diff options
Diffstat (limited to 'lib')
| -rwxr-xr-x | lib/keyringer/actions/edit | 21 | ||||
| -rwxr-xr-x | lib/keyringer/actions/encrypt | 4 | ||||
| -rwxr-xr-x | lib/keyringer/actions/find | 2 | ||||
| -rwxr-xr-x | lib/keyringer/functions | 4 | 
4 files changed, 24 insertions, 7 deletions
| diff --git a/lib/keyringer/actions/edit b/lib/keyringer/actions/edit index ff220a1..3ccf977 100755 --- a/lib/keyringer/actions/edit +++ b/lib/keyringer/actions/edit @@ -38,12 +38,27 @@ fi  # Prompt  echo "Press any key to open the decrypted data with $APP, Ctrl-C to abort" -echo "WARNING: please make sure that $APP doesn't leak data to external applications os files" -read key +echo "WARNING: please make sure that $APP doesn't leak data to external applications or files" +echo "Press ENTER to continue" +read -s key  $APP "$TMPWORK" +# Wait for background process to finish +wait + +# Workaround for some applications running in client/server mode, handling open file requests +# to a daemon and exiting immediatelly, making keyringer guess the editing is over and the file +# must be encrypted again (See #49). +# +# Thus, we cannot just wipe the file and exit keyringer, as the user might have a buffered copy +# of the unencrypted file in the application, which can lead to information leakage if the user +# saves the file and leaves the editor. +echo "Press any key when done using the file and you're sure that $APP is closed." +read -s -n 1 +  # Encrypt again -$GPG --yes -o "$KEYDIR/$FILE" --use-agent --armor -e -s $(keyringer_recipients "$RECIPIENTS_FILE") "$TMPWORK" +export KEYRINGER_ADD_EXTENSION=false +keyringer_exec encrypt "$BASEDIR" "$FILE" "$TMPWORK"  # Check exit status  errcrypt="$?" diff --git a/lib/keyringer/actions/encrypt b/lib/keyringer/actions/encrypt index e9bf453..7415267 100755 --- a/lib/keyringer/actions/encrypt +++ b/lib/keyringer/actions/encrypt @@ -57,9 +57,11 @@ if [ ! -z "$3" ]; then      #      # Useful when opening files and the application needs the      # extension to guess the file type. -    if ! echo $BASEPATH | grep -q -e "\.$EXTENSION$"; then +    if [ "$KEYRINGER_ADD_EXTENSION" != "false" ] && ! echo $BASEPATH | grep -q -e "\.$EXTENSION$"; then        echo "Appending '$EXTENSION' into secret name..."        FILE="$BASEPATH.$EXTENSION" +    else +      FILE="$BASEPATH"      fi    else      FILE="$BASEPATH" diff --git a/lib/keyringer/actions/find b/lib/keyringer/actions/find index 21afc7a..9b18d66 100755 --- a/lib/keyringer/actions/find +++ b/lib/keyringer/actions/find @@ -15,5 +15,5 @@ shift  ARGS="`echo "$*" | sed -e "s|^/*||"`"  # Run find command -cd "$KEYDIR/$RELATIVE_PATH" && find -iname "*$ARGS*" | sed -e 's|^./||g' +cd "$KEYDIR/$RELATIVE_PATH" && find | grep -i "$ARGS" | sed -e 's|^./||g'  cd "$CWD" diff --git a/lib/keyringer/functions b/lib/keyringer/functions index ad18f44..50d01db 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -287,7 +287,7 @@ function keyringer_set_env {    # Avoid viminfo, see https://keyringer.pw/trac/ticket/50    if $EDITOR --help | grep -q -e "^VIM"; then      if ! echo $EDITOR | grep -q -- "-i NONE"; then -      EDITOR="$EDITOR -i NONE" +      EDITOR="$EDITOR -i NONE '+set nowritebackup' '+set nobackup'"      fi    fi @@ -436,7 +436,7 @@ function keyringer_get_file {    elif [ ! -f "$KEYDIR/$FILE" ]; then      # Try to find a similar file      count=0 -    candidates=(`keyringer_exec find "$BASEDIR" "$1*.asc"`) +    candidates=(`keyringer_exec find "$BASEDIR" | grep -i "$1" | grep -e '.asc$'`)      if [ ! -z "$candidates" ]; then        echo "Could not find exact match for \"$1\", please choose one of the following secrets:" | 
