tAllow overwriting secret using -f - safe - password protected secret keeper
(HTM) git clone git://git.z3bra.org/safe.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 0f6635934701f13688f1cad6556e3953bfa0f1ee
(DIR) parent e10074b11c87d7259672b053b6664b9765901189
(HTM) Author: Willy Goiffon <contact@z3bra.org>
Date: Tue, 19 Apr 2022 11:43:15 +0200
Allow overwriting secret using -f
Diffstat:
M safe.1 | 11 ++++++++++-
M safe.c | 12 +++++++++---
2 files changed, 19 insertions(+), 4 deletions(-)
---
(DIR) diff --git a/safe.1 b/safe.1
t@@ -9,7 +9,7 @@
.Op Fl hr
.Op Fl p Ar prompt
.Op Fl s Ar safe
-.Op Fl a
+.Op Fl af
.Ar secret
.Sh DESCRIPTION
.Nm
t@@ -39,6 +39,15 @@ Set the path to your safe as
.It Fl a Ar secret
Encrypt stdin to your safe as
.Ar secret .
+Use
+.Fl f
+to overwrite an existing secret.
+.It Fl f
+Force writing to
+.Ar secret
+if it exists.
+Implies
+.Fl a .
.It Fl k
Prompt user for password using an external program (see: SAFE_ASKPASS).
.Sh AGENT
(DIR) diff --git a/safe.c b/safe.c
t@@ -42,7 +42,7 @@ char *argv0;
void
usage(void)
{
- fprintf(stderr, "usage: %s [-hr] [-s safe] [-p prompt] [[-a] entry]\n", argv0);
+ fprintf(stderr, "usage: %s [-hr] [-s safe] [-p prompt] [[-af] entry]\n", argv0);
exit(1);
}
t@@ -374,7 +374,8 @@ readsecret(struct safe *s, int in, int out)
int
main(int argc, char *argv[])
{
- int fd, haskey = 0, hasmaster = 1, aflag = 0, rflag = 0, kflag = 0, ttyfd;
+ int aflag = 0, rflag = 0, kflag = 0, fflag = 0;
+ int fd, haskey = 0, hasmaster = 1, ttyfd;
char *prompt, *secret, *sockp, *safe = SAFE;
struct safe s;
struct rlimit rlim;
t@@ -384,6 +385,9 @@ main(int argc, char *argv[])
prompt = "password:";
ARGBEGIN {
+ case 'f':
+ fflag = 1;
+ /* FALLTHROUGH */
case 'a':
aflag = 1;
break;
t@@ -509,7 +513,9 @@ main(int argc, char *argv[])
if (aflag) {
mkdir_p(dirname(secret), 0700);
- fd = open(secret, O_WRONLY | O_CREAT | O_EXCL, 0600);
+
+ /* Prevent overwriting unless fflag is set */
+ fd = open(secret, O_WRONLY | O_CREAT | (fflag ? 0 : O_EXCL), 0600);
if (fd < 0)
err(1, "%s", secret);