aboutsummaryrefslogtreecommitdiff
path: root/overlays/pass
diff options
context:
space:
mode:
Diffstat (limited to 'overlays/pass')
-rw-r--r--overlays/pass/default.nix8
-rw-r--r--overlays/pass/pass-fix-pass-init.patch42
-rw-r--r--overlays/pass/pass.json14
3 files changed, 64 insertions, 0 deletions
diff --git a/overlays/pass/default.nix b/overlays/pass/default.nix
new file mode 100644
index 0000000..df42cf1
--- /dev/null
+++ b/overlays/pass/default.nix
@@ -0,0 +1,8 @@
1self: super: {
2 pass = (super.pass.withExtensions (exts: [ exts.pass-otp ])).overrideAttrs (old:
3 self.mylibs.fetchedGit ./pass.json // {
4 patches = old.patches ++ [ ./pass-fix-pass-init.patch ];
5 }
6 );
7
8}
diff --git a/overlays/pass/pass-fix-pass-init.patch b/overlays/pass/pass-fix-pass-init.patch
new file mode 100644
index 0000000..10a76c1
--- /dev/null
+++ b/overlays/pass/pass-fix-pass-init.patch
@@ -0,0 +1,42 @@
1From 33e8f1cd0065639a948d7b5ba3f93d43bdf7f3be Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
3Date: Sun, 11 Nov 2018 19:47:33 +0100
4Subject: [PATCH] Fix pass init for some gpg keys
5
6This fixes the pass init for gpg keys which have their main key as
7encryption key. This may happen for instance with RSA keys and specific
8configuration.
9---
10 src/password-store.sh | 2 +-
11 tests/t0300-reencryption.sh | 2 +-
12 2 files changed, 2 insertions(+), 2 deletions(-)
13
14diff --git a/src/password-store.sh b/src/password-store.sh
15index d89d455..44d122e 100755
16--- a/src/password-store.sh
17+++ b/src/password-store.sh
18@@ -124,7 +124,7 @@ reencrypt_path() {
19 IFS=";" eval 'GPG_RECIPIENTS+=( $group )' # http://unix.stackexchange.com/a/92190
20 unset "GPG_RECIPIENTS[$index]"
21 done
22- gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/^sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
23+ gpg_keys="$($GPG $PASSWORD_STORE_GPG_OPTS --list-keys --with-colons "${GPG_RECIPIENTS[@]}" | sed -n 's/^[ps]ub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u)"
24 fi
25 current_keys="$(LC_ALL=C $GPG $PASSWORD_STORE_GPG_OPTS -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$passfile" 2>&1 | sed -n 's/^gpg: public key is \([A-F0-9]\+\)$/\1/p' | LC_ALL=C sort -u)"
26
27diff --git a/tests/t0300-reencryption.sh b/tests/t0300-reencryption.sh
28index 3c88987..57d873f 100755
29--- a/tests/t0300-reencryption.sh
30+++ b/tests/t0300-reencryption.sh
31@@ -7,7 +7,7 @@ cd "$(dirname "$0")"
32 INITIAL_PASSWORD="will this password live? a big question indeed..."
33
34 canonicalize_gpg_keys() {
35- $GPG --list-keys --with-colons "$@" | sed -n 's/sub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u
36+ $GPG --list-keys --with-colons "$@" | sed -n 's/[ps]ub:[^:]*:[^:]*:[^:]*:\([^:]*\):[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[^:]*:[a-zA-Z]*e[a-zA-Z]*:.*/\1/p' | LC_ALL=C sort -u
37 }
38 gpg_keys_from_encrypted_file() {
39 $GPG -v --no-secmem-warning --no-permission-warning --decrypt --list-only --keyid-format long "$1" 2>&1 | grep "public key is" | cut -d ' ' -f 5 | LC_ALL=C sort -u
40--
412.19.1
42
diff --git a/overlays/pass/pass.json b/overlays/pass/pass.json
new file mode 100644
index 0000000..a4638c1
--- /dev/null
+++ b/overlays/pass/pass.json
@@ -0,0 +1,14 @@
1{
2 "tag": "d29a389-master",
3 "meta": {
4 "name": "password-store",
5 "url": "https://git.zx2c4.com/password-store/",
6 "branch": "master"
7 },
8 "git": {
9 "url": "https://git.zx2c4.com/password-store/",
10 "rev": "d29a389a40524c684595f51bb937f66958bc14ea",
11 "sha256": "17g43i0if9nggcq6005iyxxy9my8s15ihc2nzwjgqzhy3svh5xvn",
12 "fetchSubmodules": true
13 }
14}