Merge branch 'release-0.6.0'

Gopkg.toml

@@ -31,7 +31,7 @@
 
 [[constraint]]
   name = "github.com/aws/aws-sdk-go"
-  version = "1.10.22"
+  version = "1.10.41"
 
 [[constraint]]
   name = "github.com/leonklingele/randomstring"
@@ -53,6 +53,10 @@
   name = "github.com/spf13/pflag"
   version = "1.0.0"
 
+[[constraint]]
+  name = "golang.leonklingele.de/securetemp"
+  version = "1.0.0"
+
 [[constraint]]
   branch = "master"
   name = "golang.org/x/crypto"

Makefile

@@ -29,11 +29,11 @@ dependencies:
 	@$(shell \
 		cd $(GOVENDOR) ; \
 		rm -rf src ; \
-		find . -mindepth 3 -maxdepth 3 -path ./src -prune -o -type d -print | \
+		find . -mindepth 2 -maxdepth 2 -path ./src -prune -o -type d -print | \
 		sed -e 's/.\///' | \
 		xargs -I{} sh -c ' \
 			mkdir -p "src/`dirname {}`" ; \
-			ln -sfn "../../../{}" "src/{}" ; \
+			ln -sfn "../../{}" "src/{}" ; \
 		' \
 	)
 	@mkdir -p $(shell dirname $(GOVENDOR)/src/$(GOPKG))

backends/disk.go

@@ -22,11 +22,6 @@ const (
 	defaultBackupTimeFormat = "2006-01-02_15-04-05"
 )
 
-var (
-	safePath string
-	homeDir  string
-)
-
 type DiskBackend struct {
 	path         string
 	backupConfig backupConfig
@@ -35,16 +30,16 @@ type DiskBackend struct {
 type fileInfoSlice []os.FileInfo
 
 func NewDiskBackend(config Config) (*DiskBackend, error) {
-	var err error
-	if homeDir, err = homedir.Dir(); err != nil {
+	homeDir, err := homedir.Dir()
+	if err != nil {
 		return nil, err
 	}
 
 	safePath, ok := config.Settings["path"].(string)
 	if ok {
 		safePath = formatHomeDir(safePath, homeDir)
 	} else {
-		safePath, err = defaultSafePath()
+		safePath, err = defaultSafePath(homeDir)
 		if err != nil {
 			return nil, err
 		}
@@ -73,11 +68,11 @@ func (db *DiskBackend) Load() ([]byte, error) {
 func (db *DiskBackend) Save(data []byte) error {
 	tmpFile := db.path + ".tmp"
 	if err := ioutil.WriteFile(tmpFile, data, defaultSafeFileMode); err != nil {
-		os.Remove(tmpFile)
+		_ = os.Remove(tmpFile)
 		return err
 	}
 	if err := os.Rename(tmpFile, db.path); err != nil {
-		os.Remove(tmpFile)
+		_ = os.Remove(tmpFile)
 		return err
 	}
 	return nil
@@ -132,7 +127,7 @@ func min(a, b int) int {
 func (db *DiskBackend) Backup() error {
 	if db.backupConfig.MaxFiles == 0 {
 		// Keep no backups
-		db.cleanOldBackups(0)
+		_ = db.cleanOldBackups(0)
 		return errors.ErrBackupDisabled
 	} else if db.backupConfig.MaxFiles > 0 {
 		// Subtract one as we are about to create another backup
@@ -169,7 +164,7 @@ func (db *DiskBackend) Backup() error {
 	return ioutil.WriteFile(backupPath, data, defaultSafeFileMode)
 }
 
-func defaultSafePath() (string, error) {
+func defaultSafePath(homeDir string) (string, error) {
 	safeDir := fmt.Sprintf("%s/%s", homeDir, defaultSafeDirName)
 
 	if _, err := os.Stat(safeDir); err != nil {

backends/s3.go

@@ -111,7 +111,7 @@ func (s *S3Backend) Load() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer result.Close()
+	defer result.Close() // nolint: errcheck
 
 	buf := bytes.NewBuffer(nil)
 	if _, err := io.Copy(buf, result); err != nil {
@@ -153,7 +153,7 @@ func (s *S3Backend) getObject(bucket, key string) (io.ReadCloser, error) {
 	return result.Body, nil
 }
 
-func (s *S3Backend) putObject(data *bytes.Reader, bucket, key string) error {
+func (s *S3Backend) putObject(data io.Reader, bucket, key string) error {
 	_, err := s.svc.PutObject(&s3.PutObjectInput{
 		Body:   aws.ReadSeekCloser(data),
 		Bucket: aws.String(bucket),

commands/add.go

@@ -6,6 +6,7 @@ import (
 	"github.com/bndw/pick/errors"
 	"github.com/bndw/pick/strings"
 	"github.com/bndw/pick/utils"
+	"github.com/bndw/pick/utils/clipboard"
 	"github.com/bndw/pick/utils/pswdgen"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
@@ -45,7 +46,7 @@ func Add(args []string, flags *pflag.FlagSet) error {
 
 	fmt.Println("Credential added")
 	if utils.Confirm("Copy password to clipboard", true) {
-		if err := utils.CopyToClipboard(account.Password); err != nil {
+		if err := clipboard.Copy(account.Password, safe.Config.General.Clipboard.ClearAfter); err != nil {
 			return err
 		}
 		fmt.Println(strings.PasswordCopiedToClipboard)

commands/cat.go

@@ -23,7 +23,7 @@ func init() {
 	rootCmd.AddCommand(cmd)
 }
 
-func printAccount(name string, account *safe.Account, showHistory bool) {
+func printAccount(account *safe.Account, showHistory bool) {
 	// Print header
 	if showHistory && account.History != nil {
 		history := account.History
@@ -74,7 +74,7 @@ func Cat(args []string, flags *pflag.FlagSet) error {
 		return err
 	}
 
-	printAccount(name, account, showHistory)
+	printAccount(account, showHistory)
 	return nil
 }
 

commands/clear_clipboard.go

@@ -0,0 +1,50 @@
+package commands
+
+import (
+	"strconv"
+	"time"
+
+	"github.com/bndw/pick/errors"
+	"github.com/bndw/pick/utils/clipboard"
+	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
+)
+
+func init() {
+	rootCmd.AddCommand(&cobra.Command{
+		Use:   "clear-clipboard [after-seconds] [must-match]",
+		Short: "Clear clipboard",
+		Long:  "The clear-clipboard command is used to clear the clipboard.",
+		Run: func(cmd *cobra.Command, args []string) {
+			runCommand(ClearClipboard, cmd, args)
+		},
+		Hidden: true,
+	})
+}
+
+func ClearClipboard(args []string, flags *pflag.FlagSet) error {
+	duration, match, err := parseClearClipboardArgs(args)
+	if err != nil {
+		return err
+	}
+	time.Sleep(duration)
+	return clipboard.ClearIfMatch(match)
+}
+
+func parseClearClipboardArgs(args []string) (duration time.Duration, match string, err error) {
+	if len(args) != 2 {
+		err = errors.ErrInvalidCommandUsage
+		return
+	}
+
+	var secs int64
+	secs, err = strconv.ParseInt(args[0], 10, 64)
+	if err != nil {
+		return
+	}
+	duration = time.Duration(secs) * time.Second
+
+	match = args[1]
+
+	return
+}

commands/copy.go

@@ -5,7 +5,7 @@ import (
 
 	"github.com/bndw/pick/errors"
 	"github.com/bndw/pick/strings"
-	"github.com/bndw/pick/utils"
+	"github.com/bndw/pick/utils/clipboard"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
 )
@@ -37,7 +37,7 @@ func Copy(args []string, flags *pflag.FlagSet) error {
 		return err
 	}
 
-	if err := utils.CopyToClipboard(account.Password); err != nil {
+	if err := clipboard.Copy(account.Password, safe.Config.General.Clipboard.ClearAfter); err != nil {
 		return err
 	}
 	fmt.Println(strings.PasswordCopiedToClipboard)

commands/edit.go

@@ -6,6 +6,7 @@ import (
 	"github.com/bndw/pick/errors"
 	"github.com/bndw/pick/strings"
 	"github.com/bndw/pick/utils"
+	"github.com/bndw/pick/utils/clipboard"
 	"github.com/bndw/pick/utils/pswdgen"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
@@ -40,7 +41,7 @@ func Edit(args []string, flags *pflag.FlagSet) error {
 
 	fmt.Println("Credential updated")
 	if utils.Confirm("Copy password to clipboard", true) {
-		if err := utils.CopyToClipboard(account.Password); err != nil {
+		if err := clipboard.Copy(account.Password, safe.Config.General.Clipboard.ClearAfter); err != nil {
 			return err
 		}
 		fmt.Println(strings.PasswordCopiedToClipboard)

commands/util.go

@@ -18,7 +18,7 @@ import (
 func runCommand(c func([]string, *pflag.FlagSet) error, cmd *cobra.Command, args []string) {
 	if err := c(args, cmd.Flags()); err != nil {
 		if err == errors.ErrInvalidCommandUsage {
-			cmd.Usage()
+			_ = cmd.Usage()
 			os.Exit(1)
 		}
 		os.Exit(handleError(err))
@@ -44,12 +44,12 @@ func (sl *safeLoader) RememberPassword() {
 
 func (sl *safeLoader) Load() (*safe.Safe, error) {
 	backendClient, err := newBackendClient()
-	if _, err := backendClient.Load(); err != nil {
-		return nil, builtinerrors.New("pick not yet initialized. Please run the init command first")
-	}
 	if err != nil {
 		return nil, err
 	}
+	if _, err := backendClient.Load(); err != nil {
+		return nil, builtinerrors.New("pick not yet initialized. Please run the init command first")
+	}
 	return sl.LoadWithBackendClient(backendClient)
 }
 
@@ -91,7 +91,7 @@ func initSafe() error {
 		return err
 	}
 
-	if _, err := backendClient.Load(); err == nil {
+	if _, err := backendClient.Load(); err == nil { // nolint: vetshadow
 		return builtinerrors.New("pick was already initialized")
 	}
 

config.toml.in

@@ -21,6 +21,9 @@
 #   #  - Decrease length via: Left-arrow key / "h"
 #   #  - Use current password: Enter key
 #   mode = "interactive"
+#   [general.clipboard]
+#   # Specifies the time after which the clipboard is cleared.
+#   clearAfter = "90s"
 
 
 ## Storage
@@ -35,7 +38,7 @@ type = "file"
   # The number of backups to keep.
   # Specify -1 to allow unlimited backups, 0 to not create backups at all.
   #max = 100
-  
+
 # type = "s3"
 #   [storage.settings]
 #   # Name of AWS S3 bucket

config/config.go

@@ -7,6 +7,7 @@ import (
 	"github.com/BurntSushi/toml"
 	"github.com/bndw/pick/backends"
 	"github.com/bndw/pick/crypto"
+	"github.com/bndw/pick/utils/clipboard"
 	"github.com/bndw/pick/utils/pswdgen"
 	"github.com/mitchellh/go-homedir"
 )
@@ -24,8 +25,9 @@ type Config struct {
 
 type generalConfig struct {
 	Password pswdgen.Config
-	// Warning: Deprecated. The PasswordLen field is required for backwards-compatiblity :(
+	// Warning: Deprecated. The PasswordLen field is required for backwards-compatibility :(
 	PasswordLen int
+	Clipboard   clipboard.Config
 }
 
 func Load(version string) (*Config, error) {
@@ -39,7 +41,8 @@ func Load(version string) (*Config, error) {
 		Storage:    backends.NewDefaultConfig(),
 		Encryption: crypto.NewDefaultConfig(),
 		General: generalConfig{
-			Password: pswdgen.NewDefaultConfig(),
+			Password:  pswdgen.NewDefaultConfig(),
+			Clipboard: clipboard.NewDefaultConfig(),
 		},
 	}
 	if _, err := os.Stat(configFile); err != nil {
@@ -55,7 +58,7 @@ func Load(version string) (*Config, error) {
 	}
 
 	config.Version = version
-	// Warning: Deprecated. The PasswordLen field is required for backwards-compatiblity :(
+	// Warning: Deprecated. The PasswordLen field is required for backwards-compatibility :(
 	if l := config.General.PasswordLen; l > 0 {
 		config.General.Password.Length = l
 	}

crypto/aes_gcm.go

@@ -22,7 +22,7 @@ type AESGCMSettings struct {
 	KeyDerivation string         `json:"keyderivation,omitempty" toml:"keyderivation"`
 	PBKDF2        *pbkdf2.PBKDF2 `json:"pbkdf2,omitempty" toml:"pbkdf2"`
 	Scrypt        *scrypt.Scrypt `json:"scrypt,omitempty" toml:"scrypt"`
-	// Warning: Deprecated. These three Pbkdf2 configs are required for backwards-compatiblity :(
+	// Warning: Deprecated. These three Pbkdf2 configs are required for backwards-compatibility :(
 	Pbkdf2Hash       string `json:"pbkdf2hash,omitempty" toml:"pbkdf2hash"`
 	Pbkdf2Iterations int    `json:"pbkdf2iterations,omitempty" toml:"pbkdf2iterations"`
 	Pbkdf2SaltLen    int    `json:"pbkdf2saltlen,omitempty" toml:"pbkdf2saltlen"`
@@ -103,33 +103,33 @@ func (c *AESGCMClient) deriveKeyWithSalt(password, salt []byte, keyLen int) ([]b
 	return c.keyDerivation.DeriveKeyWithSalt(password, salt, keyLen)
 }
 
-func (c *AESGCMClient) Decrypt(data []byte, password []byte) (plaintext []byte, err error) {
+func (c *AESGCMClient) Decrypt(data []byte, password []byte) ([]byte, error) {
 	var store AESGCMStore
 	if err := json.Unmarshal(data, &store); err != nil {
 		return nil, err
 	}
 
 	key, err := c.deriveKeyWithSalt(password, store.Salt, c.keyLen())
 	if err != nil {
-		return
+		return nil, err
 	}
 
 	ac, err := aes.NewCipher(key)
 	if err != nil {
-		return
+		return nil, err
 	}
 
 	gcm, err := cipher.NewGCM(ac)
 	if err != nil {
-		return
+		return nil, err
 	}
 
-	plaintext, err = gcm.Open(nil, store.Nonce, store.Ciphertext, nil)
+	plaintext, err := gcm.Open(nil, store.Nonce, store.Ciphertext, nil)
 	if err != nil {
 		return nil, errors.ErrSafeDecryptionFailed
 	}
 
-	return
+	return plaintext, nil
 }
 
 func (c *AESGCMClient) Encrypt(plaintext []byte, password []byte) (data []byte, err error) {