> Le 18 12 2019 à 12:00, [email protected] a écrit : > > Send Password-Store mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.zx2c4.com/mailman/listinfo/password-store > or, via email, send a message with subject or body 'help' to > [email protected] > > You can reach the person managing the list at > [email protected] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Password-Store digest..." > > > Today's Topics: > > 1. [PATCH] Allow comments in .gpg-id (Kjetil Torgrim Homme) > 2. Re: [PATCH] Allow comments in .gpg-id (Amir Yalon) > 3. Re: [PATCH] Allow comments in .gpg-id (Rune Juhl Jacobsen) > 4. Re: [PATCH] Allow comments in .gpg-id (Rune Juhl Jacobsen) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 17 Dec 2019 17:55:58 +0100 > From: Kjetil Torgrim Homme <[email protected]> > To: [email protected] > Subject: [PATCH] Allow comments in .gpg-id > Message-ID: <[email protected]> > Content-Type: text/plain; charset="utf-8" > > We are using password-store to share secrets within our organisation, so > there are dozens of entries in our .gpg-id files. A list of anonymous > 64-bit values is hard to work with (e.g., when a colleague leaves or a > new one arrives), so I would like to allow an optional comment to each line. > > The current logic allows space separated fingerprints like > > 8239 26C1 119D DD65 CC49 4A44 7708 DF87 BE42 C343 > > so we must continue to support spaces in the values. > > It is also allowed to use a user-id in the form of a mail address, like > "[email protected]", although I find that a little icky > myself (probably not rational). You can even include the full name of > the person, like > > Kjetil Torgrim Homme (work) <[email protected]> > > but it must match what is in the key exactly (including the > parenthesis), so it is a little fickle. > > My proposed patch is kept simple: it reads each line into two variables, > which means the first variable contains the first word, and the second > variable the rest of the word. If the second variable starts with a > "#", it is ignored. Otherwise the complete line is used. This means I > am not allowed to add comments to the fingerprint version or the full id > version, but I think the simplicity of the patch makes it worth it to > not support that variant. > > (I don't know how to make Thunderbird/Enigmail not add linebreaks, so I > attach the patch as a file in addition to the inline copy below.) > > diff --git src/password-store.sh src/password-store.sh > index 7264ffc..b17ec58 100755 > --- src/password-store.sh > +++ src/password-store.sh > @@ -98,7 +98,11 @@ set_gpg_recipients() { > verify_file "$current" > > local gpg_id > - while read -r gpg_id; do > + while read -r gpg_id additional_columns; do > + case $additional_columns in > + ""|"# "*) : ;; # only keep first column, strip comment > + *) gpg_id="${gpg_id} ${additional_columns}" ;; > + esac > GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" ) > GPG_RECIPIENTS+=( "$gpg_id" ) > done < "$current" > > > -- > Kjetil T. Homme > Redpill Linpro - Changing the game > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: comments-in-gpg-id.patch > Type: text/x-patch > Size: 545 bytes > Desc: not available > URL: > <http://lists.zx2c4.com/pipermail/password-store/attachments/20191217/598aaa11/attachment-0001.bin> > > ------------------------------ > > Message: 2 > Date: Wed, 18 Dec 2019 11:39:37 +0200 > From: "Amir Yalon" <[email protected]> > To: [email protected] > Subject: Re: [PATCH] Allow comments in .gpg-id > Message-ID: <[email protected]> > Content-Type: text/plain; charset="us-ascii" > > On Tue, Dec 17, 2019, at 18:55, Kjetil Torgrim Homme wrote: >> - while read -r gpg_id; do >> + while read -r gpg_id additional_columns; do >> + case $additional_columns in >> + ""|"# "*) : ;; # only keep first column, strip comment >> + *) gpg_id="${gpg_id} ${additional_columns}" ;; >> + esac > It may be simpler to do gpg_id="${gpg_id%%#*}" instead. > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: > <http://lists.zx2c4.com/pipermail/password-store/attachments/20191218/866491ba/attachment-0001.html> > > ------------------------------ > > Message: 3 > Date: Wed, 18 Dec 2019 11:35:10 +0100 > From: "Rune Juhl Jacobsen" <[email protected]> > To: [email protected] > Subject: Re: [PATCH] Allow comments in .gpg-id > Message-ID: <[email protected]> > Content-Type: text/plain; format=flowed > > I would probably reach for grep and do something like this > instead: > > diff --git a/src/password-store.sh b/src/password-store.sh index > 77f3eda..ce3f7fb 100755 --- a/src/password-store.sh +++ > b/src/password-store.sh @@ -99,7 +99,7 @@ set_gpg_recipients() { > verify_file "$current" > > local gpg_id > - while read -r gpg_id; do + grep -Eo '^[^#]+' | grep -Ev > '^\s*$' | while read -r gpg_id; do > GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" ) GPG_RECIPIENTS+=( > "$gpg_id" ) > done < "$current" > > > This will remove comments no matter if they're full lines or not, > and will remove any lines containing only whitespace as well. > > I'm not sure about using `grep -E` though. It's more portable than > `grep -e` or `egrep`, but I'm not sure if it'd be better to use > `grep -P`, or if it's better to simply loop over all lines and use > Bash regexes and BASH_REMATCH to remove comments and empty lines. > > /Rune > > "Amir Yalon" <[email protected]> writes: > >> On Tue, Dec 17, 2019, at 18:55, Kjetil Torgrim Homme wrote: >>> - while read -r gpg_id; do + while read -r gpg_id >>> additional_columns; do + case $additional_columns in + ""|"# >>> "*) : ;; # only keep first column, strip comment + *) >>> gpg_id="${gpg_id} ${additional_columns}" ;; + esac >> It may be simpler to do gpg_id="${gpg_id%%#*}" instead. >> _______________________________________________ Password-Store >> mailing list [email protected] >> https://lists.zx2c4.com/mailman/listinfo/password-store > > -- > Rune Juhl Jacobsen > [email protected] > +45 6016 8337 > > > ------------------------------ > > Message: 4 > Date: Wed, 18 Dec 2019 11:39:45 +0100 > From: "Rune Juhl Jacobsen" <[email protected]> > To: [email protected] > Subject: Re: [PATCH] Allow comments in .gpg-id > Message-ID: <[email protected]> > Content-Type: text/plain; charset="us-ascii"; Format="flowed" > > Ouch, it seems like my editor ate a newline in the diff; sorry. > Hopefully this works better... > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: not available > Type: text/x-diff > Size: 424 bytes > Desc: not available > URL: > <http://lists.zx2c4.com/pipermail/password-store/attachments/20191218/ab3fa47a/attachment-0001.diff> > -------------- next part -------------- > > /Rune > > "Rune Juhl Jacobsen" <[email protected]> writes: > >> I would probably reach for grep and do something like this >> instead: >> >> diff --git a/src/password-store.sh b/src/password-store.sh index >> 77f3eda..ce3f7fb 100755 --- a/src/password-store.sh +++ >> b/src/password-store.sh @@ -99,7 +99,7 @@ set_gpg_recipients() { >> verify_file "$current" >> >> local gpg_id >> - while read -r gpg_id; do + grep -Eo '^[^#]+' | grep -Ev >> '^\s*$' | while read -r gpg_id; do >> GPG_RECIPIENT_ARGS+=( "-r" "$gpg_id" ) GPG_RECIPIENTS+=( >> "$gpg_id" ) >> done < "$current" >> >> This will remove comments no matter if they're full lines or >> not, and will remove any lines containing only whitespace as >> well. >> >> I'm not sure about using `grep -E` though. It's more portable >> than `grep -e` or `egrep`, but I'm not sure if it'd be better >> to use `grep -P`, or if it's better to simply loop over all >> lines and use Bash regexes and BASH_REMATCH to remove comments >> and empty lines. >> >> /Rune >> >> "Amir Yalon" <[email protected]> writes: >> >>> On Tue, Dec 17, 2019, at 18:55, Kjetil Torgrim Homme wrote: >>>> - while read -r gpg_id; do + while read -r gpg_id >>>> additional_columns; do + case $additional_columns in + ""|"# >>>> "*) : ;; # only keep first column, strip comment + *) >>>> gpg_id="${gpg_id} ${additional_columns}" ;; + esac >>> It may be simpler to do gpg_id="${gpg_id%%#*}" instead. >>> _______________________________________________ Password-Store >>> mailing list [email protected] >>> https://lists.zx2c4.com/mailman/listinfo/password-store >> >> -- Rune Juhl Jacobsen [email protected] +45 6016 8337 > > -- > Rune Juhl Jacobsen > [email protected] > +45 6016 8337 > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > Password-Store mailing list > [email protected] > https://lists.zx2c4.com/mailman/listinfo/password-store > > > ------------------------------ > > End of Password-Store Digest, Vol 79, Issue 3 > *********************************************
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
