keyringer @@ -82,7 +82,7 @@ _keyringer() { if [ "${#COMP_WORDS[@]}" == "2" ]; then opts="$keyrings" elif [ "${#COMP_WORDS[@]}" == "3" ] && echo "${prev}" | grep -qe "$instances"; then - opts="`export KEYRINGER_CHECK_VERSION=false && keyringer $instance commands`" + opts="`export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance commands`" elif [ "${#COMP_WORDS[@]}" == "3" ]; then opts="init" elif [ "${#COMP_WORDS[@]}" == "4" ]; then @@ -95,7 +95,7 @@ _keyringer() { ;; ls|tree|mkdir|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|find) cur="`echo ${cur} | sed -e "s|^/*||"`" # avoid leading slash - opts="$(bash -c "set -f && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)" + opts="$(bash -c "set -f && export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)" ;; genpair) opts="gpg ssh ssl ssl-self" @@ -118,7 +118,7 @@ _keyringer() { ;; genpair) cur="`echo ${cur} | sed -e "s|^/*||"`" # avoid leading slash - opts="$(bash -c "set -f && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)" + opts="$(bash -c "set -f && export KEYRINGER_CHECK_RECIPIENTS=false && export KEYRINGER_CHECK_VERSION=false && keyringer $instance ls -p -d ${cur}*" 2> /dev/null)" ;; git) # TODO diff --git a/lib/keyringer/completions/zsh/_keyringer b/lib/keyringer/completions/zsh/_keyringer index bd08a8c..ab95c3d 100644 --- a/lib/keyringer/completions/zsh/_keyringer +++ b/lib/keyringer/completions/zsh/_keyringer @@ -36,7 +36,7 @@ _keyringer() { ;; action) if echo $words[2] | grep -qe "$instances"; then - compadd "$@" `KEYRINGER_CHECK_VERSION=false keyringer $words[2] commands` + compadd "$@" `KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] commands` else compadd "$@" "init" fi @@ -51,7 +51,7 @@ _keyringer() { ;; ls|tree|mkdir|encrypt|encrypt-batch|decrypt|edit|append|append-batch|del|rm|recrypt|open|clip|xclip|find) words[4]="`echo $words[4] | sed -e "s|^/*||"`" # avoid leading slash - compadd "$@" $(KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[4]'*' 2> /dev/null) + compadd "$@" $(KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[4]'*' 2> /dev/null) ;; genpair) compadd "$@" gpg ssh ssl ssl-self @@ -74,7 +74,7 @@ _keyringer() { ;; genpair) words[5]="$(echo $words[5] | sed -e "s|^/||")" # TODO: avoid leading slash - compadd "$@" $(KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[5]'*' 2> /dev/null) + compadd "$@" $(KEYRINGER_CHECK_RECIPIENTS=false KEYRINGER_CHECK_VERSION=false keyringer $words[2] ls -p -d $words[5]'*' 2> /dev/null) ;; git) compadd "$@" $(_keyringer_git_complete $words[4] $words[5]) -- cgit v1.2.3 From 5863d0315e3ceffb442056383346fca0809f47ee Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 17:13:38 -0300 Subject: Init: just set git user/mail if needed --- keyringer | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/keyringer b/keyringer index a32f15b..b5251b9 100755 --- a/keyringer +++ b/keyringer @@ -106,8 +106,10 @@ function keyringer_init { keyringer_git_ignore 'tmp/*' # Git configuration - git config user.email "$email" - git config user.name "$name" + if [ ! -z "$email" ]; then + git config user.email "$email" + git config user.name "$name" + fi # Edit default recipients echo "Now you have to edit the default recipient configuration to be able to encrypt secrets." -- cgit v1.2.3 From a39e3fc5b3b241711274d6d649a70a08391581dc Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 17:14:58 -0300 Subject: ChangeLog update --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index 9a2475a..cf568c5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 2014-08-21 - Silvio Rhatto + Init: just set git user/mail if needed + Shell completions: use KEYRINGER_CHECK_RECIPIENTS=false to avoid fatal errors -- cgit v1.2.3 From 4bc8b8e6fa81c38ce8c76027074feef1c7f69530 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 17:16:45 -0300 Subject: Keyringer 0.3.7 --- ChangeLog | 2 +- keyringer | 2 +- share/man/keyringer.1 | 12 ++++++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index cf568c5..683c853 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -2014-08-21 - Silvio Rhatto +2014-08-21 - 0.3.7 - Silvio Rhatto Init: just set git user/mail if needed diff --git a/keyringer b/keyringer index b5251b9..059b157 100755 --- a/keyringer +++ b/keyringer @@ -140,7 +140,7 @@ function keyringer_dispatch { # Config NAME="keyringer" -KEYRINGER_VERSION="0.3.6" +KEYRINGER_VERSION="0.3.7" CONFIG_VERSION="0.1" CONFIG_BASE="$HOME/.$NAME" CONFIG="$CONFIG_BASE/config" diff --git a/share/man/keyringer.1 b/share/man/keyringer.1 index 95c236d..82cb520 100644 --- a/share/man/keyringer.1 +++ b/share/man/keyringer.1 @@ -164,6 +164,11 @@ Alias for \f[I]del\f[] action. .RS .RE .TP +.B cp <\f[I]secret\f[]> <\f[I]dest\f[]> +Copy a secret. +.RS +.RE +.TP .B mv <\f[I]secret\f[]> <\f[I]dest\f[]> Rename a secret. .RS @@ -370,6 +375,13 @@ using the \f[I]git\f[] action. Keyringer does not protect data which were not encrypted to a keyring, so be careful when decrypting secrets and writing them to the disk or other storage media. +.PP +Pay special attention that keyringer outputs data to stdout, which could +be easilly spotted by any agent looking directly at you computer screen. +.PP +The xclip action even copies secret data to the X11 clipboard, which can +be accessed by any application running in the user\[aq]s X11 session, so +use this feature carefully. .SH SEE ALSO .PP The \f[I]README\f[] file distributed with Keyringer contains full -- cgit v1.2.3