Since gopass 1.10, reading secrets via "gopass <secret-name>" will yield a deprecation
warning which _run_pass() will stumble over. As it turns out - even "pass" can be called
with "pass show <secret-name>", so the fix will be compatible with both gopass and pass.
Refs #5690
Currently qute-pass works only if PASSWORD_STORE_DIR is not ending by
slash character (on unix).
find_pass_candidates compute pass_path = path[len(password_store_path)+1:]
where +1 is used to count an extra slash.
So if PASSWORD_STORE_DIR ends by slash we count it twice, leading to
failure.
Signed-off-by: Abdel Benamrouche <abdel@unxp.fr>
The new CLI-switch --mode makes qute-pass compatible with the gopass
password store (https://github.com/gopasspw/gopass). While gopass itself is
mostly compatible with pass, it offers the possibility to mount multiple shared
password stores. qute-pass way of just traversing PASSWORD_STORE_DIR won't help
in that case.
Closes#5142
Currently, qute-pass can only be used if the domain is either a public
domain (which means that its suffix needs to be included in the Public
Suffix List [PSL]), or if an IPv4 address is used.
Some uses might want to use qute-pass to login into the web interface of
their router, printer, NAS or other network-enabled device that is only
accessible from the local network. However, currently users to need
to remember or bookmark the IPv4 addresses of these devices.
If a local DNS server is used to assign domains like "mydevice.local" to
these devices, qute-pass won't work because all potential targets are
empty:
>>> tldextract.extract('https://mydevice.local')
ExtractResult(subdomain='mydevice', domain='local', suffix='')
>>> tldextract.extract('https://mydevice.local').fqdn
''
>>> tldextract.extract('https://mydevice.local').registered_domain
''
>>> tldextract.extract('https://mydevice.local').ipv4
''
This adds an additional potential target by joining subdomain and domain
if (and only if) the suffix is empty.
when using the 'username-taget secret' option, the supplied
regex 'username-pattern' will only scan the first line of the
secret file.
you could specify a username-pattern with '\n', but this will
break if the position of the username is not consistent.
this change will implement re.search and the re.MULTILINE
option to search every line in a secrect file.
example:
--secret file
my_secret_password
username: my_username
--secret file
spawn --userscript qute-pass --username-target secret --username-pattern "^username: (.*)"
Florian Bruhin
Timothy DeHerrera
Joakim Klevmo Hansen
Sebastian Schulze
Jan Knížek
Abdel Benamrouche
Fredrik Lönnegren
lufte
Jan Holthuis
Brian Clemens
jtyers
wildente
cryzed
murchik