Import password-store-1.6.5.

Lightweight commandline-based password manager. Uses pwgen, gpg and git to generate, securely store, synchronize and show stored passwords. from David Dahlberg; thanks! ok zhuk@
2016-01-21 10:52:57 +00:00 · 2016-01-21 10:52:57 +00:00 · dd265ba133
commit dd265ba133
parent f26f55591e
8 changed files with 346 additions and 0 deletions
--- a/security/password-store/Makefile
+++ b/security/password-store/Makefile
@ -0,0 +1,61 @@
+# $OpenBSD: Makefile,v 1.1.1.1 2016/01/21 10:52:57 bentley Exp $
+
+COMMENT =	simple password store
+
+DISTNAME =	password-store-1.6.5
+CATEGORIES =	security
+
+HOMEPAGE =	http://www.passwordstore.org/
+
+MAINTAINER =	David Dahlberg <david+bsd@dahlberg.cologne>
+
+# GPLv2+
+PERMIT_PACKAGE_CDROM =	Yes
+
+MASTER_SITES =	http://git.zx2c4.com/password-store/snapshot/
+EXTRACT_SUFX =	.tar.xz
+
+RUN_DEPENDS =	converters/base64 \
+		misc/gnugetopt \
+		security/gnupg \
+		security/pwgen \
+		shells/bash \
+		sysutils/colortree \
+		x11/xclip
+TEST_DEPENDS =	${RUN_DEPENDS}
+
+USE_GMAKE =	Yes
+FAKE_FLAGS =	PREFIX=${PREFIX} MANDIR=${PREFIX}/man
+
+NO_BUILD =	Yes
+
+post-extract:
+		@cp ${FILESDIR}/openbsd.sh ${WRKDIST}/src/platform
+
+post-install:
+		${INSTALL_DATA_DIR} \
+			${PREFIX}/share/{examples,doc}/password-store
+		${INSTALL_DATA} \
+			${WRKDIST}/COPYING ${PREFIX}/share/doc/password-store/
+		${INSTALL_DATA} ${WRKDIST}/README \
+			${PREFIX}/share/doc/password-store/
+		${INSTALL_DATA} ${WRKDIST}/contrib/*.txt \
+			${PREFIX}/share/doc/password-store/
+		${INSTALL_DATA_DIR} \
+			${PREFIX}/share/examples/password-store/completion \
+			${PREFIX}/share/examples/password-store/dmenu \
+			${PREFIX}/share/examples/password-store/emacs \
+			${PREFIX}/share/examples/password-store/importers \
+			${PREFIX}/share/zsh/site-functions/
+		${INSTALL_DATA} ${WRKDIST}/src/completion/* \
+			${PREFIX}/share/examples/password-store/completion/
+		${INSTALL_DATA} ${WRKDIST}/src/completion/pass.zsh-completion \
+			${PREFIX}/share/zsh/site-functions/_pass
+		${INSTALL_DATA} ${WRKDIST}/contrib/dmenu/* \
+			${PREFIX}/share/examples/password-store/dmenu/
+		${INSTALL_DATA} ${WRKDIST}/contrib/emacs/* \
+			${PREFIX}/share/examples/password-store/emacs/
+		${INSTALL_DATA} ${WRKDIST}/contrib/importers/* \
+			${PREFIX}/share/examples/password-store/importers/
+
+.include <bsd.port.mk>
--- a/security/password-store/distinfo
+++ b/security/password-store/distinfo
@ -0,0 +1,2 @@
+SHA256 (password-store-1.6.5.tar.xz) = M3o5dn5qjmmyvMVJ8n/zkV76zqV+UzTGBo/LcjMdcxU=
+SIZE (password-store-1.6.5.tar.xz) = 54576
--- a/security/password-store/files/openbsd.sh
+++ b/security/password-store/files/openbsd.sh
@ -0,0 +1,51 @@
+# Copyright (C) 2015 David Dahlberg <david+openbsd.org>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+
+tmpdir() {
+	[[ -n $SECURE_TMPDIR ]] && return
+	local warn=1
+	[[ $1 == "nowarn" ]] && warn=0
+	local template="$PROGRAM.XXXXXXXXXXXXX"
+	if [ "`sysctl -n kern.usermount`" == 1 ]; then
+		SECURE_TMPDIR="$(mktemp -d "${TMPDIR:-/tmp}/$template")"
+		mount -t tmpfs -o -s16M tmpfs "$SECURE_TMPDIR" \
+			|| die "Error: could not create tmpfs."
+		unmount_tmpdir() {
+			[[ -n $SECURE_TMPDIR && -d $SECURE_TMPDIR ]] || return
+			umount "$SECURE_TMPDIR"
+			rm -rf "$SECURE_TMPDIR"
+		}
+		trap unmount_tmpdir INT TERM EXIT
+	else
+		[[ $warn -eq 1 ]] && yesno "$(cat <<-_EOF
+		The sysctl kern.usermount is disabled, therefore it is not
+		possible to create a tmpfs for temporary storage of files 
+		in memory. 
+		This means that it may be difficult to entirely erase 
+		the temporary non-encrypted password file after editing. 
+
+		Are you sure you would like to continue?
+		_EOF
+		)"
+		SECURE_TMPDIR="$(mktemp -d "${TMPDIR:-/tmp}/$template")"
+		shred_tmpfile() {
+			find "$SECURE_TMPDIR" -type f -exec $SHRED {} +
+			rm -rf "$SECURE_TMPDIR"
+		}
+		trap shred_tmpfile INT TERM EXIT
+	fi
+}
+
+GETOPT="gnugetopt"
+SHRED="rm -P -f"
--- a/security/password-store/patches/patch-Makefile
+++ b/security/password-store/patches/patch-Makefile
@ -0,0 +1,41 @@
+$OpenBSD: patch-Makefile,v 1.1.1.1 2016/01/21 10:52:57 bentley Exp $
+--- Makefile.orig	Tue Jul  1 10:42:26 2014
+++ Makefile	Thu Dec 11 13:57:01 2014
+@@ -29,28 +29,28 @@ all:
+ 	@echo "Password store is a shell script, so there is nothing to do. Try \"make install\" instead."
+ 
+ install-common:
+-	@install -v -d "$(DESTDIR)$(MANDIR)/man1" && install -m 0644 -v man/pass.1 "$(DESTDIR)$(MANDIR)/man1/pass.1"
+	install -d "$(DESTDIR)$(MANDIR)/man1" && install -m 0644 man/pass.1 "$(DESTDIR)$(MANDIR)/man1/pass.1"
+ 
+-	@[ "$(FORCE_BASHCOMP)" = "1" ] && install -v -d "$(BASHCOMP_PATH)" && install -m 0644 -v src/completion/pass.bash-completion "$(BASHCOMP_PATH)/pass" || true
+-	@[ "$(FORCE_ZSHCOMP)" = "1" ] && install -v -d "$(ZSHCOMP_PATH)" && install -m 0644 -v src/completion/pass.zsh-completion "$(ZSHCOMP_PATH)/_pass" || true
+-	@[ "$(FORCE_FISHCOMP)" = "1" ] && install -v -d "$(FISHCOMP_PATH)" && install -m 0644 -v src/completion/pass.fish-completion "$(FISHCOMP_PATH)/pass.fish" || true
+	[ "$(FORCE_BASHCOMP)" = "1" ] && install -d "$(BASHCOMP_PATH)" && install -m 0644 src/completion/pass.bash-completion "$(BASHCOMP_PATH)/pass" || true
+	[ "$(FORCE_ZSHCOMP)" = "1" ] && install -d "$(ZSHCOMP_PATH)" && install -m 0644 src/completion/pass.zsh-completion "$(ZSHCOMP_PATH)/_pass" || true
+	[ "$(FORCE_FISHCOMP)" = "1" ] && install -d "$(FISHCOMP_PATH)" && install -m 0644 src/completion/pass.fish-completion "$(FISHCOMP_PATH)/pass.fish" || true
+ 
+ 
+ ifneq ($(strip $(wildcard $(PLATFORMFILE))),)
+ install: install-common
+-	@install -v -d "$(DESTDIR)$(LIBDIR)/password-store" && install -m 0644 -v "$(PLATFORMFILE)" "$(DESTDIR)$(LIBDIR)/password-store/platform.sh"
+-	@install -v -d "$(DESTDIR)$(BINDIR)/"
+-	sed 's:.*PLATFORM_FUNCTION_FILE.*:source "$(DESTDIR)$(LIBDIR)/password-store/platform.sh":' src/password-store.sh > "$(DESTDIR)$(BINDIR)/pass"
+	install -d "$(DESTDIR)$(LIBDIR)/password-store" && install -m 0644 "$(PLATFORMFILE)" "$(DESTDIR)$(LIBDIR)/password-store/platform.sh"
+	install -d "$(DESTDIR)$(BINDIR)/"
+	sed 's:.*PLATFORM_FUNCTION_FILE.*:source "$(LIBDIR)/password-store/platform.sh":' src/password-store.sh > "$(DESTDIR)$(BINDIR)/pass"
+ 	@chmod 0755 "$(DESTDIR)$(BINDIR)/pass"
+ else
+ install: install-common
+-	@install -v -d "$(DESTDIR)$(BINDIR)/"
+	install -d "$(DESTDIR)$(BINDIR)/"
+ 	sed '/PLATFORM_FUNCTION_FILE/d' src/password-store.sh > "$(DESTDIR)$(BINDIR)/pass"
+ 	@chmod 0755 "$(DESTDIR)$(BINDIR)/pass"
+ endif
+ 
+ uninstall:
+-	@rm -vrf \
+	rm -rf \
+ 		"$(DESTDIR)$(BINDIR)/pass" \
+ 		"$(DESTDIR)$(LIBDIR)/password-store/" \
+ 		"$(DESTDIR)$(MANDIR)/man1/pass.1" \
--- a/security/password-store/patches/patch-man_pass_1
+++ b/security/password-store/patches/patch-man_pass_1
@ -0,0 +1,32 @@
+$OpenBSD: patch-man_pass_1,v 1.1.1.1 2016/01/21 10:52:57 bentley Exp $
+--- man/pass.1.orig	Wed Jan 28 17:43:02 2015
+++ man/pass.1	Mon Dec 28 14:52:32 2015
+@@ -71,7 +71,7 @@ unspecified) is removed.
+ List names of passwords inside the tree at
+ .I subfolder
+ by using the
+-.BR tree (1)
+.BR colortree (1)
+ program. This command is alternatively named \fBlist\fP.
+ .TP
+ \fBgrep\fP \fIsearch-string\fP
+@@ -83,7 +83,7 @@ options.
+ .TP
+ \fBfind\fP \fIpass-names\fP...
+ List names of passwords inside the tree that match \fIpass-names\fP by using the
+-.BR tree (1)
+.BR colortree (1)
+ program. This command is alternatively named \fBsearch\fP.
+ .TP
+ \fBshow\fP [ \fI--clip\fP, \fI-c\fP ] \fIpass-name\fP
+@@ -107,8 +107,8 @@ Insert a new password or edit an existing password usi
+ by the environment variable \fIEDITOR\fP or using
+ .BR vi (1)
+ as a fallback. This mode makes use of temporary files for editing, but care is taken to
+-ensure that temporary files are created in \fI/dev/shm\fP in order to avoid writing to
+-difficult-to-erase disk sectors. If \fI/dev/shm\fP is not accessible, fallback to
+ensure that temporary files are created in a \fItmpfs\fP in order to avoid writing to
+difficult-to-erase disk sectors. If mounting a \fItmpfs\fP is not possible, fallback to
+ the ordinary \fITMPDIR\fP location, and print a warning.
+ .TP
+ \fBgenerate\fP [ \fI--no-symbols\fP, \fI-n\fP ] [ \fI--clip\fP, \fI-c\fP ] [ \fI--in-place\fP, \fI-i\fP | \fI--force\fP, \fI-f\fP ] \fIpass-name pass-length\fP
--- a/security/password-store/patches/patch-src_password-store_sh
+++ b/security/password-store/patches/patch-src_password-store_sh
@ -0,0 +1,121 @@
+$OpenBSD: patch-src_password-store_sh,v 1.1.1.1 2016/01/21 10:52:57 bentley Exp $
+--- src/password-store.sh.orig	Wed Jan 28 17:43:02 2015
+++ src/password-store.sh	Mon Dec 28 13:07:08 2015
+@@ -275,14 +275,14 @@ cmd_init() {
+ 
+ 	if [[ $# -eq 1 && -z $1 ]]; then
+ 		[[ ! -f "$gpg_id" ]] && die "Error: $gpg_id does not exist and so cannot be removed."
+-		rm -v -f "$gpg_id" || exit 1
+		rm -f "$gpg_id" || exit 1
+ 		if [[ -d $GIT_DIR ]]; then
+ 			git rm -qr "$gpg_id"
+ 			git_commit "Deinitialize ${gpg_id}."
+ 		fi
+ 		rmdir -p "${gpg_id%/*}" 2>/dev/null
+ 	else
+-		mkdir -v -p "$PREFIX/$id_path"
+		mkdir -p "$PREFIX/$id_path"
+ 		printf "%s\n" "$@" > "$gpg_id"
+ 		local id_print="$(printf "%s, " "$@")"
+ 		echo "Password store initialized for ${id_print%, }"
+@@ -322,7 +322,11 @@ cmd_show() {
+ 		else
+ 			echo "${path%\/}"
+ 		fi
+-		tree -C -l --noreport "$PREFIX/$path" | tail -n +2 | sed 's/\.gpg\(\x1B\[[0-9]\+m\)\{0,1\}\( ->\|$\)/\1\2/g' # remove .gpg at end of line, but keep colors
+		# remove .gpg at end of line, but keep colors
+		colortree -C -l --noreport "$PREFIX/$path" \
+			| tail -n +2 \
+			| sed -e 's/\.gpg\(\x1B\[[0-9]\+m\)\{0,1\}\( ->\)/\1\2/g' \
+				-e 's/\.gpg\(\x1B\[[0-9]\+m\)\{0,1\}\($\)/\1\2/g'
+ 	elif [[ -z $path ]]; then
+ 		die "Error: password store is empty. Try \"pass init\"."
+ 	else
+@@ -334,14 +338,17 @@ cmd_find() {
+ 	[[ -z "$@" ]] && die "Usage: $PROGRAM $COMMAND pass-names..."
+ 	IFS="," eval 'echo "Search Terms: $*"'
+ 	local terms="*$(printf '%s*|*' "$@")"
+-	tree -C -l --noreport -P "${terms%|*}" --prune --matchdirs --ignore-case "$PREFIX" | tail -n +2 | sed 's/\.gpg\(\x1B\[[0-9]\+m\)\{0,1\}\( ->\|$\)/\1\2/g'
+	colortree -C -l --noreport -P "${terms%|*}" --prune --matchdirs --ignore-case "$PREFIX" \
+		| tail -n +2 \
+		| sed -e 's/\.gpg\(\x1B\[[0-9]\+m\)\{0,1\}\( ->\)/\1\2/g' \
+			-e 's/\.gpg\(\x1B\[[0-9]\+m\)\{0,1\}\($\)/\1\2/g'
+ }
+ 
+ cmd_grep() {
+ 	[[ $# -ne 1 ]] && die "Usage: $PROGRAM $COMMAND search-string"
+ 	local search="$1" passfile grepresults
+ 	while read -r -d "" passfile; do
+-		grepresults="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | grep --color=always "$search")"
+		grepresults="$($GPG -d "${GPG_OPTS[@]}" "$passfile" | grep "$search")"
+ 		[ $? -ne 0 ] && continue
+ 		passfile="${passfile%.gpg}"
+ 		passfile="${passfile#$PREFIX/}"
+@@ -372,7 +379,7 @@ cmd_insert() {
+ 
+ 	[[ $force -eq 0 && -e $passfile ]] && yesno "An entry already exists for $path. Overwrite it?"
+ 
+-	mkdir -p -v "$PREFIX/$(dirname "$path")"
+	mkdir -p "$PREFIX/$(dirname "$path")"
+ 	set_gpg_recipients "$(dirname "$path")"
+ 
+ 	if [[ $multiline -eq 1 ]]; then
+@@ -406,12 +413,12 @@ cmd_edit() {
+ 
+ 	local path="$1"
+ 	check_sneaky_paths "$path"
+-	mkdir -p -v "$PREFIX/$(dirname "$path")"
+	mkdir -p "$PREFIX/$(dirname "$path")"
+ 	set_gpg_recipients "$(dirname "$path")"
+ 	local passfile="$PREFIX/$path.gpg"
+ 
+ 	tmpdir #Defines $SECURE_TMPDIR
+-	local tmp_file="$(mktemp -u "$SECURE_TMPDIR/XXXXX")-${path//\//-}.txt"
+	local tmp_file="$(mktemp -u "$SECURE_TMPDIR/XXXXXX")-${path//\//-}.txt"
+ 
+ 
+ 	local action="Add"
+@@ -446,7 +453,7 @@ cmd_generate() {
+ 	local length="$2"
+ 	check_sneaky_paths "$path"
+ 	[[ ! $length =~ ^[0-9]+$ ]] && die "Error: pass-length \"$length\" must be a number."
+-	mkdir -p -v "$PREFIX/$(dirname "$path")"
+	mkdir -p "$PREFIX/$(dirname "$path")"
+ 	set_gpg_recipients "$(dirname "$path")"
+ 	local passfile="$PREFIX/$path.gpg"
+ 
+@@ -498,7 +505,7 @@ cmd_delete() {
+ 
+ 	[[ $force -eq 1 ]] || yesno "Are you sure you would like to delete $path?"
+ 
+-	rm $recursive -f -v "$passfile"
+	rm $recursive -f "$passfile"
+ 	if [[ -d $GIT_DIR && ! -e $passfile ]]; then
+ 		git rm -qr "$passfile"
+ 		git_commit "Remove $path from store."
+@@ -529,14 +536,14 @@ cmd_copy_move() {
+ 		[[ ! -f $old_path ]] && die "Error: $1 is not in the password store."
+ 	fi
+ 
+-	mkdir -p -v "${new_path%/*}"
+	mkdir -p "${new_path%/*}"
+ 	[[ -d $old_path || -d $new_path || $new_path =~ /$ ]] || new_path="${new_path}.gpg"
+ 
+ 	local interactive="-i"
+ 	[[ ! -t 0 || $force -eq 1 ]] && interactive="-f"
+ 
+ 	if [[ $move -eq 1 ]]; then
+-		mv $interactive -v "$old_path" "$new_path" || exit 1
+		mv $interactive "$old_path" "$new_path" || exit 1
+ 		[[ -e "$new_path" ]] && reencrypt_path "$new_path"
+ 
+ 		if [[ -d $GIT_DIR && ! -e $old_path ]]; then
+@@ -545,7 +552,7 @@ cmd_copy_move() {
+ 		fi
+ 		rmdir -p "$old_dir" 2>/dev/null
+ 	else
+-		cp $interactive -r -v "$old_path" "$new_path" || exit 1
+		cp $interactive -r "$old_path" "$new_path" || exit 1
+ 		[[ -e "$new_path" ]] && reencrypt_path "$new_path"
+ 		git_add_file "$new_path" "Copy ${1} to ${2}."
+ 	fi
--- a/security/password-store/pkg/DESCR
+++ b/security/password-store/pkg/DESCR
@ -0,0 +1,2 @@
+Lightweight commandline-based password manager. Uses pwgen, gpg and git to
+generate, securely store, synchronize and show stored passwords.
--- a/security/password-store/pkg/PLIST
+++ b/security/password-store/pkg/PLIST
@ -0,0 +1,36 @@
+@comment $OpenBSD: PLIST,v 1.1.1.1 2016/01/21 10:52:57 bentley Exp $
+bin/pass
+lib/password-store/
+lib/password-store/platform.sh
+@man man/man1/pass.1
+share/doc/password-store/
+share/doc/password-store/COPYING
+share/doc/password-store/README
+share/doc/password-store/related-projects.txt
+share/examples/password-store/
+share/examples/password-store/completion/
+share/examples/password-store/completion/pass.bash-completion
+@sample ${SYSCONFDIR}/bash_completion.d/pass-bash-completion.sh
+share/examples/password-store/completion/pass.fish-completion
+share/examples/password-store/completion/pass.zsh-completion
+share/examples/password-store/dmenu/
+share/examples/password-store/dmenu/README.md
+share/examples/password-store/dmenu/passmenu
+share/examples/password-store/emacs/
+share/examples/password-store/emacs/Cask
+share/examples/password-store/emacs/README.md
+share/examples/password-store/emacs/password-store.el
+share/examples/password-store/importers/
+share/examples/password-store/importers/1password2pass.rb
+share/examples/password-store/importers/fpm2pass.pl
+share/examples/password-store/importers/gorilla2pass.rb
+share/examples/password-store/importers/kedpm2pass.py
+share/examples/password-store/importers/keepass2pass.py
+share/examples/password-store/importers/keepassx2pass.py
+share/examples/password-store/importers/kwallet2pass.py
+share/examples/password-store/importers/lastpass2pass.rb
+share/examples/password-store/importers/pwsafe2pass.sh
+share/examples/password-store/importers/revelation2pass.py
+share/zsh/
+share/zsh/site-functions/
+share/zsh/site-functions/_pass