diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-20 20:58:24 +0100 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2016-12-21 06:02:14 +0100 |
commit | b28849617fb61e87a40a0e06ed94e0cd3c87bb5e (patch) | |
tree | e887f68b272310279a2f56e08814d2510f32c26f | |
parent | ff62f87f41557ab7267defab662324927301485a (diff) |
extensions: make opt-in
-rw-r--r-- | man/pass.1 | 13 | ||||
-rwxr-xr-x | src/password-store.sh | 24 |
2 files changed, 22 insertions, 15 deletions
@@ -30,10 +30,10 @@ If no COMMAND is specified, COMMAND defaults to either .B show or .BR ls , -depending on the type of specifier in ARGS. Alternatively, if the file -\fI.extensions/COMMAND.bash\fP exists inside the password store and is executable -, then it is sourced into the environment, passing any arguments and environment -variables. +depending on the type of specifier in ARGS. Alternatively, if \fIPASSWORD_STORE_ENABLE_EXTENSIONS\fP +is set to "true", and the file \fI.extensions/COMMAND.bash\fP exists inside the +password store and is executable, then it is sourced into the environment, +passing any arguments and environment variables. Otherwise COMMAND must be one of the valid commands listed below. @@ -441,7 +441,10 @@ by \fBtr\fP. See .BR tr (1) for more info. .TP -.I PASSWORD_STORE_EXTENSION_DIR +.I PASSWORD_STORE_ENABLE_EXTENSIONS +This environment variable must be set to "true" for extensions to be enabled. +.TP +.I PASSWORD_STORE_EXTENSIONS_DIR The location to look for executable extension files, by default \fIPASSWORD_STORE_DIR/.extensions\fP. .TP diff --git a/src/password-store.sh b/src/password-store.sh index 1c61370..52cc941 100755 --- a/src/password-store.sh +++ b/src/password-store.sh @@ -13,7 +13,7 @@ which gpg2 &>/dev/null && GPG="gpg2" [[ -n $GPG_AGENT_INFO || $GPG == "gpg2" ]] && GPG_OPTS+=( "--batch" "--use-agent" ) PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}" -EXTENSIONS="${PASSWORD_STORE_EXTENSION_DIR:-$PREFIX/.extensions}" +EXTENSIONS="${PASSWORD_STORE_EXTENSIONS_DIR:-$PREFIX/.extensions}" X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}" CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}" GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}" @@ -597,18 +597,22 @@ cmd_git() { fi } -cmd_extension() { - local extension="$EXTENSIONS/$1.bash" - check_sneaky_paths "$extension" - if [[ -f $extension && -x $extension ]]; then - verify_file "$extension" - shift - source "$extension" "$@" - else +cmd_extension_or_show() { + if ! cmd_extension "$@"; then COMMAND="show" cmd_show "$@" fi } +cmd_extension() { + [[ $PASSWORD_STORE_ENABLE_EXTENSIONS == true ]] || return 1 + local extension="$EXTENSIONS/$1.bash" + check_sneaky_paths "$extension" + [[ -f $extension && -x $extension ]] || return 1 + verify_file "$extension" + shift + source "$extension" "$@" + return 0 +} # # END subcommand functions @@ -631,6 +635,6 @@ case "$1" in rename|mv) shift; cmd_copy_move "move" "$@" ;; copy|cp) shift; cmd_copy_move "copy" "$@" ;; git) shift; cmd_git "$@" ;; - *) cmd_extension "$@" ;; + *) cmd_extension_or_show "$@" ;; esac exit 0 |