From b6ed1339b7cf26cc941f18dce3fd32f117d519d4 Mon Sep 17 00:00:00 2001
From: "Manuel Amador (Rudd-O)" <rudd-o@rudd-o.com>
Date: Sun, 14 May 2017 14:23:19 +0000
Subject: [PATCH] Qubes-pass gains the ability to specify nosymbols for
 password generation.

---
 bin/qubes-pass-client          |  1 +
 bin/qvm-pass                   | 20 ++++++++++++++------
 etc/qubes-rpc/ruddo.PassManage | 10 ++++++++--
 qubes-pass.spec                |  2 +-
 4 files changed, 24 insertions(+), 9 deletions(-)

diff --git a/bin/qubes-pass-client b/bin/qubes-pass-client
index e32517f..513abb0 100755
--- a/bin/qubes-pass-client
+++ b/bin/qubes-pass-client
@@ -29,6 +29,7 @@ elif [ "$1" == "get-or-generate" ] ; then
     cmd=$(echo "$1" | base64 -w 0)
     key=$(echo "$2" | base64 -w 0)
     autogen=$(echo 1 | base64 -w 0)
+    nosymbols=$(echo "$3" | base64 -w 0)
     echo "$cmd
 $key
 $autogen" | /usr/lib/qubes/qrexec-client-vm "$QUBES_PASS_DOMAIN" ruddo.PassManage
diff --git a/bin/qvm-pass b/bin/qvm-pass
index a25e84f..84b1a99 100755
--- a/bin/qvm-pass
+++ b/bin/qvm-pass
@@ -1,9 +1,10 @@
 #!/bin/bash
 
-TEMP=`getopt -o ?d:mfe -- "$@"`
+TEMP=`getopt -o ?d:n:mfe -- "$@"`
 force=0
 multiline=0
 echo=0
+nosymbols=
 eval set -- "$TEMP"
 set -e
 
@@ -22,10 +23,12 @@ usage() {
     echo "        If your key is not named after a subcommand, you can also"
     echo "        get its contents by passing it as the first argument of"
     echo "        this command, omitting the get subcommand."
-    echo "    get-or-generate <key>"
+    echo "    get-or-generate [-n symbols] <key>"
     echo "        Retrieves a key from the pass store; creates the key"
     echo "        with 32 characters length if it does not exist yet,"
     echo "        and returns the generated key on standard output."
+    echo "        The -n option excludes symbols from being used"
+    echo "        during password generation."
     echo "    insert [--echo,-e | --multiline,-m] [--force,-f]  <key>"
     echo "        Creates a key in the pass store."
     exit 0
@@ -38,6 +41,8 @@ while true ; do
                 "") shift 2 ;;
                 *) export QUBES_PASS_DOMAIN="$2" ; shift 2 ;;
             esac ;;
+        -n)
+            nosymbols="$2" ; shift 2 ;;
         -m)
             multiline=1 ; shift ;;
         -f)
@@ -62,10 +67,10 @@ case "$1" in
         if [ -n "$3" ] ; then
             echo "the $1 subcommand only accepts one argument; run with -? for more information" >&2 ; exit 64 
         fi
-        exec qubes-pass-client "$1" "$2"
+        exec qubes-pass-client "$1" "$2" "$nosymbols"
         ;;
     init)
-        if [ "$force$multiline$echo" != "000" ] ; then
+        if [ "$force$multiline$echo$nosymbols" != "000" ] ; then
             echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64
         fi
         if [ -n "$2" ] ; then
@@ -74,6 +79,9 @@ case "$1" in
         exec qubes-pass-client "$1"
         ;;
     insert)
+        if [ "$nosymbols" != "" ] ; then
+            echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64
+        fi
         shift
 
         if [ "$force" != "1" ] ; then
@@ -110,13 +118,13 @@ case "$1" in
         exec qubes-pass-client insert "$1" "$multiline" "$contents"
         ;;
     list)
-        if [ "$force$multiline$echo" != "000" ] ; then
+        if [ "$force$multiline$echo$nosymbols" != "000" ] ; then
             echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64
         fi
         exec qubes-pass-client list
         ;;
     *)
-        if [ "$force$multiline$echo" != "000" ] ; then
+        if [ "$force$multiline$echo$nosymbols" != "000" ] ; then
             echo "the get subcommand does not accept that option; run with -? for more information" >&2 ; exit 64
         fi
         exec qubes-pass-client get "$1"
diff --git a/etc/qubes-rpc/ruddo.PassManage b/etc/qubes-rpc/ruddo.PassManage
index 8aca82c..80838b8 100644
--- a/etc/qubes-rpc/ruddo.PassManage
+++ b/etc/qubes-rpc/ruddo.PassManage
@@ -38,14 +38,20 @@ elif [ "$cmd" == "get-or-generate" ] ; then
 
   read -n 4096 entry
   read -n 4096 autogen
+  read -n 4096 nosymbols
   entry=$(echo "$entry" | base64 -d)
-  autogen=$(echo "$autogen" | base64 -d)
+  nosymbols=$(echo "nosymbols" | base64 -d)
   
   if [ "$autogen" == "1" ] ; then
       ret=0 ; out=$(pass -- "$entry" 2>&1) || ret=$?
       if [ "$ret" == "1" ] && echo "$out" | grep -q "not in the password store" ; then
           logger -t ruddo.PassManage "creating password entry $entry"
-          ret=0 ; out=$(pass generate -- "$entry" 32) || ret=$?
+          ret=0
+          if [ "$nosymbols" != "" ] ; then
+              out=$(pass generate -n "$nosymbols" -- "$entry" 32) || ret=$?
+          else
+              out=$(pass generate -- "$entry" 32) || ret=$?
+          fi
           if [ "$ret" == "1" ] ; then
               echo "Password generation failed: $out"
               exit "$ret"
diff --git a/qubes-pass.spec b/qubes-pass.spec
index 5ae9608..bcb306b 100644
--- a/qubes-pass.spec
+++ b/qubes-pass.spec
@@ -3,7 +3,7 @@
 %define mybuildnumber %{?build_number}%{?!build_number:1}
 
 Name:           qubes-pass
-Version:        0.0.6
+Version:        0.0.7
 Release:        %{mybuildnumber}%{?dist}
 Summary:        Inter-VM pass password management for Qubes OS AppVMs and StandaloneVMs
 BuildArch:      noarch