search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
scan: Added support for lastfm, fixed gui invocation, fixed utf8 title issues.
[clive-utils.git] / clivepass
blob3044a203af623804edf7bb6246cbc552a8c159e0
1 #!/usr/bin/env perl
2 # -*- coding: ascii -*-
3 ###########################################################################
4 # clivepass, the login password utility for clive
5 # Copyright (C) 2008 Toni Gundogdu.
6 #
7 # This file is part of clive-utils.
8 #
9 # clivepass is free software: you can redistribute it and/or modify
10 # it under the terms of the GNU General Public License as published by
11 # the Free Software Foundation, either version 3 of the License, or
12 # (at your option) any later version.
13 #
14 # clivepass is distributed in the hope that it will be useful,
15 # but WITHOUT ANY WARRANTY; without even the implied warranty of
16 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 # GNU General Public License for more details.
18 #
19 # You should have received a copy of the GNU General Public License
20 # along with clivepass. If not, see <http://www.gnu.org/licenses/>.
21 ###########################################################################
22
23 # Keep it simple.
24
25 use warnings;
26 use strict;
27
28 binmode(STDOUT, ":utf8");
29
30 use Crypt::PasswdMD5;
31 use Crypt::Twofish2;
32 use Config::Tiny;
33 use Crypt::Salt;
34 # Core modules:
35 use Digest::MD5 qw(md5_hex);
36 use MIME::Base64;
37 use Getopt::Long qw(:config bundling);
38 use File::Spec;
39 use File::Find;
40 use File::Path;
41 use Pod::Usage;
42 use Encode;
43
44 my $VERSION = "2.0.0";
45 my $CONFIGDIR = $ENV{CLIVEPASS_CONFIGDIR}
46 || File::Spec->catfile($ENV{HOME}, ".config/clivepass");
47 my $PASSWDFILE = File::Spec->catfile($CONFIGDIR, "passwd");
48
49 my %opts;
50 GetOptions(\%opts,
51 'create|c', 'add|a=s', 'get|g=s', 'edit|e=s', 'delete|d=s',
52 'show|s', 'manual|m', 'help|h', 'version|v' => \&print_version,
53 ) or pod2usage(1);
54
55 pod2usage(-exitstatus => 0, -verbose => 1) if $opts{help};
56 pod2usage(-exitstatus => 0, -verbose => 2) if $opts{manual};
57
58 main();
59
60 sub main {
61 mkpath( [$CONFIGDIR], 1, 0700 );
62
63 if ( $opts{add} ) { add_login(); }
64 elsif ( $opts{create} ) { create_passwd(); }
65 elsif ( $opts{edit} ) { edit_login(); }
66 elsif ( $opts{delete} ) { delete_login(); }
67 elsif ( $opts{get} ) { get_login(); }
68 elsif ( $opts{show} ) { show_logins(); }
69 else {
70 pod2usage(-exitstatus => 0, -verbose => 1);
71 }
72 }
73
74 sub create_passwd {
75 if ( -e $PASSWDFILE ) {
76 print "WARN: $PASSWDFILE exists already.\n"
77 . "WARN: You are about to overwrite the existing file.\n"
78 . "WARN: Hit ctrl-c now if that's not your intention.\n";
79 }
80 print "Creating $PASSWDFILE.\n";
81
82 my ($phrase, $again);
83 $phrase = getpass("Enter a new passphrase: ") while ( ! $phrase );
84 print "WARN: Consider using a longer passphrase.\n"
85 if ( length($phrase) < 8 );
86 $again = getpass("Re-enter the passphrase: ") while ( ! $again );
87
88 print STDERR "error: passphrases did not match\n" and exit
89 unless $phrase eq $again;
90
91 my $passwd = Config::Tiny->new;
92 $passwd->{_}->{phrase} = unix_md5_crypt($phrase, salt(8));
93 $passwd->write($PASSWDFILE);
94
95 return ( passwd => $passwd, phrase => $phrase );
96 }
97
98 sub verify_phrase {
99 my ($phrase_hash) = @_;
100
101 print STDERR "error: $PASSWDFILE: phrase hash not found\n" and exit
102 unless $phrase_hash;
103
104 my $phrase;
105 $phrase = getpass("Enter passphrase: ") while ( ! $phrase );
106
107 if ( unix_md5_crypt($phrase, $phrase_hash) ne $phrase_hash ) {
108 print STDERR "error: invalid passphrase\n";
109 exit;
110 }
111 return $phrase;
112 }
113
114 sub get_key {
115 my ($dupl_user) = @_;
116
117 print STDERR "error: $PASSWDFILE does not exist, use --create\n"
118 and exit if ( ! -e $PASSWDFILE );
119
120 my $passwd = Config::Tiny->read($PASSWDFILE);
121
122 if ( $dupl_user ) {
123 my ($id, $pwd) = lookup_login($passwd, $dupl_user);
124 print STDERR qq/error: login with the "$dupl_user" /
125 . "username exists already\n" and exit if $pwd;
126 }
127
128 my $phrase = verify_phrase($passwd->{_}->{phrase});
129 my $key = md5_hex($phrase);
130
131 return ($key, $passwd);
132 }
133
134
135 sub getpass {
136 if ( -t STDOUT ) {
137 system "stty -echo";
138 print shift;
139 }
140 chomp(my $passwd = <STDIN>);
141
142 if ( -t STDOUT ) {
143 print "\n";
144 system "stty echo";
145 }
146 return $passwd;
147 }
148
149 sub new_login {
150 my ($key, $passwd, $user) = @_;
151
152 my ($pwd, $again);
153 $pwd = getpass("Enter password for $user: ") while ( ! $pwd );
154 $again = getpass("Re-enter the password: ") while ( ! $again );
155
156 print STDERR "error: passwords did not match\n" and exit
157 unless $pwd eq $again;
158
159 my $c = Crypt::Twofish2->new($key, Crypt::Twofish2::MODE_CBC);
160
161 $passwd->{login}->{$user} =
162 encode_base64( $c->encrypt( pack('a16',$pwd) ) );
163
164 $passwd->write($PASSWDFILE);
165 }
166
167 sub add_login {
168 my ($key, $passwd) = get_key($opts{add});
169 new_login($key, $passwd, $opts{add});
170 }
171
172 sub edit_login {
173 my ($key, $passwd) = get_key();
174 my ($id, $pwd) = lookup_login($passwd, $opts{edit});
175
176 print STDERR qq/error: no such login with the "$opts{edit}" /
177 . "username exists\n" and exit unless $pwd;
178
179 print "WARN: Changing password for the login "
180 . qq/with the username "$id".\n/;
181
182 new_login($key, $passwd, $id);
183 }
184
185 sub get_login {
186 my ($key, $passwd) = get_key();
187 my ($id, $pwd) = lookup_login($passwd, $opts{get});
188
189 print STDERR qq/error: no such login with the "$opts{get}" /
190 . "username exists\n" and exit unless $pwd;
191
192 my $c = Crypt::Twofish2->new($key, Crypt::Twofish2::MODE_CBC);
193 print "login: " .$opts{get}."=". $c->decrypt(decode_base64($pwd)) ."\n";
194 }
195
196 sub show_logins {
197 my $passwd = Config::Tiny->read($PASSWDFILE);
198 foreach ( $passwd->{login} ) {
199 while ( my ($id, $pwd) = each(%{$_}) ) {
200 printf "%20s = %-32s\n", $id, $pwd;
201 }
202 }
203 }
204
205 sub delete_login {
206 my ($key, $passwd) = get_key();
207 my ($id, $pwd) = lookup_login($passwd, $opts{delete});
208
209 print STDERR qq/error: no such login with the "$opts{delete}" /
210 . "username exists\n" and exit unless $pwd;
211
212 print "WARN: About to delete the login with the username "
213 . qq/"$id".\n/ ."> Confirm delete (y/N): ";
214
215 chomp(my $confirm = <STDIN>);
216 exit unless $confirm eq "y";
217
218 delete $passwd->{login}->{$id};
219 $passwd->write($PASSWDFILE);
220 }
221
222 sub lookup_login {
223 my ($passwd, $user) = @_;
224
225 foreach ( $passwd->{login} ) {
226 while ( my ($id, $pwd) = each(%{$_}) ) {
227 if ( $id eq $user ) {
228 return ($id,$pwd);
229 }
230 }
231 }
232 }
233
234 sub print_version {
235 my $perl_v = sprintf "%vd", $^V;
236 print
237 "clivepass version $VERSION. Copyright (C) 2008 Toni Gundogdu.
238
239 Perl: $perl_v ($^O)
240 Modules:
241 * Crypt::PasswdMD5/$Crypt::PasswdMD5::VERSION\t* Crypt::Twofish2/$Crypt::Twofish2::VERSION
242 * Crypt::Salt/$Crypt::Salt::VERSION\t\t* Config::Tiny/$Config::Tiny::VERSION
243
244 Core modules:
245 * Getopt::Long/$Getopt::Long::VERSION\t\t* Encode/$Encode::VERSION
246 * File::Spec/$File::Spec::VERSION\t\t* File::Find/$File::Find::VERSION
247 * Pod::Usage/$Pod::Usage::VERSION\t\t* Digest::MD5/$Digest::MD5::VERSION
248 * MIME::Base64/$MIME::Base64::VERSION
249
250 This program comes with ABSOLUTELY NO WARRANTY. You may redistribute copies of
251 clivepass under the terms of the GNU General Public License as published by the
252 Free Software Foundation, either version 3 of the License, or (at your option)
253 any later version. You should have received a copy of the General Public License
254 along with this program. If not, see http://www.gnu.org/licenses/.
255 "; exit;
256 }
257
258 __END__
259
260 =head1 NAME
261
262 clivepass - the login password utility for clive
263
264 =head1 SYNOPSIS
265
266 clivepass [option]...
267
268 =head1 DESCRIPTION
269
270 clivepass is an utility that can be used to create and change passwords
271 for websites used by L<clive(1)>. The passwords are encrypted and saved
272 along with the username information. Access is restricted by using a
273 global passphrase.
274
275 Historically, a similar utility, clive-passwd, was part of clive 1.x but
276 was written in Python instead of Perl.
277
278 =head1 OPTIONS
279
280 B<Basic Options>
281
282 =over 4
283
284 =item B<-h --help>
285
286 Show help and exit.
287
288 =item B<-v --version>
289
290 Show version and exit.
291
292 =item B<-c --create>
293
294 Create a new passwd file. See also L</FILES>.
295
296 =item B<-a --add=>I<username>
297
298 Add a new login with the I<username>.
299
300 =item B<-e --edit=>I<username>
301
302 Change login password for I<username>.
303
304 =item B<-g --get=>I<username>
305
306 Print the decrypted login password for the I<username>
307 to STDOUT.
308
309 =item B<-s --show>
310
311 Show all saved login usernames with encrypted passwords.
312
313 =item B<-d --delete=>I<username>
314
315 Delete the login with the I<username>.
316
317 =back
318
319 =head1 EXAMPLES
320
321 =over 4
322
323 =item % clivepass -a myusername
324
325 =item % clivepass -g myusername
326
327 =back
328
329 =head1 FILES
330
331 By default, clivepass searches the ~/.config/clivepass directory for the
332 password file. The B<CLIVEPASS_CONFIGDIR> environment variable can be used
333 to override this behaviour.
334
335 =over 4
336
337 =item ~/.config/clivepass/passwd
338
339 Password file. Contains the salted passphrase hash and login usernames and
340 encrypted passwords.
341
342 =head1 SEE ALSO
343
344 L<clive(1)> L<clivescan(1)> L<clivefeed(1)>
345
346 =head1 OTHER
347
348 Project: http://googlecode.com/p/clive-utils/
349
350 A clive-utils development repository can be obtained from:
351
352 % git clone git://repo.or.cz/clive-utils.git
353
354 Patches welcome.
355
356 =head1 AUTHOR
357
358 Written by Toni Gundogdu <legatvs@gmail.com>
359
360 =cut
Misc. utils for clive