func InsertFunc(args Args) {
PrepareFile()
fmt.Println("Inserting a new password record")
rec := PasssRecord{}
promt("Website: ")
fmt.Scanln(&rec.Website)
promt("Username: "******"Password: "******"Repeat: ")
pwd2 := string(gopass.GetPasswd())
if pwd == pwd2 {
rec.Password = pwd
break
} else {
fmt.Println("Entered passwords are different! Please try again.")
}
}
fmt.Println("Inserted a new record:")
rec.PrintHead()
Records = append(Records, rec)
EncryptAndSave()
}
func getPassword() (password string) {
fmt.Println("Password: "******"Error: %s", err)
return getPassword()
}
password = string(pwd)
if string(pwd) == "" {
fmt.Println("You did not provide a password. Please try again.")
return getPassword()
}
fmt.Println("Confirm password: "******"Error: %s", err)
return getPassword()
}
if password != string(confirm) {
fmt.Println("Password and confirmation do not match. Please try again.")
return getPassword()
}
return
}
func askForPassword(confirm bool) (password []byte, err error) {
for {
fmt.Printf("Enter passphrase: ")
password = gopass.GetPasswd()
if err != nil {
return
}
if !confirm {
break
}
var confirmation []byte
fmt.Printf("Confirm passphrase: ")
confirmation = gopass.GetPasswd()
if err != nil {
return
}
if len(password) == 0 {
fmt.Println("Empty password, please try again.")
clearBytes(confirmation)
continue
}
if bytes.Equal(password, confirmation) {
clearBytes(confirmation)
break
}
fmt.Println("Passphrases mismatch, please try again.")
clearBytes(confirmation)
clearBytes(password)
}
return
}
func addDBUser() {
reader := bufio.NewReader(os.Stdin)
name := ask(reader, "Name: ")
email := ask(reader, "Email ")
if !IsEmail(email) {
Log.Fatalf("%s is not a valid email address.", email)
}
fmt.Print("Password: "******"Confirm: ")
cpass := gopass.GetPasswd()
if string(pass) != string(cpass) {
Log.Fatal("Password and confirm do not match.")
}
user := &UserDb{
Name: name,
Email: email,
Password: string(pass),
}
err := CreateUser(user)
if err != nil {
Log.Fatal(err)
}
Log.Info("User created successfully.")
}
func main() {
var err error
flag.Parse()
state := shares.State{
StorageDir: StorageDir,
}
DatabaseDir := filepath.Join(StorageDir, "db")
state.Database, err = shares.NewDatabase(DatabaseDir)
if err != nil {
log.Printf("unable to open database: %s", err)
os.Exit(1)
}
name := flag.Arg(0)
if name == "" {
log.Printf("no user given")
os.Exit(1)
}
user, err := state.User(name)
if err == nil {
fmt.Printf("Loaded user %s\n", name)
} else if create == true {
user = state.NewUser(name)
fmt.Printf("created new user: %s\n", name)
} else {
fmt.Printf("unknown user: %s\n", name)
return
}
if chpasswd == true {
fmt.Printf("Enter current password:"******"Enter new password:"******"Enter new password again:")
if another := gopass.GetPasswd(); string(newPass) != string(another) {
fmt.Printf("new passwords did not match\n")
return
}
if !user.SetPassword(string(curPass), string(newPass)) {
fmt.Printf("failed to set password for new user")
return
}
fmt.Printf("successfully set new password for user %s\n", name)
}
if err = user.Save(); err != nil {
fmt.Printf("failed to save user after creation: %s\n", err)
return
}
}
func getPassword() (password string) {
fmt.Println("Password: "******"" {
fmt.Println("You did not provide a password. Please try again.")
return getPassword()
}
fmt.Println("Confirm password: "******"Password and confirmation do not match. Please try again.")
return getPassword()
}
return
}
func loginAction(c *cli.Context) {
reader := bufio.NewReader(os.Stdin)
fmt.Printf("URL: ")
ur, err := reader.ReadString('\n')
if err != nil {
logger.Fatal(err)
}
fmt.Printf("Username: "******"Password: ")
p := gopass.GetPasswd()
sUrl := strings.TrimSpace(string(ur[:]))
username := strings.TrimSpace(string(u[:]))
pass := strings.TrimSpace(string(p[:]))
cfg := &client.ShipyardConfig{
Url: sUrl,
Username: username,
}
m := client.NewManager(cfg)
token, err := m.Login(username, pass)
if err != nil {
logger.Fatal(err)
}
cfg.Token = token.Token
if err := saveConfig(cfg); err != nil {
logger.Fatal(err)
}
}
func main() {
if len(os.Args) != 2 {
fmt.Fprintln(os.Stderr, "Usage: genconfig <output.json>")
os.Exit(1)
}
var c Config
fmt.Print("Admin password: "******"FB App ID: ")
c.Secret = promptInput("FB Secret: ")
c.CallbackURI = promptInput("Landing URL (e.g. http://foo.com): ") + "/fblogin_done"
for {
tz := promptInput("Time zone (e.g. UTC, America/New_York): ")
if _, err := time.LoadLocation(tz); err != nil {
fmt.Println("Invalid time zone")
} else {
c.Timezone = tz
break
}
}
data, _ := json.Marshal(&c)
if err := ioutil.WriteFile(os.Args[1], data, 0700); err != nil {
fmt.Fprintln(os.Stderr, "Failed to write output:", err)
os.Exit(1)
}
}
func getPasswd() string {
p, err := gopass.GetPasswd()
if err != nil {
panic(err)
}
return string(p)
}
// Reads oauth tokens from disk if exist, else prompt for login
func authorize(force bool) {
conf, err := getRc()
client, err = api.NewPKClient(conf.URL)
if force || err != nil {
var username, password string
fmt.Printf("Email: ")
fmt.Scanln(&username)
fmt.Printf("Password: "******"Authorization error:", err)
return
}
conf.User = username
conf.AccessToken = client.AccessToken
conf.Expiration = client.TokenExpiration
if err := conf.saveRc(); err != nil {
panic(err)
}
} else {
client.AccessToken = conf.AccessToken
client.TokenExpiration = conf.Expiration
}
return
}
func serverCommand() cli.Command {
return cli.Command{
Name: "server",
Usage: "Run webservice",
Flags: serverFlags(),
Action: func(c *cli.Context) {
db_user := c.String("database-user")
db_host := c.String("database-host")
db := c.String("database")
fmt.Printf("%s@%s/%s password: "******"mysql", fmt.Sprintf("%s:%s@tcp(%s:%d)/%s",
db_user, string(db_pass), db_host, c.Int("database-port"), db))
if nil != err {
log.Fatal(err)
return
}
db_pass = []byte("")
defer ds.Close()
service := &atm.Server{
Ds: ds,
Object_host: c.String("object-host"),
Default_duration: int64(c.Duration("duration").Seconds()),
Nonces: atm.NewNonceStore(),
}
service.Run()
},
}
}
// ReadPassword reads password from standard input without echoing the characters.
// If mask is true, each chracter will be represented with astericks '*'. Note that
// this only works as expected when the standard input is a terminal.
func (s *Shell) ReadPassword(mask bool) string {
fmt.Fprint(s.writer, s.prompt)
if mask {
return string(gopass.GetPasswdMasked())
}
return string(gopass.GetPasswd())
}
func GetPass() string {
if data, errData := gopass.GetPasswd(); errData != nil {
return ``
} else {
return string(data)
}
}
//TODO 某种认证方法只有一个会被使用,需要多次猜测
func DialInConsole(addr string, username string) (client *ssh.Client, err error) {
//find cert file
pathList := certFilePathList()
authList := []ssh.AuthMethod{}
for _, path := range pathList {
clientKeyBytes, err := ioutil.ReadFile(path)
if err != nil {
if !os.IsNotExist(err) {
return nil, fmt.Errorf("[DialInConsole] ioutil.ReadFile() err:%s", err)
}
} else {
signer, err := ssh.ParsePrivateKey(clientKeyBytes)
if err != nil {
return nil, fmt.Errorf("[DialInConsole] ssh.ParsePrivateKey err:%s", err)
}
//clientKey := &keychain{signer}
authList = append(authList, ssh.PublicKeys(signer))
}
}
authList = append(authList, ssh.PasswordCallback(func() (secret string, err error) {
fmt.Printf("[ssh] password for %s@%s", username, addr)
secret = string(gopass.GetPasswd())
return
}))
clientConfig := &ssh.ClientConfig{
User: username,
Auth: authList,
}
client, err = ssh.Dial("tcp", addr, clientConfig)
if err != nil {
return nil, fmt.Errorf("[DialInConsole] Failed to dial: %s", err.Error())
}
return
}
func main() {
turnpike.Debug()
fmt.Println("Hint: the password is 'password'")
fmt.Print("Password: "******"Error getting the password:"******"ws://localhost:8000/ws", nil)
if err != nil {
log.Fatal(err)
}
c.Auth = map[string]turnpike.AuthFunc{"example-auth": exampleAuthFunc}
_, err = c.JoinRealm("turnpike.examples", nil)
if err != nil {
log.Fatal(err)
}
fmt.Println("Connected with auth")
time.Sleep(3 * time.Second)
fmt.Println("Disconnecting")
c.Close()
}
// passwordCallback is a function which returns the appropriate type of callback.
func (obj *Remotes) passwordCallback(user, host string) func() (string, error) {
timeout := nonInteractivePasswordTimeout // default
if obj.interactive { // return after a timeout if not interactive
timeout = -1 // unlimited when we asked for interactive mode!
}
cb := func() (string, error) {
passchan := make(chan string)
failchan := make(chan error)
go func() {
log.Printf("Remote: Prompting for %s@%s password...", user, host)
fmt.Printf("Password: "******"", e
case <-util.TimeAfterOrBlock(timeout):
return "", fmt.Errorf("Interactive timeout reached!")
}
}
return cb
}
func cliLogin(c *cli.Context) {
var u string
var user string
fmt.Printf("URL: ")
fmt.Scanf("%s", &u)
fmt.Printf("Username: "******"%s", &user)
fmt.Printf("Password: "******"Error logging in: %s", err)
}
if token == "" {
log.Fatal("An error occurred while logging in")
}
// save config
cfg := &Configuration{
URL: u,
Username: user,
Token: token,
}
saveConfig(cfg)
log.Info("Login successful")
}
func main() {
fmt.Println("Enter secret seed:")
seed := string(gopass.GetPasswd())
pubKey, chain, privKey := bitcoin.ComputeMastersFromSeed(seed)
fmt.Println("Derived pubkey: ", pubKey)
fmt.Println("Enter message to sign, ctrl-d ctrl-d when done:")
message, err := ioutil.ReadAll(os.Stdin)
if err != nil {
panic(err)
}
signature := bitcoin.SignMessage(privKey, string(message), true)
fmt.Printf(`
-----BEGIN BITCOIN SIGNED MESSAGE-----
%v
-----BEGIN BITCOIN SIGNATURE-----
Version: Bitcoin-qt (1.0)
PublicKey: %v
Chain: %v
%v
-----END BITCOIN SIGNATURE-----
`, string(message), pubKey, chain, signature)
}
func commandCreateUser() cli.Command {
return cli.Command{
Name: "createuser",
Usage: "createuser",
Description: "Create a new user account. The email address and password are prompted to enter.",
Action: func(c *cli.Context) {
failOnError(c, checkZeroArgument(c))
key := make([]byte, 32)
salt := make([]byte, 10)
if _, err := rand.Read(key); err != nil {
failOnError(c, err)
}
if _, err := rand.Read(salt); err != nil {
failOnError(c, err)
}
fmt.Print("Email: ")
var email string
fmt.Scanf("%s\n", &email)
fmt.Print("Password: "******"HMAC_SHA1", key, nil))
u, err = getUserByIdentifier(u.Email)
failOnError(c, err)
fmt.Println(">> user created:")
printUser(u)
},
}
}
func (key *MasterKey) passphrasePrompt(keys []openpgp.Key, symmetric bool) ([]byte, error) {
conn, err := gpgagent.NewConn()
if err == gpgagent.ErrNoAgent {
fmt.Println("gpg-agent not found, continuing with manual passphrase input...")
fmt.Print("Enter PGP key passphrase: ")
pass, err := gopass.GetPasswd()
if err != nil {
return nil, err
}
for _, k := range keys {
k.PrivateKey.Decrypt(pass)
}
return pass, err
}
if err != nil {
return nil, fmt.Errorf("Could not establish connection with gpg-agent: %s", err)
}
defer conn.Close()
for _, k := range keys {
req := gpgagent.PassphraseRequest{
CacheKey: k.PublicKey.KeyIdShortString(),
Prompt: "Passphrase",
Desc: fmt.Sprintf("Unlock key %s to decrypt sops's key", k.PublicKey.KeyIdShortString()),
}
pass, err := conn.GetPassphrase(&req)
if err != nil {
return nil, fmt.Errorf("gpg-agent passphrase request errored: %s", err)
}
k.PrivateKey.Decrypt([]byte(pass))
return []byte(pass), nil
}
return nil, fmt.Errorf("No key to unlock")
}
func main() {
var (
showUser bool
)
fmt.Printf("ldap uid (eg. jvehent)> ")
scanner := bufio.NewScanner(os.Stdin)
scanner.Scan()
if err := scanner.Err(); err != nil {
log.Fatal(err)
}
uid := scanner.Text()
fmt.Printf("ldap password> ")
pass, err := gopass.GetPasswd()
if err != nil {
log.Fatal(err)
}
cli, err := mozldap.NewClient(
"ldap://ldap.db.scl3.mozilla.com/dc=mozilla",
fmt.Sprintf("mail=%[email protected],o=com,dc=mozilla", uid),
fmt.Sprintf("%s", pass),
&tls.Config{InsecureSkipVerify: true},
true)
flag.BoolVar(&showUser, "u", false, "Show memberships of a users identified by their ID")
flag.Parse()
if len(os.Args) == 0 {
fmt.Printf("missing groups\nusage: %s <groupid> <groupid>\nusage: %s -u <userid> <userid>",
os.Args[0], os.Args[0])
os.Exit(1)
}
if err != nil {
log.Fatal(err)
}
var udns []string
if showUser {
for _, uid := range flag.Args() {
dn, err := cli.GetUserDNById(uid)
if err != nil {
log.Fatal(err)
}
udns = append(udns, dn)
}
} else {
udns, err = cli.GetUsersInGroups(flag.Args())
if err != nil {
log.Fatal(err)
}
}
for _, udn := range udns {
fmt.Printf("\n%s\n", udn)
groups, err := cli.GetGroupsOfUser(udn)
if err != nil {
log.Fatal(err)
}
for i, group := range groups {
fmt.Printf("%d\t%s\n", i, group)
}
fmt.Printf("====================================\n")
}
}
// createUser creates a new superuser, asking for a username and password.
func createUser(ctx *cli.Context) {
var username, email, password, confirmPassword string
for {
fmt.Print("Username: "******"unexpected newline" {
fmt.Println(err)
}
if username == "" {
fmt.Println("Username cannot be blank")
} else {
break
}
}
// email is optional
fmt.Print("Email: ")
_, err := fmt.Scanln(&email)
if err != nil && err.Error() != "unexpected newline" {
fmt.Println(err)
}
for {
fmt.Print("Password: "******"Confirm Password: "******"" {
fmt.Println("Password cannot be blank")
} else if password != confirmPassword {
fmt.Println("Passwords must match")
} else {
break
}
}
user := auth.User{Username: username, Email: email, Active: true, Superuser: true}
user.SetPassword(password)
db.DB.Create(&user)
}
func parse() (username string, hosts []string, pass string) {
username = os.Args[1]
hosts = strings.Split(os.Args[2], ",")
fmt.Printf("Password: ")
pass = string(gopass.GetPasswd())
return
}
func readPassword(prompt string) string {
fmt.Fprint(os.Stderr, prompt)
password, err := gopass.GetPasswd()
if err != nil {
panic(err)
}
return string(password)
}
func getPass() string {
if *PassPhrase != "" {
return *PassPhrase
} else {
fmt.Print("Enter passphrase: ")
return string(gopass.GetPasswd())
}
}
func (pr *Prompter) PromptMasked(caption string) string {
os.Stderr.WriteString(caption)
text, err := gopass.GetPasswd()
os.Stderr.WriteString("\r")
if err != nil {
log.Fatalln(err)
}
return string(text)
}
// ReadPassword reads password from standard input without echoing the characters.
// If mask is true, each character will be represented with asterisks '*'. Note that
// this only works as expected when the standard input is a terminal.
func (s *Shell) ReadPassword(mask bool) string {
if s.showPrompt {
s.Print(s.prompt)
}
if mask {
return string(gopass.GetPasswdMasked())
}
return string(gopass.GetPasswd())
}
// Password prompt.
func Password(prompt string, args ...interface{}) string {
fmt.Printf(prompt+": ", args...)
var buf, err = gopass.GetPasswd()
if err != nil {
return ""
}
s := string(buf[0:])
return s
}
func getPasswd(u *quimby.User) {
fmt.Printf("password: "******"again: ")
b2, err := gopass.GetPasswd()
if err != nil {
log.Fatal(err)
}
p2 := string(b2)
if p1 != p2 {
log.Fatal("passwords don't match")
}
u.Password = p1
}
// Print a password prompt on the terminal and collect a password
func GetPEMPassword(pemFile string) []byte {
fmt.Printf("Password for %s: ", pemFile)
pass, err := gopass.GetPasswd()
if err != nil {
// We'll error with an incorrect password at DecryptPEMBlock
return []byte("")
}
return pass
}