diff options
author | guns <self@sungpae.com> | 2012-10-16 17:28:15 -0500 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2012-10-17 00:53:50 +0200 |
commit | 8c46958d559d6fbb852f341f0fc2d5d60127ed91 (patch) | |
tree | c54c00eb0a4d2be174cccc629ee222b759aa2a29 /src | |
parent | de5282d1a6b17cd62122084e06eaaac36716a2c8 (diff) |
Do not interpret backslashes when reading passwords
The `read` builtin accepts backslash notation for common non-printing
characters by default, like `\t` and `\n`. This requires that any
literal backslashes must also be escaped as `\\`.
Given that `gpg -e` does not interpret input, the `read` invocations are
changed to do the same.
Also, the right hand side of an `==` comparison within `[[ ]]` must be
quoted in order to suppress pattern metacharacter expansion. Quoting the
bash manual:
When the == and != operators are used, the string to the right of
the operator is considered a pattern and matched according to the
rules described below under Pattern Matching.
Diffstat (limited to 'src')
-rwxr-xr-x | src/password-store.sh | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/password-store.sh b/src/password-store.sh index eabbb50..8dea924 100755 --- a/src/password-store.sh +++ b/src/password-store.sh @@ -261,11 +261,11 @@ case "$command" in gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS elif [[ $noecho -eq 1 ]]; then while true; do - read -p "Enter password for $path: " -s password + read -r -p "Enter password for $path: " -s password echo - read -p "Retype password for $path: " -s password_again + read -r -p "Retype password for $path: " -s password_again echo - if [[ $password == $password_again ]]; then + if [[ $password == "$password_again" ]]; then gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password" break else @@ -273,7 +273,7 @@ case "$command" in fi done else - read -p "Enter password for $path: " -e password + read -r -p "Enter password for $path: " -e password gpg2 -e -r "$ID" -o "$passfile" $GPG_OPTS <<<"$password" fi git_add_file "$passfile" "Added given password for $path to store." |