Index: kpw.d/kpw.c ================================================================== --- kpw.d/kpw.c +++ kpw.d/kpw.c @@ -10,10 +10,12 @@ * to STDIN of the binary that succeeds. * ? generates passwords * → kpw is unlikely to be portable to non-POSIX * systems, but should run fine on Linux as well * as BSDs with getrandom() support. + * → kpw has the following dependencies: + * - libsodium * ! for getrandom() to work with the version of * libc on my android phone, the getrandom() call * had to be converted to use the syscall() * interface. this is unlikely to cause problems, * but should be kept in mind. @@ -463,12 +465,14 @@ dbunlock(byte* priv_enc, byte* salt, byte* priv) { const size_t priv_sz = sizeof(key_priv); byte key [db_privkey_len]; /* is the private key loaded into memory? */ +#ifdef _SAVEKEY int shm = shmget(*((key_t*) salt), sizeof(key_priv), 0); if (shm == -1) { +#endif /* no key in memory - read password from stdin instead */ password dbpw; size_t pwlen; bad e = pwread(true, dbpw, &pwlen,_str("database key: ")); if (e != ok) return e; @@ -484,10 +488,11 @@ alert(a_debug, "attempting to decrypt private key"); for (size_t i = 0; i < sz(key); ++i) { priv[i] = priv_enc[i] ^ key[i]; } hexdump(priv, sz(key)); +#ifdef _SAVEKEY } else { /* found a key in memory; loading it into *priv */ alert(a_debug, "using saved key"); key_priv* saved = shmat(shm, 0, 0); if (saved == (void*)-1) @@ -494,10 +499,11 @@ return bad_shm; hexdump((byte*)saved, sizeof(key_priv)); memcpy(priv, saved, sizeof(key_priv)); shmdt(saved); } +#endif return ok; } enum bad @@ -612,10 +618,11 @@ if (sodium_init() < 0) return bad_lib_sodium_init; switch(op) { +# ifdef _SAVEKEY case logout: case keyin: { if (param != 0) return bad_syntax; int db = dbopen(O_RDONLY); @@ -648,10 +655,11 @@ shmctl(shm, IPC_RMID, NULL); } return ok; } +# endif case genpw: case addpw: { if (param == 0) return emit_usage( op == addpw ? " -a[p] []\n" : Index: kpw.d/makefile ================================================================== --- kpw.d/makefile +++ kpw.d/makefile @@ -2,11 +2,11 @@ cdeps = compose.c iaia.c tbl.c cpaths = $(cdeps:%=$(root)/clib/%) $(root)/kpw: kpw.c opt.inc err.inc $(cpaths) - $(cc) -I$(root) $< -lsodium $(l-shmem) -o $@ $(flags) $(cc-post) + $(cc) -I$(root) $< -lsodium -o $@ $(flags) $(cc-post) tab = cat $< | awk -v emit=$1 -F'\t+' -f $<.awk >> $@ opt.inc: optab optab.awk :>$@ Index: kpw.d/optab ================================================================== --- kpw.d/optab +++ kpw.d/optab @@ -10,12 +10,12 @@ r regen op = regen generate new password for existing account l lower mode = lower generate lowercase password m mix mode = mix generate mix-case password u upper mode = upper generate uppercase password s stupid-mode mode = stupid circumvent dumb pw restrictions -k install-key op = keyin install database key in session memory -o logout op = logout delete db key from session memory +k install-key op = keyin install database key in session memory _SAVEKEY +o logout op = logout delete db key from session memory _SAVEKEY n no-copy copy_pw = false print password instead of copying to clipboard _CLIPBOARD p print-pw print = true display passwords onscreen q quiet _g_alert_quiet = true hide non-fatal reports v verbose _g_debug_msgs = true display debug reports h help op = help display help text