m-chrzan.xyz
aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2016-12-18 16:13:18 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2016-12-20 19:31:05 +0100
commit639c46a342466209e9b0600c2b3574bb44a0ff31 (patch)
tree032a94e458e4d0303be634ba641c20e4a588f07e /src
parent0b2f803fe61992af02b8820c400984b1f615a299 (diff)
generate: use /dev/urandom directly
Passing to tr using the "pick and discard" technique is more straight- forwardly correct and less error-prone. It also allows users to select their own character sets to be passed to tr.
Diffstat (limited to 'src')
-rwxr-xr-xsrc/password-store.sh12
1 files changed, 7 insertions, 5 deletions
diff --git a/src/password-store.sh b/src/password-store.sh
index 63be840..7b1d5a5 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -1,6 +1,6 @@
#!/usr/bin/env bash
-# Copyright (C) 2012 - 2014 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
+# Copyright (C) 2012 - 2016 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved.
# This file is licensed under the GPLv2+. Please see COPYING for more information.
umask "${PASSWORD_STORE_UMASK:-077}"
@@ -16,6 +16,8 @@ PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"
CLIP_TIME="${PASSWORD_STORE_CLIP_TIME:-45}"
GENERATED_LENGTH="${PASSWORD_STORE_GENERATED_LENGTH:-25}"
+CHARACTER_SET="${PASSWORD_STORE_CHARACTER_SET:-[:graph:]}"
+CHARACTER_SET_NO_SYMBOLS="${PASSWORD_STORE_CHARACTER_SET_NO_SYMBOLS:-[:alnum:]}"
export GIT_DIR="${PASSWORD_STORE_GIT:-$PREFIX}/.git"
export GIT_WORK_TREE="${PASSWORD_STORE_GIT:-$PREFIX}"
@@ -431,12 +433,12 @@ cmd_edit() {
}
cmd_generate() {
- local opts clip=0 force=0 symbols="-y" inplace=0
+ local opts clip=0 force=0 characters="$CHARACTER_SET" inplace=0 pass
opts="$($GETOPT -o ncif -l no-symbols,clip,in-place,force -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
- -n|--no-symbols) symbols=""; shift ;;
+ -n|--no-symbols) characters="$CHARACTER_SET_NO_SYMBOLS"; shift ;;
-c|--clip) clip=1; shift ;;
-f|--force) force=1; shift ;;
-i|--in-place) inplace=1; shift ;;
@@ -454,8 +456,8 @@ cmd_generate() {
[[ $inplace -eq 0 && $force -eq 0 && -e $passfile ]] && yesno "An entry already exists for $path. Overwrite it?"
- local pass="$(pwgen -s $symbols $length 1)"
- [[ -n $pass ]] || exit 1
+ read -r -n $length pass < <(LC_ALL=C tr -dc "$characters" < /dev/urandom)
+ [[ ${#pass} -eq $length ]] || die "Could not generate password from /dev/urandom."
if [[ $inplace -eq 0 ]]; then
$GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" "${GPG_OPTS[@]}" <<<"$pass" || die "Password encryption aborted."
else