pash-posix: Add more comments

This commit is contained in:
Dylan Araps 2019-11-25 22:25:16 +00:00
parent c725ae97ee
commit f0b54c98d4
No known key found for this signature in database
GPG Key ID: 46D62DD9F1DE636E

View File

@ -4,26 +4,55 @@
pw_add() { pw_add() {
pass_name=$1 pass_name=$1
set -- -c
if yn "Generate a password?"; then if yn "Generate a password?"; then
pass=$("$gpg" --gen-random --armor "${PASH_LENGTH:-50}" |\ # Use 'gpg' to generate the password. This
# could have been 'openssl', '/dev/[u]random'
# or another utility, however sticking to 'gpg'
# removes the need for another dependency.
#
# The '-a' flag outputs the random bytes as
# a 'base64' encoded string to allow for the
# password to be used as well, a password.
#
# The 'cut' is required to actually truncate
# the password to the set length as the 'base64'
# encoding makes the resulting string longer
# than the given length.
pass=$("$gpg" --gen-random -a "${PASH_LENGTH:-50}" |\
cut -c -"${PASH_LENGTH:-50}") cut -c -"${PASH_LENGTH:-50}")
else else
printf 'Enter password: ' printf 'Enter password: '
# Disable echoing of output to the
# terminal while reading user input.
stty -echo stty -echo
read -r pass read -r pass
# Enable echoing and leave the terminal
# how we *should* have found it.
stty echo stty echo
printf '\n' printf '\n'
fi fi
[ "$pass" ] || [ "$pass" ] ||
die "Failed to generate a password." die "Failed to generate a password."
[ "$PASH_KEYID" ] && # Mimic the use of an array for storing
# arguments by... using the function's
# argument list. This is very apt... isn't it?
if [ "$PASH_KEYID" ]; then
set -- --trust-model always -aer "$PASH_KEYID" set -- --trust-model always -aer "$PASH_KEYID"
else
set -- -c
fi
# Use 'gpg' to store the password in an encrypted file.
# The 'GPG_TTY' environment variable is set to workaround
# cases where 'gpg' cannot find an attached terminal.
echo "$pass" | GPG_TTY=$(tty) "$gpg" "$@" -o "$pass_name.gpg" echo "$pass" | GPG_TTY=$(tty) "$gpg" "$@" -o "$pass_name.gpg"
} }
@ -37,6 +66,10 @@ pw_del() {
pw_show() { pw_show() {
pass=$("$gpg" -dq "$1.gpg") pass=$("$gpg" -dq "$1.gpg")
# If '$2' is defined, don't print the password
# to the terminal. This is useful when the user
# would just like the password copied to the
# clipboard.
[ "$2" ] || printf '%s\n' "$pass" [ "$2" ] || printf '%s\n' "$pass"
} }
@ -117,6 +150,8 @@ main() {
[ "$1" = '-?' ] || [ -z "$1" ] && [ "$1" = '-?' ] || [ -z "$1" ] &&
usage usage
# Look for both 'gpg' and 'gpg2',
# preferring 'gpg2' if it is available.
hash gpg 2>/dev/null && gpg=gpg hash gpg 2>/dev/null && gpg=gpg
hash gpg2 2>/dev/null && gpg=gpg2 hash gpg2 2>/dev/null && gpg=gpg2