commit 685d094023e2edbd130a7c86d46e7fd79a62e8af
parent 59272fc6af05dfc603c9230dbded251344e2380c
Author: Jason A. Donenfeld <Jason@zx2c4.com>
Date: Wed, 23 Apr 2014 18:16:53 +0200
Use aliases instead of variables for command portability.
Diffstat:
12 files changed, 73 insertions(+), 72 deletions(-)
diff --git a/src/password-store.sh b/src/password-store.sh
@@ -10,6 +10,7 @@ GPG_OPTS="--quiet --yes --compress-algo=none"
GPG="gpg"
which gpg2 &>/dev/null && GPG="gpg2"
[[ -n $GPG_AGENT_INFO || $GPG == "gpg2" ]] && GPG_OPTS="$GPG_OPTS --batch --use-agent"
+alias gpg="command $GPG"
PREFIX="${PASSWORD_STORE_DIR:-$HOME/.password-store}"
X_SELECTION="${PASSWORD_STORE_X_SELECTION:-clipboard}"
@@ -86,7 +87,7 @@ agent_check() {
}
reencrypt_path() {
local prev_gpg_recipients="" gpg_keys="" current_keys="" index passfile
- local groups="$($GPG --list-config --with-colons | grep ^cfg:group:.*)"
+ local groups="$(gpg --list-config --with-colons | grep ^cfg:group:.*)"
while read -r -d "" passfile; do
local passfile_dir="${passfile%/*}"
passfile_dir="${passfile_dir#$PREFIX}"
@@ -103,13 +104,13 @@ reencrypt_path() {
IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # http://unix.stackexchange.com/a/92190
unset GPG_RECIPIENTS[$index]
done
- gpg_keys="$($GPG --list-keys --keyid-format long "${GPG_RECIPIENTS[@]}" | sed -n 's/sub *.*\/\([A-F0-9]\{16\}\) .*/\1/p' | sort -u)"
+ gpg_keys="$(gpg --list-keys --keyid-format long "${GPG_RECIPIENTS[@]}" | sed -n 's/sub *.*\/\([A-F0-9]\{16\}\) .*/\1/p' | sort -u)"
fi
- current_keys="$($GPG -v --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | sort -u)"
+ current_keys="$(gpg -v --list-only --keyid-format long "$passfile" 2>&1 | cut -d ' ' -f 5 | sort -u)"
if [[ $gpg_keys != "$current_keys" ]]; then
echo "$passfile_display: reencrypting to ${gpg_keys//$'\n'/ }"
- $GPG -d $GPG_OPTS "$passfile" | $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile_temp" $GPG_OPTS &&
+ gpg -d $GPG_OPTS "$passfile" | gpg -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile_temp" $GPG_OPTS &&
mv "$passfile_temp" "$passfile" || rm -f "$passfile_temp"
fi
prev_gpg_recipients="${GPG_RECIPIENTS[@]}"
@@ -176,8 +177,8 @@ tmpdir() {
fi
}
-GETOPT="getopt"
-SHRED="shred -f -z"
+alias getopt="command getopt"
+alias shred="command shred -f -z"
source "$(dirname "$0")/platform/$(uname | cut -d _ -f 1 | tr '[:upper:]' '[:lower:]').sh" 2>/dev/null # PLATFORM_FUNCTION_FILE
@@ -252,7 +253,7 @@ cmd_usage() {
cmd_init() {
local opts id_path=""
- opts="$($GETOPT -o p: -l path: -n "$PROGRAM" -- "$@")"
+ opts="$(getopt -o p: -l path: -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
@@ -300,7 +301,7 @@ cmd_init() {
cmd_show() {
local opts clip=0
- opts="$($GETOPT -o c -l clip -n "$PROGRAM" -- "$@")"
+ opts="$(getopt -o c -l clip -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
@@ -318,9 +319,9 @@ cmd_show() {
check_sneaky_paths "$path"
if [[ -f $passfile ]]; then
if [[ $clip -eq 0 ]]; then
- exec $GPG -d $GPG_OPTS "$passfile"
+ exec gpg -d $GPG_OPTS "$passfile"
else
- local pass="$($GPG -d $GPG_OPTS "$passfile" | head -n 1)"
+ local pass="$(gpg -d $GPG_OPTS "$passfile" | head -n 1)"
[[ -n $pass ]] || exit 1
clip "$pass" "$path"
fi
@@ -367,7 +368,7 @@ cmd_grep() {
agent_check
local search="$1" passfile
while read -r -d "" passfile; do
- local grepresults="$($GPG -d $GPG_OPTS "$passfile" | grep --color=always "$search")"
+ local grepresults="$(gpg -d $GPG_OPTS "$passfile" | grep --color=always "$search")"
[ $? -ne 0 ] && continue
passfile="${passfile%.gpg}"
passfile="${passfile#$PREFIX/}"
@@ -380,7 +381,7 @@ cmd_grep() {
cmd_insert() {
local opts multiline=0 noecho=1 force=0
- opts="$($GETOPT -o mef -l multiline,echo,force -n "$PROGRAM" -- "$@")"
+ opts="$(getopt -o mef -l multiline,echo,force -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
@@ -406,7 +407,7 @@ cmd_insert() {
if [[ $multiline -eq 1 ]]; then
echo "Enter contents of $path and press Ctrl+D when finished:"
echo
- $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS
+ gpg -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS
elif [[ $noecho -eq 1 ]]; then
local password password_again
while true; do
@@ -415,7 +416,7 @@ cmd_insert() {
read -r -p "Retype password for $path: " -s password_again || exit 1
echo
if [[ $password == "$password_again" ]]; then
- $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS <<<"$password"
+ gpg -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS <<<"$password"
break
else
echo "Error: the entered passwords do not match."
@@ -424,7 +425,7 @@ cmd_insert() {
else
local password
read -r -p "Enter password for $path: " -e password
- $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS <<<"$password"
+ gpg -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS <<<"$password"
fi
git_add_file "$passfile" "Added given password for $path to store."
}
@@ -442,18 +443,18 @@ cmd_edit() {
local passfile="$PREFIX/$path.gpg"
local template="$PROGRAM.XXXXXXXXXXXXX"
- trap '$SHRED "$tmp_file"; rm -rf "$SECURE_TMPDIR" "$tmp_file"' INT TERM EXIT
+ trap 'shred "$tmp_file"; rm -rf "$SECURE_TMPDIR" "$tmp_file"' INT TERM EXIT
tmpdir #Defines $SECURE_TMPDIR
local tmp_file="$(TMPDIR="$SECURE_TMPDIR" mktemp -t "$template")"
local action="Added"
if [[ -f $passfile ]]; then
- $GPG -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
+ gpg -d -o "$tmp_file" $GPG_OPTS "$passfile" || exit 1
action="Edited"
fi
${EDITOR:-vi} "$tmp_file"
- while ! $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS "$tmp_file"; do
+ while ! gpg -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS "$tmp_file"; do
echo "GPG encryption failed. Retrying."
sleep 1
done
@@ -462,7 +463,7 @@ cmd_edit() {
cmd_generate() {
local opts clip=0 force=0 symbols="-y"
- opts="$($GETOPT -o ncf -l no-symbols,clip,force -n "$PROGRAM" -- "$@")"
+ opts="$(getopt -o ncf -l no-symbols,clip,force -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
@@ -491,7 +492,7 @@ cmd_generate() {
local pass="$(pwgen -s $symbols $length 1)"
[[ -n $pass ]] || exit 1
- $GPG -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS <<<"$pass"
+ gpg -e "${GPG_RECIPIENT_ARGS[@]}" -o "$passfile" $GPG_OPTS <<<"$pass"
git_add_file "$passfile" "Added generated password for $path to store."
if [[ $clip -eq 0 ]]; then
@@ -504,7 +505,7 @@ cmd_generate() {
cmd_delete() {
local opts recursive="" force=0
- opts="$($GETOPT -o rf -l recursive,force -n "$PROGRAM" -- "$@")"
+ opts="$(getopt -o rf -l recursive,force -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
@@ -542,7 +543,7 @@ cmd_copy_move() {
local opts move=1 force=0
[[ $1 == "copy" ]] && move=0
shift
- opts="$($GETOPT -o f -l force -n "$PROGRAM" -- "$@")"
+ opts="$(getopt -o f -l force -n "$PROGRAM" -- "$@")"
local err=$?
eval set -- "$opts"
while true; do case $1 in
diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh
@@ -31,5 +31,5 @@ tmpdir() {
mount -t hfs -o noatime -o nobrowse "$ramdisk_dev" "$SECURE_TMPDIR" || exit 1
}
-GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || echo /usr/local)/bin/getopt"
-SHRED="srm -f -z"
+alias getopt="command $(brew --prefix gnu-getopt 2>/dev/null || echo /usr/local)/bin/getopt"
+alias shred="command srm -f -z"
diff --git a/src/platform/freebsd.sh b/src/platform/freebsd.sh
@@ -1,5 +1,5 @@
# Copyright (C) 2012 Jonathan Chu <milki@rescomp.berkeley.edu>. All Rights Reserved.
# This file is licensed under the GPLv2+. Please see COPYING for more information.
-GETOPT="/usr/local/bin/getopt"
-SHRED="rm -P -f"
+alias getopt="command /usr/local/bin/getopt"
+alias shred="command rm -P -f"
diff --git a/tests/setup.sh b/tests/setup.sh
@@ -29,12 +29,13 @@ if [[ ! -e $PASS ]]; then
echo "Could not find password-store.sh"
exit 1
fi
+alias pass="command \"$PASS\""
# Note: the assumption is the test key is unencrypted.
export GNUPGHOME="$TEST_HOME/gnupg/"
chmod 700 "$GNUPGHOME"
-GPG="gpg"
-which gpg2 &>/dev/null && GPG="gpg2"
+alias gpg="command gpg"
+which gpg2 &>/dev/null && alias gpg="command gpg2"
# We don't want to use any running agent.
# We want an agent to appear to pass to be running.
@@ -46,4 +47,3 @@ KEY2="D774A374" # pass test key 2
KEY3="EB7D54A8" # pass test key 3
KEY4="E4691410" # pass test key 4
KEY5="39E5020C" # pass test key 5
-
diff --git a/tests/t0001-sanity-checks.sh b/tests/t0001-sanity-checks.sh
@@ -4,11 +4,11 @@ test_description='Sanity checks'
. ./setup.sh
test_expect_success 'Make sure we can run pass' '
- $PASS --help | grep "pass: the standard unix password manager"
+ pass --help | grep "pass: the standard unix password manager"
'
test_expect_success 'Make sure we can initialize our test store' '
- $PASS init $KEY1 &&
+ pass init $KEY1 &&
[[ -e "$PASSWORD_STORE_DIR/.gpg-id" ]] &&
[[ $(cat "$PASSWORD_STORE_DIR/.gpg-id") == "$KEY1" ]]
'
diff --git a/tests/t0010-generate-tests.sh b/tests/t0010-generate-tests.sh
@@ -4,9 +4,9 @@ test_description='Test generate'
. ./setup.sh
test_expect_success 'Test "generate" command' '
- $PASS init $KEY1 &&
- $PASS generate cred 19 &&
- [[ $($PASS show cred | wc -m) -eq 20 ]]
+ pass init $KEY1 &&
+ pass generate cred 19 &&
+ [[ $(pass show cred | wc -m) -eq 20 ]]
'
test_done
diff --git a/tests/t0020-show-tests.sh b/tests/t0020-show-tests.sh
@@ -4,13 +4,13 @@ test_description='Test show'
. ./setup.sh
test_expect_success 'Test "show" command' '
- $PASS init $KEY1 &&
- $PASS generate cred1 20 &&
- $PASS show cred1
+ pass init $KEY1 &&
+ pass generate cred1 20 &&
+ pass show cred1
'
test_expect_success 'Test "show" of nonexistant password' '
- test_must_fail $PASS show cred2
+ test_must_fail pass show cred2
'
test_done
diff --git a/tests/t0050-mv-tests.sh b/tests/t0050-mv-tests.sh
@@ -7,9 +7,9 @@ TEST_CRED="test_cred"
TEST_CRED_NEW="test_cred_new"
test_expect_success 'Test "mv" command' '
- $PASS init $KEY1 &&
- $PASS generate cred1 39 &&
- $PASS mv cred1 cred2 &&
+ pass init $KEY1 &&
+ pass generate cred1 39 &&
+ pass mv cred1 cred2 &&
[[ -e $PASSWORD_STORE_DIR/cred2.gpg && ! -e $PASSWORD_STORE_DIR/cred1.gpg ]]
'
diff --git a/tests/t0060-rm-tests.sh b/tests/t0060-rm-tests.sh
@@ -4,14 +4,14 @@ test_description='Test rm'
. ./setup.sh
test_expect_success 'Test "rm" command' '
- $PASS init $KEY1 &&
- $PASS generate cred1 43 &&
- echo "y" | $PASS rm cred1 &&
+ pass init $KEY1 &&
+ pass generate cred1 43 &&
+ echo "y" | pass rm cred1 &&
[[ ! -e $PASSWORD_STORE_DIR/cred1.gpg ]]
'
test_expect_success 'Test "rm" of non-existent password' '
- test_must_fail $PASS rm does-not-exist
+ test_must_fail pass rm does-not-exist
'
test_done
diff --git a/tests/t0100-insert-tests.sh b/tests/t0100-insert-tests.sh
@@ -4,9 +4,9 @@ test_description='Test insert'
. ./setup.sh
test_expect_success 'Test "insert" command' '
- $PASS init $KEY1 &&
- echo "Hello world" | $PASS insert -e cred1 &&
- [[ $($PASS show cred1) == "Hello world" ]]
+ pass init $KEY1 &&
+ echo "Hello world" | pass insert -e cred1 &&
+ [[ $(pass show cred1) == "Hello world" ]]
'
test_done
diff --git a/tests/t0200-edit-tests.sh b/tests/t0200-edit-tests.sh
@@ -4,12 +4,12 @@ test_description='Test edit'
. ./setup.sh
test_expect_success 'Test "edit" command' '
- $PASS init $KEY1 &&
- $PASS generate cred1 90 &&
+ pass init $KEY1 &&
+ pass generate cred1 90 &&
export FAKE_EDITOR_PASSWORD="big fat fake password" &&
export EDITOR="$TEST_HOME/fake-editor-change-password.sh" &&
- $PASS edit cred1 &&
- [[ $($PASS show cred1) == "$FAKE_EDITOR_PASSWORD" ]]
+ pass edit cred1 &&
+ [[ $(pass show cred1) == "$FAKE_EDITOR_PASSWORD" ]]
'
test_done
diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh
@@ -6,13 +6,13 @@ test_description='Reencryption consistency'
INITIAL_PASSWORD="will this password live? a big question indeed..."
canonicalize_gpg_keys() {
- $GPG --list-keys --keyid-format long "$@" | sed -n 's/sub *.*\/\([A-F0-9]\{16\}\) .*/\1/p' | sort -u
+ gpg --list-keys --keyid-format long "$@" | sed -n 's/sub *.*\/\([A-F0-9]\{16\}\) .*/\1/p' | sort -u
}
gpg_keys_from_encrypted_file() {
- $GPG -v --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | sort -u
+ gpg -v --list-only --keyid-format long "$1" 2>&1 | cut -d ' ' -f 5 | sort -u
}
gpg_keys_from_group() {
- local output="$($GPG --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)"
+ local output="$(gpg --list-config --with-colons | sed -n "s/^cfg:group:$1:\\(.*\\)/\\1/p" | head -n 1)"
local saved_ifs="$IFS"
IFS=";"
local keys=( $output )
@@ -21,75 +21,75 @@ gpg_keys_from_group() {
}
test_expect_success 'Setup initial key and git' '
- $PASS init $KEY1 && $PASS git init
+ pass init $KEY1 && pass git init
'
test_expect_success 'Root key encryption' '
- $PASS insert -e folder/cred1 <<<"$INITIAL_PASSWORD" &&
+ pass insert -e folder/cred1 <<<"$INITIAL_PASSWORD" &&
[[ $(canonicalize_gpg_keys "$KEY1") == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root single key' '
- $PASS init $KEY2 &&
+ pass init $KEY2 &&
[[ $(canonicalize_gpg_keys "$KEY2") == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root multiple key' '
- $PASS init $KEY2 $KEY3 $KEY1 &&
+ pass init $KEY2 $KEY3 $KEY1 &&
[[ $(canonicalize_gpg_keys $KEY2 $KEY3 $KEY1) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root multiple key with string' '
- $PASS init $KEY2 $KEY3 $KEY1 "pass test key 4" &&
+ pass init $KEY2 $KEY3 $KEY1 "pass test key 4" &&
[[ $(canonicalize_gpg_keys $KEY2 $KEY3 $KEY1 $KEY4) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root group' '
- $PASS init group1 &&
+ pass init group1 &&
[[ $(gpg_keys_from_group group1) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root group with spaces' '
- $PASS init "big group" &&
+ pass init "big group" &&
[[ $(gpg_keys_from_group "big group") == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root group with spaces and other keys' '
- $PASS init "big group" $KEY3 $KEY1 $KEY2 &&
+ pass init "big group" $KEY3 $KEY1 $KEY2 &&
[[ $(canonicalize_gpg_keys $KEY3 $KEY1 $KEY2 $(gpg_keys_from_group "big group")) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root group and other keys' '
- $PASS init group2 $KEY3 $KEY1 $KEY2 &&
+ pass init group2 $KEY3 $KEY1 $KEY2 &&
[[ $(canonicalize_gpg_keys $KEY3 $KEY1 $KEY2 $(gpg_keys_from_group group2)) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/folder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption root group to identical individual with no file change' '
oldfile="$SHARNESS_TRASH_DIRECTORY/$RANDOM.$RANDOM.$RANDOM.$RANDOM.$RANDOM" &&
- $PASS init group1 &&
+ pass init group1 &&
cp "$PASSWORD_STORE_DIR/folder/cred1.gpg" "$oldfile" &&
- $PASS init $KEY4 $KEY2 &&
+ pass init $KEY4 $KEY2 &&
test_cmp "$PASSWORD_STORE_DIR/folder/cred1.gpg" "$oldfile"
'
test_expect_success 'Reencryption subfolder multiple keys, copy' '
- $PASS init -p anotherfolder $KEY3 $KEY1 &&
- $PASS cp folder/cred1 anotherfolder/ &&
+ pass init -p anotherfolder $KEY3 $KEY1 &&
+ pass cp folder/cred1 anotherfolder/ &&
[[ $(canonicalize_gpg_keys $KEY1 $KEY3) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/anotherfolder/cred1.gpg")" ]]
'
test_expect_success 'Reencryption subfolder multiple keys, move, deinit' '
- $PASS init -p anotherfolder2 $KEY3 $KEY4 $KEY2 &&
- $PASS mv -f anotherfolder anotherfolder2/ &&
+ pass init -p anotherfolder2 $KEY3 $KEY4 $KEY2 &&
+ pass mv -f anotherfolder anotherfolder2/ &&
[[ $(canonicalize_gpg_keys $KEY1 $KEY3) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/anotherfolder2/anotherfolder/cred1.gpg")" ]] &&
- $PASS init -p anotherfolder2/anotherfolder "" &&
+ pass init -p anotherfolder2/anotherfolder "" &&
[[ $(canonicalize_gpg_keys $KEY3 $KEY4 $KEY2) == "$(gpg_keys_from_encrypted_file "$PASSWORD_STORE_DIR/anotherfolder2/anotherfolder/cred1.gpg")" ]]
'
#TODO: test with more varieties of move and copy!
test_expect_success 'Password lived through all transformations' '
- [[ $($PASS show anotherfolder2/anotherfolder/cred1) == "$INITIAL_PASSWORD" ]]
+ [[ $(pass show anotherfolder2/anotherfolder/cred1) == "$INITIAL_PASSWORD" ]]
'
test_expect_success 'Git picked up all changes throughout' '
