diff options
-rwxr-xr-x | icevault | 53 |
1 files changed, 29 insertions, 24 deletions
@@ -22,17 +22,9 @@ use warnings; our $VERSION = '0.1'; use Getopt::Long qw/:config posix_default no_ignore_case gnu_compat bundling auto_version/; -use Digest (); use Encode qw/decode_utf8 encode_utf8/; -use File::Copy 'move'; -use File::Path 'make_path'; -use File::Temp (); use I18N::Langinfo (); -use IO::Socket::UNIX 'SOCK_STREAM'; -use IPC::Open2 'open2'; -use JSON qw/decode_json encode_json/; -use List::Util qw/all any first min none/; -use YAML::Tiny (); # XXX use Tiny::YAML instead? +use List::Util qw/any first min none/; # Clean up PATH, and set TMPDIR to a ramdisk's mountpoint if possible @@ -173,12 +165,14 @@ sub connect($) { myprintf \*STDERR, "Using socket C<%s>", $sockname if $CONFIG{debug}; } - $SOCKET = IO::Socket::UNIX::->new( Type => SOCK_STREAM(), Peer => $sockname ) + require 'IO/Socket/UNIX.pm'; + $SOCKET = IO::Socket::UNIX->new( Type => IO::Socket::UNIX::SOCK_STREAM(), Peer => $sockname ) or error "Can't connect to socket C<%s>: %s", $sockname, $!; # get the URI greeting; don't perform domain validation (it's done # by the browser), but ensure that it doesn't contain non-graphical # chars, : or / + require 'JSON.pm'; my $uri = getResponse(); $uri =~ s/\A([A-Za-z0-9-]+:\/\/[^\P{Graph}:\/]+(?::\d+)?)(?:\/.*)?\z/$1/ or error "Invalid URI C<%s>", $uri; @@ -198,7 +192,7 @@ sub getResponse() { myprintf \*STDERR, "S: %s", decode_utf8 $buf if $CONFIG{debug}; my ($code, $msg) = split / /, $buf, 2; # allow $msg to be decoded to a string - $msg = JSON::->new->utf8->allow_nonref->decode($msg) if defined $msg; + $msg = JSON->new->utf8->allow_nonref->decode($msg) if defined $msg; if ($code eq 'OK') { return $msg; } @@ -250,7 +244,7 @@ sub fill($$@) { if defined $fill[$i]; } - sendCommand('FILL', $idx, encode_json \@fill); + sendCommand('FILL', $idx, JSON::encode_json(\@fill)); } # Parse a scheme://hostname(:port)?/identity, and return the associated @@ -272,6 +266,7 @@ sub getIdentityFile($) { sub loadIdentityFile($) { my $file = shift; myprintf \*STDERR, "Decrypting identity file C<%s>", $file if $CONFIG{debug}; + require 'YAML/Tiny.pm'; # XXX use Tiny::YAML instead? my $pid = open my $fh, '-|', $CONFIG{gpg}, qw/-o - --decrypt --/, $file or error "Can't fork: %s", $!; @@ -289,22 +284,27 @@ sub saveIdentityFile($$) { my ($form, $file) = @_; $form->{fields} = [ grep defined, @{$form->{fields}} ]; # remove undefined fields myprintf \*STDERR, "Saving identity file C<%s>", $file if $CONFIG{debug}; + require 'File/Copy.pm'; + require 'File/Path.pm'; + require 'File/Temp.pm'; + require 'IPC/Open2.pm'; + require 'YAML/Tiny.pm'; # XXX use Tiny::YAML instead? # don't encrypt directly into the destination $file so we don't # end up with a messed up $file if something goes wrong - my $outfh = File::Temp::->new(SUFFIX => '.gpg', UNLINK => 0, TMPDIR => 1); - my $pid = open2 ">&".$outfh->fileno, my $infh, - $CONFIG{gpg}, qw/-o - --no-encrypt-to --recipient/, $CONFIG{keyid}, '--encrypt' + my $outfh = File::Temp->new(SUFFIX => '.gpg', UNLINK => 0, TMPDIR => 1); + my $pid = IPC::Open2::open2(">&".$outfh->fileno, my $infh, $CONFIG{gpg}, + qw/-o - --no-encrypt-to --recipient/, $CONFIG{keyid}, '--encrypt') or error "Can't fork: %s", $!; - print $infh encode_utf8(YAML::Tiny::Dump $form); # dump the form as UTF8 + print $infh encode_utf8(YAML::Tiny::Dump($form)); # dump the form as UTF8 close $infh; waitpid $pid, 0; error "C<%s> exited with value %d", $CONFIG{gpg}, ($? >> 8) if $? and $? != -1; $outfh->close; my $parent_dir = $file =~ s/\/[^\/]+$//r; - make_path $parent_dir unless -d $parent_dir; # create parent directories recursively - move $outfh->filename, $file or error "Can't move C<%s>: %s", $outfh->filename, $!; + File::Path::make_path $parent_dir unless -d $parent_dir; # create parent directories recursively + File::Copy::move $outfh->filename, $file or error "Can't move C<%s>: %s", $outfh->filename, $!; # TODO: git add $file; git commit } @@ -424,7 +424,8 @@ sub promptYN($;$) { sub sha256_file($) { my $filename = shift; - my $sha256 = Digest::->new('SHA-256'); + require 'Digest.pm'; + my $sha256 = Digest->new('SHA-256'); open my $fh, '<', $filename or error "Can't open C<%s>: %s", $filename, $!; $sha256->addfile($fh); close $fh; @@ -715,7 +716,8 @@ elsif ($command eq 'dump') { my $form = loadIdentityFile $file; $_->{value} = safeValue($_) foreach @{$form->{fields}}; # redact the passwords - print STDOUT (defined $LOCALE ? $LOCALE->encode(YAML::Tiny::Dump $form) : YAML::Tiny::Dump $form); + my $str = YAML::Tiny::Dump($form); + print STDOUT (defined $LOCALE ? $LOCALE->encode($str) : $str) } elsif ($command eq 'edit') { @@ -723,18 +725,21 @@ elsif ($command eq 'edit') { my $id = shift; my $file = getIdentityFile $id; error "No such identity C<%s>", $id unless -f $file; + require 'File/Copy.pm'; + require 'File/Temp.pm'; error "C<%s> is not set", '$EDITOR' unless defined $ENV{EDITOR}; $ENV{EDITOR} =~ /\A(\p{Print}+)\z/ or error "Insecure C<%s>", "\$EDITOR"; my $EDITOR = $1; # untaint $EDITOR - my $fh = File::Temp::->new(SUFFIX => '.yaml', UNLINK => 0, TMPDIR => 1); + my $fh = File::Temp->new(SUFFIX => '.yaml', UNLINK => 0, TMPDIR => 1); END { unlink $fh->filename if defined $fh; } # never leave cleartext lying around myprintf \*STDERR, "Decrypting identity file C<%s>", $file if $CONFIG{debug}; # XXX use loadIdentityFile open my $NULL, '<', '/dev/null'; - my $pid = open2(">&".$fh->fileno, "<&".fileno($NULL), $CONFIG{gpg}, qw/-o - --decrypt --/, $file) + require 'IPC/Open2.pm'; + my $pid = IPC::Open2::open2(">&".$fh->fileno, "<&".fileno($NULL), $CONFIG{gpg}, qw/-o - --decrypt --/, $file) or error "Can't fork: %s", $!; waitpid $pid, 0; error "C<%s> exited with value %d", $CONFIG{gpg}, ($? >> 8) if $? and $? != -1; @@ -752,7 +757,7 @@ elsif ($command eq 'edit') { # don't encrypt directly into the destination $file so we don't # end up with a messed up $file if something goes wrong myprintf "Saving user changes for identity C<%s>", $id; - my $outfh = File::Temp::->new(SUFFIX => '.gpg', UNLINK => 0, TMPDIR => 1); + my $outfh = File::Temp->new(SUFFIX => '.gpg', UNLINK => 0, TMPDIR => 1); my $pid = open2(">&".$outfh->fileno, "<&".fileno($NULL), $CONFIG{gpg}, qw/-o - --no-encrypt-to --recipient/, $CONFIG{keyid}, '--encrypt', '--', $fh->filename) @@ -761,7 +766,7 @@ elsif ($command eq 'edit') { error "C<%s> exited with value %d", $CONFIG{gpg}, ($? >> 8) if $? and $? != -1; $outfh->close; - move $outfh->filename, $file or error "Can't move C<%s>: %s", $outfh->filename, $!; + File::Copy::move $outfh->filename, $file or error "Can't move C<%s>: %s", $outfh->filename, $!; } close $NULL; |