1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
|
#!/usr/bin/env mksh
# $MirOS: contrib/hosted/tg/code/kwalletcli/kwalletaskpass,v 1.12 2025/12/14 08:04:53 tg Exp $
#-
# Copyright © 2009, 2010, 2011, 2014, 2025
# mirabilos <m$(date +%Y)@mirbsd.de>
#
# Provided that these terms and disclaimer and all copyright notices
# are retained or reproduced in an accompanying document, permission
# is granted to deal in this work without restriction, including un‐
# limited rights to use, publicly perform, distribute, sell, modify,
# merge, give away, or sublicence.
#
# This work is provided “AS IS” and WITHOUT WARRANTY of any kind, to
# the utmost extent permitted by applicable law, neither express nor
# implied; without malicious intent or gross negligence. In no event
# may a licensor, author or contributor be held liable for indirect,
# direct, other damage, loss, or other issues arising in any way out
# of dealing in the work, even if advised of the possibility of such
# damage or existence of a defect, except proven that it results out
# of said person’s immediate fault when using the work as intended.
if (( $# != 1 )); then
print -ru2 'E: wrong number of arguments'
exit 127
fi
# or e.g. en_US.UTF-8 or en_US.utf8 or the likes, depends on your OS
# choose one that is always available and uses UTF-8/CESU-8 encoding
substlocale=C.UTF-8 # sync with manpage ENVIRONMENT section
# ensure the UTF-8 locale is running and LC_CTYPE is populated
if command -v locale >/dev/null 2>&1; then
# expand LANG/LC_*/LC_ALL to LC_*
x=$(locale | sed -n '/^LC_/s//export &/p')
if [[ -n $x ]]; then
eval "$x"
unset LANG LC_ALL
else
print -ru2 -- 'E: expanding locale failed; result:'
locale 2>&1 | sed 's/^/N: /' >&2
if [[ -n $LC_ALL ]]; then
export LC_CTYPE=$LC_ALL
elif [[ -z $LC_CTYPE && -n $LANG ]]; then
export LC_CTYPE=$LANG
fi
fi
if ! y=$(locale charmap); then
print -ru2 -- "E: locale charmap command failed: result='$y'"
y=
fi
if [[ $y != @(utf|UTF|cesu|CESU)?(-)8 ]]; then
print -ru2 -- "W: no UTF-8 locale; switching to $substlocale"
if [[ -n $x ]]; then
export LC_CTYPE=$substlocale
else
export LC_CTYPE=$substlocale LC_ALL=$substlocale
unset LANG
fi
[[ $(locale charmap 2>&1) = @(utf|UTF|cesu|CESU)?(-)8 ]] || \
print -ru2 -- 'W: still no UTF-8 locale!'
fi
elif [[ ${LC_ALL:-${LC_CTYPE:-${LANG}}} != ?(*[!A-Za-z0-9])@(utf|UTF|cesu|CESU)?(-)8?([!A-Za-z0-9]*) ]]; then
print -ru2 -- "W: no locale(1), no UTF-8 locale; switching to $substlocale"
export LC_CTYPE=$substlocale LC_ALL=$substlocale
unset LANG
else
export LC_CTYPE=${LC_ALL:-${LC_CTYPE:-${LANG}}}
fi
set -U # regardless
rv=1
trywallet=0
[[ -n $DISPLAY ]] && case $1 in
('Enter PIN for CA'*)
;;
('Enter passphrase for '*|'Password for '*|'Enter PIN for'*@(authenticator|key)*)
trywallet=1 ;;
esac
if (( trywallet )); then
blist=$(kwalletcli -q -f kwalletaskpass-blacklist -e "${1#Enter }")
[[ $blist = yes* ]] && trywallet=0
fi
if (( trywallet )); then
pw=$(kwalletcli -q -f kwalletaskpass -e "${1#Enter }")
rv=$?
fi
# whitelist of known binary queries
barg=
[[ $1 = 'Allow shared connection to '* || \
$1 = 'Add key '*' to agent?'* || \
$1 = 'Disable further multiplexing'* || \
$1 = 'Terminate shared connection to '* || \
$1 = 'Open '*' on '*'?' || \
$1 = 'Something behind the ssh-agent-filter '*'requested use of the key named '* || \
$1 = 'Allow forward to '* || \
$1 = 'Allow use of key '* ]] && barg=-b
if (( rv )); then
pw=$(kwalletcli_getpin -q $barg -t "$1")
rv=$?
if (( rv == 0 && trywallet )); then
q=${1#Enter }
q=${q%%:*([ ])}
if kwalletcli_getpin -qb -t "Store $q in the KDE Wallet?"; then
kwalletcli -q -f kwalletaskpass \
-e "${1#Enter }" -p "$pw"
else
kwalletcli -q -f kwalletaskpass-blacklist \
-e "${1#Enter }" -p yes
fi
fi
fi
case $rv {
(0) print -r -- "$pw"
exit 0 ;;
(1) exit 1 ;;
(*) exit 3 ;;
}
|
