Skip to content
Snippets Groups Projects
Select Git revision
  • document-extensions-search-conservatism
  • master default protected
  • 1.7.4
  • 1.7.3
  • 1.7.2
  • 1.7.1
  • 1.7
  • 1.6.5
  • 1.6.4
  • 1.6.3
  • 1.6.2
  • 1.6.1
  • 1.6
  • 1.5
  • 1.4.2
  • 1.4.1
  • 1.4
  • 1.3.1
  • 1.3
  • 1.2.1
  • 1.2
  • 1.1.4
22 results
Compare
user avatar
Use pipefail and randomize intermediate encrypted.
Jason A. Donenfeld authored 
Matthew writes:

    If the initial decrypt fails then the rest of the line shouldn't
    continue, as it won't be a properly decrypted password being
    re-encrypted and written over the existing passfile.

    One solution to this would be to enable pipefail (set -o pipefail) -
    either just before, or at the start of this script.  This would
    cause the failure of any of the commands in a pipe to set the return
    status of the whole pipeline to non-zero (the last failed command's
    return code is used).

We take his suggestion with this patch. While we're at it, we take a
little bit extra care (though not too much extra care) to select a more
random intermediate password, in case folks have a strange habit of
using a dot-new extension on files.

Suggested-by: default avatarMatthew Richardson <m.richardson@ed.ac.uk>
Signed-off-by: default avatarJason A. Donenfeld <Jason@zx2c4.com>
2eaca825
History
user avatar 2eaca825
History
Name Last commit Last update
..