From b901fc5c0dd11505d0d9586aadd070236a99b399 Mon Sep 17 00:00:00 2001 From: "Manuel Amador (Rudd-O)" Date: Sun, 14 May 2017 15:09:31 +0000 Subject: [PATCH] Fix bugs in option processing and add cp/mv/rm support. --- bin/qubes-pass-client | 19 +++++++++- bin/qvm-pass | 68 ++++++++++++++++++++++++++-------- etc/qubes-rpc/ruddo.PassManage | 27 ++++++++++++++ 3 files changed, 98 insertions(+), 16 deletions(-) diff --git a/bin/qubes-pass-client b/bin/qubes-pass-client index 513abb0..b373297 100755 --- a/bin/qubes-pass-client +++ b/bin/qubes-pass-client @@ -32,7 +32,24 @@ elif [ "$1" == "get-or-generate" ] ; then nosymbols=$(echo "$3" | base64 -w 0) echo "$cmd $key -$autogen" | /usr/lib/qubes/qrexec-client-vm "$QUBES_PASS_DOMAIN" ruddo.PassManage +$autogen +$nosymbols" | /usr/lib/qubes/qrexec-client-vm "$QUBES_PASS_DOMAIN" ruddo.PassManage + +elif [ "$1" == "rm" ] ; then + cmd=$(echo "$1" | base64 -w 0) + key=$(echo "$2" | base64 -w 0) + echo "$cmd +$key" | /usr/lib/qubes/qrexec-client-vm "$QUBES_PASS_DOMAIN" ruddo.PassManage + +elif [ "$1" == "mv" -o "$1" == "cp" ] ; then + cmd=$(echo "$1" | base64 -w 0) + key=$(echo "$2" | base64 -w 0) + newkey=$(echo "$3" | base64 -w 0) + force=$(echo "$4" | base64 -w 0) + echo "$cmd +$key +$newkey +$force" | /usr/lib/qubes/qrexec-client-vm "$QUBES_PASS_DOMAIN" ruddo.PassManage elif [ "$1" == "insert" ] ; then diff --git a/bin/qvm-pass b/bin/qvm-pass index 84b1a99..cb25b41 100755 --- a/bin/qvm-pass +++ b/bin/qvm-pass @@ -1,11 +1,5 @@ #!/bin/bash -TEMP=`getopt -o ?d:n:mfe -- "$@"` -force=0 -multiline=0 -echo=0 -nosymbols= -eval set -- "$TEMP" set -e usage() { @@ -31,11 +25,23 @@ usage() { echo " during password generation." echo " insert [--echo,-e | --multiline,-m] [--force,-f] " echo " Creates a key in the pass store." - exit 0 + echo " rm " + echo " Removes a key from the pass store." + echo " cp [-f] " + echo " Copies a key to another key in the pass store," + echo " optionally forcefully." + echo " mv [-f] " + echo " Moves a key to another key in the pass store," + echo " optionally forcefully." } -while true ; do - case "$1" in +force=0 +multiline=0 +echo=0 +nosymbols= + +while getopts :d:n:mfe? opt ; do + case "$opt" in -d) case "$2" in "") shift 2 ;; @@ -49,10 +55,15 @@ while true ; do force=1 ; shift ;; -e) echo=1 ; shift ;; - "-?") - usage ;; - --) shift ; break ;; - *) echo "error processing options; run with -? for more information" ; exit 64 ;; + ":") + echo "incorrect usage; run with -? for more information" ; exit 64 ;; + "?") + if [ "$OPTARG" != "?" ] ; then + usage ; exit 64 ; + else + usage ; exit 0 ; + fi + ;; esac done @@ -65,7 +76,7 @@ case "$1" in echo "the $1 subcommand requires a key; run with -? for more information" >&2 ; exit 64 fi if [ -n "$3" ] ; then - echo "the $1 subcommand only accepts one argument; run with -? for more information" >&2 ; exit 64 + echo "the $1 subcommand only accepts one argument; run with -? for more information" >&2 ; exit 64 fi exec qubes-pass-client "$1" "$2" "$nosymbols" ;; @@ -74,10 +85,37 @@ case "$1" in echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64 fi if [ -n "$2" ] ; then - echo "the $1 subcommand does not accept any arguments; run with -? for more information" >&2 ; exit 64 + echo "the $1 subcommand does not accept any arguments; run with -? for more information" >&2 ; exit 64 fi exec qubes-pass-client "$1" ;; + rm) + if [ "$force$multiline$echo$nosymbols" != "000" ] ; then + echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64 + fi + if [ -z "$2" ] ; then + echo "the $1 subcommand requires a key; run with -? for more information" >&2 ; exit 64 + fi + exec qubes-pass-client "$1" "$2" + ;; + mv) + if [ "$multiline$echo$nosymbols" != "000" ] ; then + echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64 + fi + if [ -z "$2" -o -z "$3" ] ; then + echo "the $1 subcommand requires two keys; run with -? for more information" >&2 ; exit 64 + fi + exec qubes-pass-client "$1" "$2" "$3" "$force" + ;; + cp) + if [ "$multiline$echo$nosymbols" != "000" ] ; then + echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64 + fi + if [ -z "$2" -o -z "$3" ] ; then + echo "the $1 subcommand requires two keys; run with -? for more information" >&2 ; exit 64 + fi + exec qubes-pass-client "$1" "$2" "$3" "$force" + ;; insert) if [ "$nosymbols" != "" ] ; then echo "the $1 subcommand does not accept that option; run with -? for more information" >&2 ; exit 64 diff --git a/etc/qubes-rpc/ruddo.PassManage b/etc/qubes-rpc/ruddo.PassManage index 80838b8..1884562 100644 --- a/etc/qubes-rpc/ruddo.PassManage +++ b/etc/qubes-rpc/ruddo.PassManage @@ -83,4 +83,31 @@ elif [ "$cmd" == "insert" ] ; then echo "$contents" | pass insert -e --force -- "$entry" fi +elif [ "$cmd" == "rm" ] ; then + + read -n 4096 entry + entry=$(echo "$entry" | base64 -d) + + logger -t ruddo.PassManage "removing password entry $entry" + + pass rm -- "$entry" + +elif [ "$cmd" == "mv" -o "$cmd" == "cp" ] ; then + + read -n 4096 entry + entry=$(echo "$entry" | base64 -d) + read -n 4096 newentry + newentry=$(echo "$newentry" | base64 -d) + read -n 4096 force + force=$(echo "$force" | base64 -d) + if [ "$force" == "1" ] ; then + force=-f + else + force= + fi + + logger -t ruddo.PassManage "$cmd password entry $entry to $entry" + + pass "$cmd" $f -- "$entry" "$newentry" + fi