summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSébastien Helleu <flashcode@flashtux.org>2021-02-06 16:07:14 +0100
committerSébastien Helleu <flashcode@flashtux.org>2021-02-06 16:07:14 +0100
commitf1c681c832b85178ad6242fd8b16f762510bdddd (patch)
tree2c08c3669fe235be1bb105962e6d6b905349eec1
parentfe9ec8fbda222492679762709733bd8f164455c7 (diff)
downloadweechat-f1c681c832b85178ad6242fd8b16f762510bdddd.zip
core: replace option sec.crypt.passphrase_file by sec.crypt.passphrase_command (closes #141)
The command is used to read the passphrase on startup, for example using your favorite password manager. Note: only the passphrase is read from the program, the secured data is still stored encrypted in sec.conf and handled by WeeChat itself.
-rw-r--r--ChangeLog.adoc1
-rw-r--r--ReleaseNotes.adoc23
-rw-r--r--doc/de/includes/autogen_user_commands.de.adoc62
-rw-r--r--doc/de/includes/autogen_user_options.de.adoc4
-rw-r--r--doc/de/weechat_user.de.adoc23
-rw-r--r--doc/en/includes/autogen_user_commands.en.adoc4
-rw-r--r--doc/en/includes/autogen_user_options.en.adoc4
-rw-r--r--doc/en/weechat_user.en.adoc22
-rw-r--r--doc/fr/includes/autogen_user_commands.fr.adoc4
-rw-r--r--doc/fr/includes/autogen_user_options.fr.adoc4
-rw-r--r--doc/fr/weechat_user.fr.adoc21
-rw-r--r--doc/it/includes/autogen_user_commands.it.adoc4
-rw-r--r--doc/it/includes/autogen_user_options.it.adoc4
-rw-r--r--doc/it/weechat_user.it.adoc23
-rw-r--r--doc/ja/includes/autogen_user_commands.ja.adoc44
-rw-r--r--doc/ja/includes/autogen_user_options.ja.adoc4
-rw-r--r--doc/ja/weechat_user.ja.adoc23
-rw-r--r--doc/pl/includes/autogen_user_commands.pl.adoc62
-rw-r--r--doc/pl/includes/autogen_user_options.pl.adoc4
-rw-r--r--doc/pl/weechat_user.pl.adoc23
-rw-r--r--po/cs.po62
-rw-r--r--po/de.po71
-rw-r--r--po/es.po62
-rw-r--r--po/fr.po63
-rw-r--r--po/hu.po71
-rw-r--r--po/it.po62
-rw-r--r--po/ja.po69
-rw-r--r--po/pl.po70
-rw-r--r--po/pt.po69
-rw-r--r--po/pt_BR.po61
-rw-r--r--po/ru.po71
-rw-r--r--po/tr.po37
-rw-r--r--po/weechat.pot29
-rw-r--r--src/core/wee-command.c17
-rw-r--r--src/core/wee-secure-config.c113
-rw-r--r--src/core/wee-secure-config.h2
36 files changed, 538 insertions, 754 deletions
diff --git a/ChangeLog.adoc b/ChangeLog.adoc
index fb194f720..767895d00 100644
--- a/ChangeLog.adoc
+++ b/ChangeLog.adoc
@@ -20,6 +20,7 @@ https://weechat.org/files/releasenotes/ReleaseNotes-devel.html[release notes]
New features::
+ * core: add option sec.crypt.passphrase_command to read passphrase from an external program on startup (issue #141)
* core: improve debug in command /eval: display more verbose debug with two "-d", add indentation and colors
* core: add options "setvar" and "delvar" in command /buffer, rename option "localvar" to "listvar"
* core: add buffer local variable "completion_default_template" (evaluated) to override the value of option "weechat.completion.default_template" (issue #1600)
diff --git a/ReleaseNotes.adoc b/ReleaseNotes.adoc
index 9017b296b..c26fa9775 100644
--- a/ReleaseNotes.adoc
+++ b/ReleaseNotes.adoc
@@ -20,6 +20,29 @@ https://weechat.org/files/changelog/ChangeLog-devel.html[ChangeLog]
[[v3.1]]
== Version 3.1 (under dev)
+[[v3.1_secure_data_passphrase_command]]
+=== External program to read secured data passphrase
+
+A new option `sec.crypt.passphrase_command` has been added to read the passphrase
+from the output of an external program (like a password manager).
+
+The option `sec.crypt.passphrase_file` has been removed, because the command
+can now read a file as well. If you used a file to read the passphrase, you
+must now setup the command like this:
+
+----
+/set sec.crypt.passphrase_command "cat ~/.weechat-passphrase"
+----
+
+For security reasons, it is of course highly recommended to use a password manager
+or a program to decrypt a file with your passphrase rather than using a file with
+the clear password. +
+For example with password-store (command `pass`):
+
+----
+/set sec.crypt.passphrase_command "pass show weechat/passphrase"
+----
+
[[v3.1_command_buffer_listvar]]
=== List of buffer local variables
diff --git a/doc/de/includes/autogen_user_commands.de.adoc b/doc/de/includes/autogen_user_commands.de.adoc
index 64320b43e..c3b45fe01 100644
--- a/doc/de/includes/autogen_user_commands.de.adoc
+++ b/doc/de/includes/autogen_user_commands.de.adoc
@@ -1860,38 +1860,40 @@ Standardmäßig werden alle Konfigurationsdateien beim Ausführen des /quit Befe
set <name> <value>
del <name>
-passphrase: ändern der Passphrase (ohne Passphrase, werden die Daten in der Datei sec.conf in Klartext gesichert)
- -delete: löscht Passphrase
- decrypt: entschlüsselt Daten nachträglich (dies passiert nur falls die Passphrase beim Start nicht angegeben wurde)
- -discard: verwirft alle verschlüsselten Daten
- set: fügt eine schutzwürdige Information hinzu oder ändert eine bestehende
- del: entfernt eine schutzwürdige Information
-
-Ohne Angabe von Argumenten wird ein neuer Buffer geöffnet und die schutzwürdigen Informationen können dort eingesehen werden.
-
-Tastenbefehle für den secure-Buffer:
- alt+v Werte werden in Klartext angezeigt bzw. verborgen
-
-Wird eine Passphrase verwendet (Daten liegen verschlüsselt vor), fragt WeeChat beim Start die Passphrase ab.
-Setzt man die Umgebungsvariable "WEECHAT_PASSPHRASE", kann die Eingabeaufforderung der Passphrase beim Programmstart vermieden werden (diese Variable wird von WeeChat auch beim /upgrade verwendet). Es ist auch möglich in der Option sec.crypt.passphrase_file eine Datei anzugeben die die Passphrase beinhaltet (siehe /help sec.crypt.passphrase_file)
-
-schutzwürdige Daten mit dem Format ${sec.data.xxx} können wie folgt genutzt werden:
- - Befehl /eval.
- - Argument in der Befehlszeile für "--run-command"
- - Einstellung weechat.startup.command_{before|after}_plugins
- - weitere Optionen die Passwörter oder sensible Daten beinhalten (zum Beispiel: proxy, irc server und relay); nutze /help mit der entsprechenden Option um zu überprüfen ob die Daten evaluiert werden.
-
-Beispiele:
- festlegen eine Passphrase:
- /secure passphrase Dies ist meine Passphrase
- verschlüsselt freenode SASL Passwort:
- /secure set freenode meinPasswort
+passphrase: change the passphrase (without passphrase, data is stored as plain text in file sec.conf)
+ -delete: delete passphrase
+ decrypt: decrypt data still encrypted (it happens only if passphrase was not given on startup)
+ -discard: discard all data still encrypted
+ set: add or change secured data
+ del: delete secured data
+
+Without argument, this command displays secured data in a new buffer.
+
+Keys on secure buffer:
+ alt+v toggle values
+
+When a passphrase is used (data encrypted), it is asked by WeeChat on startup.
+It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command).
+
+Secured data with format ${sec.data.xxx} can be used in:
+ - command /eval
+ - command line argument "--run-command"
+ - options weechat.startup.command_{before|after}_plugins
+ - other options that may contain a password or sensitive data (for example proxy, irc server and relay); see /help on the options to check if they are evaluated.
+
+Examples:
+ set a passphrase:
+ /secure passphrase this is my passphrase
+ use program "pass" to read the passphrase on startup:
+ /set sec.crypt.passphrase_command "pass show weechat/passphrase"
+ encrypt freenode SASL password:
+ /secure set freenode mypassword
/set irc.server.freenode.sasl_password "${sec.data.freenode}"
- verschlüsselt oftc Passwort für nickserv:
- /secure set oftc meinPasswort
+ encrypt oftc password for nickserv:
+ /secure set oftc mypassword
/set irc.server.oftc.command "/msg nickserv identify ${sec.data.oftc}"
- Alternativbefehl um den eigenen Nick zu ghosten:
- /alias add ghost /eval /msg -server freenode nickserv ghost meinNick ${sec.data.freenode}
+ alias to ghost the nick "mynick":
+ /alias add ghost /eval /msg -server freenode nickserv ghost mynick ${sec.data.freenode}
----
[[command_weechat_set]]
diff --git a/doc/de/includes/autogen_user_options.de.adoc b/doc/de/includes/autogen_user_options.de.adoc
index 0321f5d9b..7b167fe93 100644
--- a/doc/de/includes/autogen_user_options.de.adoc
+++ b/doc/de/includes/autogen_user_options.de.adoc
@@ -16,8 +16,8 @@
** Werte: sha224, sha256, sha384, sha512
** Standardwert: `+sha256+`
-* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file*
-** Beschreibung: pass:none[Pfad zu einer Datei die die Passphrase enthält um damit schutzwürdige Daten zu ver- und entschlüsseln. Diese Einstellung findet nur Anwendung, wenn die Datei sec.conf gelesen wird. Es wird auch nur die erste Zeile eingelesen. Diese Datei wird nur verwendet, falls die Umgebungsvariable "WEECHAT_PASSPHRASE" nicht genutzt wird (die Umgebungsvariable besitzt eine höhere Priorität). Sicherheitshinweis: Es ist anzuraten dieser Datei nur für die eigene Person Leserechte zu gewähren und die Datei nicht im Heimatverzeichnis von WeeChat zu sichern (zum Beispiel im /home/ Order); Beispiel: "~/.weechat-passphrase"]
+* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command*
+** Beschreibung: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"]
** Typ: Zeichenkette
** Werte: beliebige Zeichenkette
** Standardwert: `+""+`
diff --git a/doc/de/weechat_user.de.adoc b/doc/de/weechat_user.de.adoc
index 312ed50bf..9aaf87ddc 100644
--- a/doc/de/weechat_user.de.adoc
+++ b/doc/de/weechat_user.de.adoc
@@ -2237,11 +2237,26 @@ da ansonsten die Daten in Klartext gesichert werden.
/secure passphrase Dies ist meine Passphrase
----
-Wenn eine Passphrase genutzt wird fragt WeeChat diese beim Programmstart
-ab (bei einem `/upgrade` ist dies nicht der Fall).
+// TRANSLATION MISSING
+===== Passphrase on startup
-Die Passphrase kann auch in einer Datei gesichert werden (siehe Option
-<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>).
+When a passphrase is set, WeeChat will ask you to enter it on startup
+(but not on `/upgrade`).
+
+If you are using a password manager, you can run an external program to read
+the passphrase instead of having to type it manually on WeeChat startup. +
+For example with password-store (command `pass`):
+
+----
+/set sec.crypt.passphrase_command "pass show weechat/passphrase"
+----
+
+The program may ask you unlock your GPG key or enter another passphrase to
+read the secret. WeeChat will wait for the end of the command to read the
+passphrase on the standard output (it must be on the first line without any
+extra character). +
+If the output contains no passphrase or if it is wrong, WeeChat will then ask
+you to enter it.
[[secured_data_encryption]]
===== Verschlüsselung
diff --git a/doc/en/includes/autogen_user_commands.en.adoc b/doc/en/includes/autogen_user_commands.en.adoc
index ffcb3199d..5ceba339c 100644
--- a/doc/en/includes/autogen_user_commands.en.adoc
+++ b/doc/en/includes/autogen_user_commands.en.adoc
@@ -1873,7 +1873,7 @@ Keys on secure buffer:
alt+v toggle values
When a passphrase is used (data encrypted), it is asked by WeeChat on startup.
-It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_file to read the passphrase from a file (see /help sec.crypt.passphrase_file).
+It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command).
Secured data with format ${sec.data.xxx} can be used in:
- command /eval
@@ -1884,6 +1884,8 @@ Secured data with format ${sec.data.xxx} can be used in:
Examples:
set a passphrase:
/secure passphrase this is my passphrase
+ use program "pass" to read the passphrase on startup:
+ /set sec.crypt.passphrase_command "pass show weechat/passphrase"
encrypt freenode SASL password:
/secure set freenode mypassword
/set irc.server.freenode.sasl_password "${sec.data.freenode}"
diff --git a/doc/en/includes/autogen_user_options.en.adoc b/doc/en/includes/autogen_user_options.en.adoc
index 05d07fea8..1a71926d2 100644
--- a/doc/en/includes/autogen_user_options.en.adoc
+++ b/doc/en/includes/autogen_user_options.en.adoc
@@ -16,8 +16,8 @@
** values: sha224, sha256, sha384, sha512
** default value: `+sha256+`
-* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file*
-** description: pass:none[path to a file containing the passphrase to encrypt/decrypt secured data; this option is used only when reading file sec.conf; only first line of file is used; this file is used only if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); security note: it is recommended to keep this file readable only by you and store it outside WeeChat home (for example in your home); example: "~/.weechat-passphrase"]
+* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command*
+** description: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"]
** type: string
** values: any string
** default value: `+""+`
diff --git a/doc/en/weechat_user.en.adoc b/doc/en/weechat_user.en.adoc
index d39f6190e..3c52531d0 100644
--- a/doc/en/weechat_user.en.adoc
+++ b/doc/en/weechat_user.en.adoc
@@ -2199,11 +2199,25 @@ but highly recommended, otherwise data is stored as plain text in file.
/secure passphrase this is my passphrase
----
-When a passphrase is set, WeeChat will ask you to enter it on startup (but not
-on `/upgrade`).
+===== Passphrase on startup
-You can change this behavior and use a file with the passphrase (see option
-<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>).
+When a passphrase is set, WeeChat will ask you to enter it on startup
+(but not on `/upgrade`).
+
+If you are using a password manager, you can run an external program to read
+the passphrase instead of having to type it manually on WeeChat startup. +
+For example with password-store (command `pass`):
+
+----
+/set sec.crypt.passphrase_command "pass show weechat/passphrase"
+----
+
+The program may ask you unlock your GPG key or enter another passphrase to
+read the secret. WeeChat will wait for the end of the command to read the
+passphrase on the standard output (it must be on the first line without any
+extra character). +
+If the output contains no passphrase or if it is wrong, WeeChat will then ask
+you to enter it.
[[secured_data_encryption]]
===== Encryption
diff --git a/doc/fr/includes/autogen_user_commands.fr.adoc b/doc/fr/includes/autogen_user_commands.fr.adoc
index 08876550b..1807f7d26 100644
--- a/doc/fr/includes/autogen_user_commands.fr.adoc
+++ b/doc/fr/includes/autogen_user_commands.fr.adoc
@@ -1873,7 +1873,7 @@ Les touches sur le tampon des données sécurisées :
alt+v afficher/cacher les valeurs
Lorsqu'une phrase de chiffrement est utilisée (données chiffrées), elle est demandée au démarrage de WeeChat.
-Il est possible de définir la variable d'environnement WEECHAT_PASSPHRASE pour éviter la demande (cette même variable est utilisée par WeeChat sur le /upgrade) ou de définir l'option sec.crypt.passphrase_file pour lire la phrase de chiffrement depuis un fichier (voir /help sec.crypt.passphrase_file).
+Il est possible de définir la variable d'environnement WEECHAT_PASSPHRASE pour éviter la demande (cette même variable est utilisée par WeeChat sur le /upgrade) ou de définir l'option sec.crypt.passphrase_command pour lire la phrase de chiffrement depuis la sortie d'une commande externe comme un gestionnaire de mots de passe (voir /help sec.crypt.passphrase_command).
Les données sécurisées avec le format ${sec.data.xxx} peuvent être utilisées dans :
- la commande /eval
@@ -1884,6 +1884,8 @@ Les données sécurisées avec le format ${sec.data.xxx} peuvent être utilisée
Exemples :
définir une phrase de chiffrement :
/secure passphrase ceci est ma phrase de chiffrement
+ utiliser le programme "pass" pour lire la phrase de chiffrement au démarrage :
+ /set sec.crypt.passphrase_command "pass show weechat/passphrase"
chiffrer le mot de passe freenode SASL :
/secure set freenode motdepasse
/set irc.server.freenode.sasl_password "${sec.data.freenode}"
diff --git a/doc/fr/includes/autogen_user_options.fr.adoc b/doc/fr/includes/autogen_user_options.fr.adoc
index e6ae57c62..95e72f792 100644
--- a/doc/fr/includes/autogen_user_options.fr.adoc
+++ b/doc/fr/includes/autogen_user_options.fr.adoc
@@ -16,8 +16,8 @@
** valeurs: sha224, sha256, sha384, sha512
** valeur par défaut: `+sha256+`
-* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file*
-** description: pass:none[chemin vers un fichier contenant la phrase de chiffrement pour (dé)chiffrer les données sécurisées ; cette option est utilisée seulement lors de la lecture du fichier sec.conf ; seulement la première ligne du fichier est utilisée ; ce fichier est utilisé seulement si la variable d'environnement "WEECHAT_PASSPHRASE" n'est pas définie (la variable d'environnement a une priorité plus haute) ; note de sécurité : il est recommandé de garder ce fichier en lecture seulement par vous et de le stocker en dehors du "home" WeeChat (par exemple dans votre "home") ; exemple : "~/.weechat-passphrase"]
+* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command*
+** description: pass:none[lire la phrase de chiffrement depuis la sortie de cette commande (seule la première ligne est utilisée et elle ne doit contenir aucun autre caractère) ; cette option est utilisée seulement pour lire le fichier sec.conf et si la variable d'environnement "WEECHAT_PASSPHRASE" n'est pas définie (la variable d'environnement a une priorité plus haute) ; exemple avec password-store : "pass show weechat/passphrase"]
** type: chaîne
** valeurs: toute chaîne
** valeur par défaut: `+""+`
diff --git a/doc/fr/weechat_user.fr.adoc b/doc/fr/weechat_user.fr.adoc
index 3a1fef984..f25289ec8 100644
--- a/doc/fr/weechat_user.fr.adoc
+++ b/doc/fr/weechat_user.fr.adoc
@@ -2275,12 +2275,27 @@ données sont stockées sous forme de texte en clair dans le fichier.
/secure passphrase ceci est ma phrase secrète
----
+// TRANSLATION MISSING
+===== Passphrase on startup
+
Lorsqu'une phrase secrète est définie, WeeChat vous demandera de la saisir lors
du démarrage (mais pas sur `/upgrade`).
-Vous pouvez modifier ce comportement et utiliser un fichier avec la phrase
-secrète (voir l'option
-<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>).
+Si vous utilisez un gestionnaire de mots de passe, vous pouvez lancer
+un programme externe pour lire la phrase de chiffrement au lieu d'avoir
+à l'entrer manuellement au démarrage de WeeChat. +
+Par exemple avec password-store (command `pass`) :
+
+----
+/set sec.crypt.passphrase_command "pass show weechat/passphrase"
+----
+
+Le programme peut vous demander de déverrouiller votre clé GPG ou d'entrer une
+autre phrase de chiffrement. WeeChat attendra la fin de la commande pour lire
+la phrase de chiffrement sur la sortie standard (elle doit être sur la première
+ligne et sans caractère supplémentaire). +
+Si la sortie ne contient pas de phrase de chiffrement ou si celle-ci est
+erronée, WeeChat vous demandera alors de la saisir.
[[secured_data_encryption]]
===== Chiffrement
diff --git a/doc/it/includes/autogen_user_commands.it.adoc b/doc/it/includes/autogen_user_commands.it.adoc
index 96a42df00..d417e0653 100644
--- a/doc/it/includes/autogen_user_commands.it.adoc
+++ b/doc/it/includes/autogen_user_commands.it.adoc
@@ -1873,7 +1873,7 @@ Keys on secure buffer:
alt+v toggle values
When a passphrase is used (data encrypted), it is asked by WeeChat on startup.
-It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_file to read the passphrase from a file (see /help sec.crypt.passphrase_file).
+It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command).
Secured data with format ${sec.data.xxx} can be used in:
- command /eval
@@ -1884,6 +1884,8 @@ Secured data with format ${sec.data.xxx} can be used in:
Examples:
set a passphrase:
/secure passphrase this is my passphrase
+ use program "pass" to read the passphrase on startup:
+ /set sec.crypt.passphrase_command "pass show weechat/passphrase"
encrypt freenode SASL password:
/secure set freenode mypassword
/set irc.server.freenode.sasl_password "${sec.data.freenode}"
diff --git a/doc/it/includes/autogen_user_options.it.adoc b/doc/it/includes/autogen_user_options.it.adoc
index 9a8d27a16..a7c74624c 100644
--- a/doc/it/includes/autogen_user_options.it.adoc
+++ b/doc/it/includes/autogen_user_options.it.adoc
@@ -16,8 +16,8 @@
** valori: sha224, sha256, sha384, sha512
** valore predefinito: `+sha256+`
-* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file*
-** descrizione: pass:none[path to a file containing the passphrase to encrypt/decrypt secured data; this option is used only when reading file sec.conf; only first line of file is used; this file is used only if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); security note: it is recommended to keep this file readable only by you and store it outside WeeChat home (for example in your home); example: "~/.weechat-passphrase"]
+* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command*
+** descrizione: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"]
** tipo: stringa
** valori: qualsiasi stringa
** valore predefinito: `+""+`
diff --git a/doc/it/weechat_user.it.adoc b/doc/it/weechat_user.it.adoc
index c685072e9..c4df291f2 100644
--- a/doc/it/weechat_user.it.adoc
+++ b/doc/it/weechat_user.it.adoc
@@ -2362,11 +2362,26 @@ but highly recommended, otherwise data is stored as plain text in file.
/secure passphrase this is my passphrase
----
-When a passphrase is set, WeeChat will ask you to enter it on startup (but not
-on `/upgrade`).
+// TRANSLATION MISSING
+===== Passphrase on startup
+
+When a passphrase is set, WeeChat will ask you to enter it on startup
+(but not on `/upgrade`).
+
+If you are using a password manager, you can run an external program to read
+the passphrase instead of having to type it manually on WeeChat startup. +
+For example with password-store (command `pass`):
+
+----
+/set sec.crypt.passphrase_command "pass show weechat/passphrase"
+----
-You can change this behavior and use a file with the passphrase (see option
-<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>).
+The program may ask you unlock your GPG key or enter another passphrase to
+read the secret. WeeChat will wait for the end of the command to read the
+passphrase on the standard output (it must be on the first line without any
+extra character). +
+If the output contains no passphrase or if it is wrong, WeeChat will then ask
+you to enter it.
[[secured_data_encryption]]
===== Encryption
diff --git a/doc/ja/includes/autogen_user_commands.ja.adoc b/doc/ja/includes/autogen_user_commands.ja.adoc
index 7ed6214bf..36e67f1de 100644
--- a/doc/ja/includes/autogen_user_commands.ja.adoc
+++ b/doc/ja/includes/autogen_user_commands.ja.adoc
@@ -1860,37 +1860,39 @@ file: 保存する設定ファイル (拡張子 ".conf" は不要)
set <name> <value>
del <name>
-passphrase: パスフレーズを変更 (パスフレーズがない場合、sec.conf ファイルに平文でデータを保存します)
- -delete: パスフレーズを削除
- decrypt: 暗号化されているデータを復号化 (起動時にパスフレーズが設定されていない場合に起きます)
- -discard: 全ての暗号化データを破棄
- set: 保護データを追加または変更
- del: 保護データを削除
+passphrase: change the passphrase (without passphrase, data is stored as plain text in file sec.conf)
+ -delete: delete passphrase
+ decrypt: decrypt data still encrypted (it happens only if passphrase was not given on startup)
+ -discard: discard all data still encrypted
+ set: add or change secured data
+ del: delete secured data
-引数がない場合、新しいバッファに保護データを表示します。
+Without argument, this command displays secured data in a new buffer.
-保護バッファ内で利用可能なキー:
- alt+v 値を切り替えます
+Keys on secure buffer:
+ alt+v toggle values
-パスフレーズを利用する場合 (データが暗号化されている場合)、WeeChat は起動時にパスフレーズを尋ねます。
-入力を回避するには、環境変数 "WEECHAT_PASSPHRASE" を利用するか (WeeChat は /upgrade の時に同じ変数を利用します)、sec.crypt.passphrase_file オプションを設定してファイルからパスフレーズを読み込みます (/help sec.crypt.passphrase_file を参照してください)。
+When a passphrase is used (data encrypted), it is asked by WeeChat on startup.
+It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command).
-${sec.data.xxx} の形で書かれた保護データは以下の様に利用できます:
- - /eval コマンド
- - コマンドライン引数 "--run-command"
- - weechat.startup.command_{before|after}_plugins オプション
- - パスワードや機密データを含むと思われるその他のオプション (例えば、プロキシ、irc サーバ、リレー); 保護データが評価されるかを確認するには各オプションの /help を参照してください。
+Secured data with format ${sec.data.xxx} can be used in:
+ - command /eval
+ - command line argument "--run-command"
+ - options weechat.startup.command_{before|after}_plugins
+ - other options that may contain a password or sensitive data (for example proxy, irc server and relay); see /help on the options to check if they are evaluated.
-例:
- パスフレーズを設定:
+Examples:
+ set a passphrase:
/secure passphrase this is my passphrase
- freenode の SASL パスワードを暗号化:
+ use program "pass" to read the passphrase on startup:
+ /set sec.crypt.passphrase_command "pass show weechat/passphrase"
+ encrypt freenode SASL password:
/secure set freenode mypassword
/set irc.server.freenode.sasl_password "${sec.data.freenode}"
- oftc の nickserv 用パスワードを暗号化:
+ encrypt oftc password for nickserv:
/secure set oftc mypassword
/set irc.server.oftc.command "/msg nickserv identify ${sec.data.oftc}"
- ニックネーム "mynick" を取り戻すためのエイリアス ghost を設定
+ alias to ghost the nick "mynick":
/alias add ghost /eval /msg -server freenode nickserv ghost mynick ${sec.data.freenode}
----
diff --git a/doc/ja/includes/autogen_user_options.ja.adoc b/doc/ja/includes/autogen_user_options.ja.adoc
index 68df967e2..d66608719 100644
--- a/doc/ja/includes/autogen_user_options.ja.adoc
+++ b/doc/ja/includes/autogen_user_options.ja.adoc
@@ -16,8 +16,8 @@
** 値: sha224, sha256, sha384, sha512
** デフォルト値: `+sha256+`
-* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file*
-** 説明: pass:none[保護データを暗号化/複合化するためのパスフレーズを保存したファイルパス; このオプションは sec.conf ファイルを読むときだけに利用されます; ファイルの 1 行目だけが利用されます; このファイルは環境変数 "WEECHAT_PASSPHRASE" が設定されていないときだけに利用されます (環境変数のほうが優先順位が高いです); セキュリティ上の注意: このファイルを自分だけが読み込める状態にし、WeeChat ホームの外 (例えば自分のホームディレクトリ) に保存しておくことを推奨します; 例: "~/.weechat-passphrase"]
+* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command*
+** 説明: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"]
** タイプ: 文字列
** 値: 未制約文字列
** デフォルト値: `+""+`
diff --git a/doc/ja/weechat_user.ja.adoc b/doc/ja/weechat_user.ja.adoc
index ed13f719d..fa8a5961e 100644
--- a/doc/ja/weechat_user.ja.adoc
+++ b/doc/ja/weechat_user.ja.adoc
@@ -2244,11 +2244,26 @@ _sec.conf_
/secure passphrase this is my passphrase
----
-パスフレーズを設定した場合、WeeChat
-の起動時にパスフレーズの入力が求められるようになります (`/upgrade` 時には求められません)。
+// TRANSLATION MISSING
+===== Passphrase on startup
+
+When a passphrase is set, WeeChat will ask you to enter it on startup
+(but not on `/upgrade`).
+
+If you are using a password manager, you can run an external program to read
+the passphrase instead of having to type it manually on WeeChat startup. +
+For example with password-store (command `pass`):
+
+----
+/set sec.crypt.passphrase_command "pass show weechat/passphrase"
+----
-この挙動を変更し、パスフレーズを保存したファイルを使うことも可能です
-(<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>> オプションを参照してください)。
+The program may ask you unlock your GPG key or enter another passphrase to
+read the secret. WeeChat will wait for the end of the command to read the
+passphrase on the standard output (it must be on the first line without any
+extra character). +
+If the output contains no passphrase or if it is wrong, WeeChat will then ask
+you to enter it.
[[secured_data_encryption]]
===== 暗号化
diff --git a/doc/pl/includes/autogen_user_commands.pl.adoc b/doc/pl/includes/autogen_user_commands.pl.adoc
index 02f3dd315..f335ad3c0 100644
--- a/doc/pl/includes/autogen_user_commands.pl.adoc
+++ b/doc/pl/includes/autogen_user_commands.pl.adoc
@@ -1859,38 +1859,40 @@ Domyślnie zapisywane na dysku są wszystkie pliki konfiguracyjne podczas wykony
set <nazwa> <wartość>
del <nazwa>
-passphrase: zmienia hasło (bez hasła dane są przechowywane w postaci tekstu w pliku sec.conf)
- -delete: kasuje hasło
- decrypt: rozszyfrowuje dane będące ciągle zaszyfrowane (zdarza się to tylko jeśli hasło nie zostało podane przy uruchomieniu)
- -discard: odrzuca wszystkie nadal zaszyfrowane dane
- set: dodaje lub zmienia zaszyfrowane dane
- del: kasuje zaszyfrowane dane
-
-Bez argumentu, komenda wyświetli zabezpieczone dane w nowym buforze.
-
-Kombinacje klawiszy w bezpiecznym buforze:
- alt+v przełącza wartości
-
-Jeśli używane jest hasło (dane zaszyfrowane), należy je podać podczas startu WeeChat.
-Jest możliwe ustawienie zmiennej środowiskowej "WEECHAT_PASSPHRASE", aby nie podawać hasła przy uruchomieniu (ta sama zmienna jest używana przez WeeChat podczas wykonywania /upgrade).
-
-Zabezpieczone dane w formacie ${sec.data.xxx} można użyć w:
- - komendzie /eval
- - argumencie w linii poleceń "--run-command"
- - opcjach weechat.startup.command_{before|after}_plugins
- - innych opcjach, które mogą zawierać hasło lub wrażliwe dane (na przykład proxy, serwer irc i relay); zobacz /help na opcjach żeby sprawdzić czy są przetwarzane.
-
-Przykłady:
- ustawienie hasła:
- /secure passphrase to jest moje hasło
- zaszyfrowanie hasła dla freenode SASL:
- /secure set freenode mojehasło
+passphrase: change the passphrase (without passphrase, data is stored as plain text in file sec.conf)
+ -delete: delete passphrase
+ decrypt: decrypt data still encrypted (it happens only if passphrase was not given on startup)
+ -discard: discard all data still encrypted
+ set: add or change secured data
+ del: delete secured data
+
+Without argument, this command displays secured data in a new buffer.
+
+Keys on secure buffer:
+ alt+v toggle values
+
+When a passphrase is used (data encrypted), it is asked by WeeChat on startup.
+It is possible to set environment variable "WEECHAT_PASSPHRASE" to prevent the prompt (this same variable is used by WeeChat on /upgrade), or to set option sec.crypt.passphrase_command to read the passphrase from the output of an external command like a password manager (see /help sec.crypt.passphrase_command).
+
+Secured data with format ${sec.data.xxx} can be used in:
+ - command /eval
+ - command line argument "--run-command"
+ - options weechat.startup.command_{before|after}_plugins
+ - other options that may contain a password or sensitive data (for example proxy, irc server and relay); see /help on the options to check if they are evaluated.
+
+Examples:
+ set a passphrase:
+ /secure passphrase this is my passphrase
+ use program "pass" to read the passphrase on startup:
+ /set sec.crypt.passphrase_command "pass show weechat/passphrase"
+ encrypt freenode SASL password:
+ /secure set freenode mypassword
/set irc.server.freenode.sasl_password "${sec.data.freenode}"
- zaszyfrowanie hasła dla nickserva na serwerze oftc:
- /secure set oftc mojehasło
+ encrypt oftc password for nickserv:
+ /secure set oftc mypassword
/set irc.server.oftc.command "/msg nickserv identify ${sec.data.oftc}"
- alias dla polecenia ghost dla nicka "mójnick":
- /alias ghost /eval /msg -server freenode nickserv ghost mójnick ${sec.data.freenode}
+ alias to ghost the nick "mynick":
+ /alias add ghost /eval /msg -server freenode nickserv ghost mynick ${sec.data.freenode}
----
[[command_weechat_set]]
diff --git a/doc/pl/includes/autogen_user_options.pl.adoc b/doc/pl/includes/autogen_user_options.pl.adoc
index 154756209..dc4ebfbb3 100644
--- a/doc/pl/includes/autogen_user_options.pl.adoc
+++ b/doc/pl/includes/autogen_user_options.pl.adoc
@@ -16,8 +16,8 @@
** wartości: sha224, sha256, sha384, sha512
** domyślna wartość: `+sha256+`
-* [[option_sec.crypt.passphrase_file]] *sec.crypt.passphrase_file*
-** opis: pass:none[ścieżka do pliku zawierającego hasło do szyfrowania/rozszyfrowywania zabezpieczonych danych; opcja ta jest używana tylko podczas odczytu pliku sec.conf; używana jest tylko pierwsza linia z tego pliku; plik jest używany tylko jeśli zmienna środowiskowa "WEECHAT_PASSPHRASE" nie została ustawiona (zmienna środowiskowa ma najwyższy priorytet); uwaga bezpieczeństwa: zaleca się trzymanie tego pliku poza katalogiem domowym WeeChat (np. w katalogu domowym) i nadanie mu praw do odczytu tylko przez siebie; przykład: "~/.weechat-passphrase"]
+* [[option_sec.crypt.passphrase_command]] *sec.crypt.passphrase_command*
+** opis: pass:none[read the passphrase from the output of this command (only the first line is used and it must not contain any extra character); this option is used only when reading file sec.conf and if the environment variable "WEECHAT_PASSPHRASE" is not set (the environment variable has higher priority); example with password-store: "pass show weechat/passphrase"]
** typ: ciąg
** wartości: dowolny ciąg
** domyślna wartość: `+""+`
diff --git a/doc/pl/weechat_user.pl.adoc b/doc/pl/weechat_user.pl.adoc
index bb878d30e..f3043c789 100644
--- a/doc/pl/weechat_user.pl.adoc
+++ b/doc/pl/weechat_user.pl.adoc
@@ -2213,11 +2213,26 @@ zwykły tekst.
/secure passphrase to jest moje hasło
----
-Kiedy hasło jest ustawione, WeeChat poprosi o jego podanie przy uruchomieniu
-(ale nie podczas `upgrade`).
+// TRANSLATION MISSING
+===== Passphrase on startup
+
+When a passphrase is set, WeeChat will ask you to enter it on startup
+(but not on `/upgrade`).
+
+If you are using a password manager, you can run an external program to read
+the passphrase instead of having to type it manually on WeeChat startup. +
+For example with password-store (command `pass`):
+
+----
+/set sec.crypt.passphrase_command "pass show weechat/passphrase"
+----
-Możesz zmienić to zachowanie i użyć pliku z zapisanym hasłem (zobacz opcję
-<<option_sec.crypt.passphrase_file,sec.crypt.passphrase_file>>).
+The program may ask you unlock your GPG key or enter another passphrase to
+read the secret. WeeChat will wait for the end of the command to read the
+passphrase on the standard output (it must be on the first line without any
+extra character). +
+If the output contains no passphrase or if it is wrong, WeeChat will then ask
+you to enter it.
[[secured_data_encryption]]
===== Szyfrowanie
diff --git a/po/cs.po b/po/cs.po
index 49aa517ae..12df525ca 100644
--- a/po/cs.po
+++ b/po/cs.po
@@ -21,8 +21,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-28 16:40+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Ondřej Súkup <mimi.vx@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: cs\n"
@@ -915,6 +915,12 @@ msgstr "Heslo změněno"
msgid "Passphrase added"
msgstr "Heslo přidáno"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr "Chráněná data \"%s\" nastavena"
@@ -2434,8 +2440,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2448,6 +2455,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -4360,10 +4369,6 @@ msgid ""
"To recover your secured data, you can use /secure decrypt (see /help secure)"
msgstr ""
-#, fuzzy, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "%s%s: nemůžu parsovat soubor \"%s\""
-
#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -4397,13 +4402,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr "hash algoritmus použitý ke kontrole dešifrovaných dat"
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
@@ -13210,34 +13213,3 @@ msgstr "%s%s: vypršel časový limit \"%s\" pro %s"
#, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s%s: nemohu se připojit\" neočekávaná chyba (%d)"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sChyba: neznámé pole \"%s\""
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sChyba: nekorektní číslo bufferu"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sChyba: bufer nenalezen"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sChyba: filtr \"%s\" nenalezen"
-
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sChyba: neznámé rozložení \"%s\""
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sChyba: neznámá proxy \"%s\""
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sChyba: nekorektní číslo"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sChyba: selhalo nastavení volby \"%s\""
-
-#, fuzzy
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sChyba: nekorektní číslo bufferu"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sChyba: plugin \"%s\" nenalezen"
diff --git a/po/de.po b/po/de.po
index 43a0f08bd..7f5b94ce8 100644
--- a/po/de.po
+++ b/po/de.po
@@ -24,8 +24,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2021-02-05 10:56+0100\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Nils Görs <weechatter@arcor.de>\n"
"Language-Team: German <kde-i18n-de@kde.org>\n"
"Language: de\n"
@@ -960,6 +960,12 @@ msgstr "Passphrase geändert"
msgid "Passphrase added"
msgstr "Passphrase hinzugefügt"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr "Schutzwürdige Information \"%s\" gesetzt"
@@ -2910,6 +2916,7 @@ msgstr ""
"passphrase <passphrase>|-delete || decrypt <passphrase>|-discard || set "
"<name> <value> || del <name>"
+#, fuzzy
msgid ""
"passphrase: change the passphrase (without passphrase, data is stored as "
"plain text in file sec.conf)\n"
@@ -2929,8 +2936,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2943,6 +2951,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -5285,10 +5295,6 @@ msgstr ""
"decrypt genutzt werden (siehe /help secure)"
#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "%sWarnung: Passphrase kann nicht aus Datei \"%s\" gelesen werden"
-
-#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
"secure decrypt, see /help secure)"
@@ -5326,23 +5332,12 @@ msgid "hash algorithm used to check the decrypted data"
msgstr "Hash-Algorithmus zur Überprüfung der verschlüsselten Daten"
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
-"Pfad zu einer Datei die die Passphrase enthält um damit schutzwürdige Daten "
-"zu ver- und entschlüsseln. Diese Einstellung findet nur Anwendung, wenn die "
-"Datei sec.conf gelesen wird. Es wird auch nur die erste Zeile eingelesen. "
-"Diese Datei wird nur verwendet, falls die Umgebungsvariable "
-"\"WEECHAT_PASSPHRASE\" nicht genutzt wird (die Umgebungsvariable besitzt "
-"eine höhere Priorität). Sicherheitshinweis: Es ist anzuraten dieser Datei "
-"nur für die eigene Person Leserechte zu gewähren und die Datei nicht im "
-"Heimatverzeichnis von WeeChat zu sichern (zum Beispiel im /home/ Order); "
-"Beispiel: \"~/.weechat-passphrase\""
msgid ""
"use salt when generating key used in encryption (recommended for maximum "
@@ -15513,33 +15508,3 @@ msgstr "%s%s: Zeitüberschreitung für \"%s\" mit %s"
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr ""
"%s%s: Verbindung konnte nicht hergestellt werden: unerwarteter Fehler (%d)"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sFehler: Infobar \"%s\" ist unbekannt"
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sFehler: unzulässige Nummer für Buffer"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sFehler: Buffer nicht gefunden"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sFehler: Filter \"%s\" nicht gefunden"
-
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sFehler: Layout\"%s\" nicht bekannt"
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sFehler: unbekannter Proxy \"%s\""
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sFehler: fehlerhafte Nummer"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sFehler: Einstellung \"%s\" konnte nicht gesetzt werden"
-
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sFehler: falsche Nummer für Fenster"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sFehler: die Erweiterung \"%s\" wurde nicht gefunden"
diff --git a/po/es.po b/po/es.po
index 45ebe2c64..8e0c715dd 100644
--- a/po/es.po
+++ b/po/es.po
@@ -22,8 +22,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-28 16:40+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Elián Hanisch <lambdae2@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: es\n"
@@ -909,6 +909,12 @@ msgstr ""
msgid "Passphrase added"
msgstr "Fecha agregada"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr ""
@@ -2543,8 +2549,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2557,6 +2564,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -4551,10 +4560,6 @@ msgid ""
"To recover your secured data, you can use /secure decrypt (see /help secure)"
msgstr ""
-#, fuzzy, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "%s%s: no es posible analizar el archivo \"%s\""
-
#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -4586,13 +4591,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr ""
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
@@ -13491,34 +13494,3 @@ msgstr "%s%s: tiempo de espera máximo para \"%s\" con %s"
#, fuzzy, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s%s: no es posible conectarse al transmisor"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sError: barra \"%s\" desconocida"
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sError: número del buffer incorrecto"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sError: buffer no encontrado"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sError: filtro \"%s\" no encontrado"
-
-#, fuzzy
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sError: barra \"%s\" desconocida"
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sError: proxy \"%s\" desconocido"
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sError: número incorrecto"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sError: no se pudo configurar la opción \"%s\""
-
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sError: número de ventana incorrecto"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sError: plugin \"%s\" no encontrado"
diff --git a/po/fr.po b/po/fr.po
index fae690e18..cd74abdaf 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -21,8 +21,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-03 18:45+0100\n"
-"PO-Revision-Date: 2021-02-05 19:58+0100\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: fr\n"
@@ -945,6 +945,16 @@ msgstr "Phrase de chiffrement modifiée"
msgid "Passphrase added"
msgstr "Phrase de chiffrement ajoutée"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+"Important : un programme externe est configuré pour lire la phrase de "
+"chiffrement au démarrage (option sec.crypt.passphrase_command) ; vous devez "
+"vous assurer que ce programme retourne la phrase de chiffrement que vous "
+"venez de définir"
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr "Donnée sécurisée \"%s\" définie"
@@ -2859,8 +2869,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2873,6 +2884,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -2902,9 +2915,9 @@ msgstr ""
"demandée au démarrage de WeeChat.\n"
"Il est possible de définir la variable d'environnement WEECHAT_PASSPHRASE "
"pour éviter la demande (cette même variable est utilisée par WeeChat sur le /"
-"upgrade) ou de définir l'option sec.crypt.passphrase_file pour lire la "
-"phrase de chiffrement depuis un fichier (voir /help sec.crypt."
-"passphrase_file).\n"
+"upgrade) ou de définir l'option sec.crypt.passphrase_command pour lire la "
+"phrase de chiffrement depuis la sortie d'une commande externe comme un "
+"gestionnaire de mots de passe (voir /help sec.crypt.passphrase_command).\n"
"\n"
"Les données sécurisées avec le format ${sec.data.xxx} peuvent être utilisées "
"dans :\n"
@@ -2918,6 +2931,9 @@ msgstr ""
"Exemples :\n"
" définir une phrase de chiffrement :\n"
" /secure passphrase ceci est ma phrase de chiffrement\n"
+" utiliser le programme \"pass\" pour lire la phrase de chiffrement au "
+"démarrage :\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" chiffrer le mot de passe freenode SASL :\n"
" /secure set freenode motdepasse\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -5157,12 +5173,6 @@ msgstr ""
"secure decrypt (voir /help secure)"
#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr ""
-"%sAttention : impossible de lire la phrase de chiffrement dans le fichier "
-"\"%s\""
-
-#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
"secure decrypt, see /help secure)"
@@ -5200,23 +5210,18 @@ msgid "hash algorithm used to check the decrypted data"
msgstr "algorithme de hash pour vérifier les données déchiffrées"
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
-msgstr ""
-"chemin vers un fichier contenant la phrase de chiffrement pour (dé)chiffrer "
-"les données sécurisées ; cette option est utilisée seulement lors de la "
-"lecture du fichier sec.conf ; seulement la première ligne du fichier est "
-"utilisée ; ce fichier est utilisé seulement si la variable d'environnement "
-"\"WEECHAT_PASSPHRASE\" n'est pas définie (la variable d'environnement a une "
-"priorité plus haute) ; note de sécurité : il est recommandé de garder ce "
-"fichier en lecture seulement par vous et de le stocker en dehors du \"home\" "
-"WeeChat (par exemple dans votre \"home\") ; exemple : \"~/.weechat-passphrase"
-"\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
+msgstr ""
+"lire la phrase de chiffrement depuis la sortie de cette commande (seule la "
+"première ligne est utilisée et elle ne doit contenir aucun autre "
+"caractère) ; cette option est utilisée seulement pour lire le fichier sec."
+"conf et si la variable d'environnement \"WEECHAT_PASSPHRASE\" n'est pas "
+"définie (la variable d'environnement a une priorité plus haute) ; exemple "
+"avec password-store : \"pass show weechat/passphrase\""
msgid ""
"use salt when generating key used in encryption (recommended for maximum "
diff --git a/po/hu.po b/po/hu.po
index 7c0cc6436..eaefc59d9 100644
--- a/po/hu.po
+++ b/po/hu.po
@@ -20,8 +20,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-28 16:40+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Andras Voroskoi <voroskoi@frugalware.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: hu\n"
@@ -936,6 +936,12 @@ msgstr ""
msgid "Passphrase added"
msgstr ""
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr ""
@@ -2167,8 +2173,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2181,6 +2188,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -3914,10 +3923,6 @@ msgid ""
"To recover your secured data, you can use /secure decrypt (see /help secure)"
msgstr ""
-#, fuzzy, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n"
-
#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -3949,13 +3954,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr ""
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
@@ -12449,43 +12452,3 @@ msgstr "%s hiányzó argumentum a(z) \"%s\" opciónak\n"
#, fuzzy, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s DCC: nem sikerült kapcsolódni a küldőhöz\n"
-
-#, fuzzy
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%s ismeretlen billentyűparancs \"%s\"\n"
-
-#, fuzzy
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%s helytelen pufferszám\n"
-
-#, fuzzy
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%s a \"%s\" modul nem található\n"
-
-#, fuzzy
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%s a \"%s\" modul nem található\n"
-
-#, fuzzy
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%s ismeretlen billentyűparancs \"%s\"\n"
-
-#, fuzzy
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%s ismeretlen billentyűparancs \"%s\"\n"
-
-#, fuzzy
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%s helytelen pufferszám\n"
-
-#, fuzzy
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%s nem sikerült a modul opciókat elmenteni\n"
-
-#, fuzzy
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%s helytelen pufferszám\n"
-
-#, fuzzy
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%s a \"%s\" modul nem található\n"
diff --git a/po/it.po b/po/it.po
index 8bd5af587..fbe8ae3cc 100644
--- a/po/it.po
+++ b/po/it.po
@@ -20,8 +20,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-28 16:40+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Esteban I. Ruiz Moreno <exio4.com@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: it\n"
@@ -896,6 +896,12 @@ msgstr "Chiave di cifratura modificata"
msgid "Passphrase added"
msgstr "Chiave di cifratura aggiunta"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr "Dati sicuri \"%s\" impostati"
@@ -2589,8 +2595,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2603,6 +2610,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -4677,11 +4686,6 @@ msgstr ""
"Per ripristinare i dati messi al sicuro, è possibile usare /secure decrypt "
"consultare /help secure)"
-#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr ""
-"%sAttenzione: impossibile leggere la chiave di cifratura dal file \"%s\""
-
#, fuzzy, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -4716,13 +4720,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr ""
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
@@ -13714,33 +13716,3 @@ msgstr "%s%s: timeout per \"%s\" con %s"
#, fuzzy, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s%s: impossibile connettersi al mittente"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sErrore: barra \"%s\" sconosciuta"
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sErrore: nome buffer non corretto"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sErrore: buffer non trovato"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sErrore: filtro \"%s\" non trovato"
-
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sErrore: layout \"%s\" sconosciuto"
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sErrore: proxy \"%s\" sconosciuto"
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sErrore: numero non corretto"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sErrore: impossibile impostare l'opzione \"%s\""
-
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sErrore: numero finestra non corretto"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sErrore: plugin \"%s\" non trovato"
diff --git a/po/ja.po b/po/ja.po
index cc09e7c69..5a8860e39 100644
--- a/po/ja.po
+++ b/po/ja.po
@@ -20,8 +20,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-28 16:40+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: AYANOKOUZI, Ryuunosuke <i38w7i3@yahoo.co.jp>\n"
"Language-Team: Japanese <https://github.com/l/weechat/tree/master/"
"translation/ja_JP>\n"
@@ -933,6 +933,12 @@ msgstr "パスフレーズを変更"
msgid "Passphrase added"
msgstr "パスフレーズを追加しました"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr "保護データ \"%s\" を設定"
@@ -2730,6 +2736,7 @@ msgstr ""
"passphrase <passphrase>|-delete || decrypt <passphrase>|-discard || set "
"<name> <value> || del <name>"
+#, fuzzy
msgid ""
"passphrase: change the passphrase (without passphrase, data is stored as "
"plain text in file sec.conf)\n"
@@ -2749,8 +2756,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2763,6 +2771,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -4901,10 +4911,6 @@ msgstr ""
"安全なデータを復号化するには、/secure decrypt を利用してください (/help "
"secure を参照してください)"
-#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "%s警告: ファイル \"%s\" からパスフレーズを読み込めません"
-
#, fuzzy, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -4939,21 +4945,12 @@ msgid "hash algorithm used to check the decrypted data"
msgstr "復号化データをチェックするハッシュアルゴリズム"
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
-"保護データを暗号化/複合化するためのパスフレーズを保存したファイルパス; このオ"
-"プションは sec.conf ファイルを読むときだけに利用されます; ファイルの 1 行目だ"
-"けが利用されます; このファイルは環境変数 \"WEECHAT_PASSPHRASE\" が設定されて"
-"いないときだけに利用されます (環境変数のほうが優先順位が高いです); セキュリ"
-"ティ上の注意: このファイルを自分だけが読み込める状態にし、WeeChat ホームの外 "
-"(例えば自分のホームディレクトリ) に保存しておくことを推奨します; 例: \"~/."
-"weechat-passphrase\""
msgid ""
"use salt when generating key used in encryption (recommended for maximum "
@@ -14516,33 +14513,3 @@ msgstr "%s%s: \"%s\" のタイムアウト %s"
#, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s%s: 接続できません: 未定義のエラー (%d)"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sエラー: バー \"%s\" は未定義です"
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sエラー: 不正なバッファ番号"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sエラー: バッファが見つかりません"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sエラー: フィルタ \"%s\" が見つかりません"
-
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sエラー: レイアウト \"%s\" は未定義です"
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sエラー: プロキシ \"%s\" が見つかりません"
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sエラー: 不正な番号"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sエラー: オプション \"%s\" の設定に失敗しました"
-
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sエラー: ウィンドウ番号に間違いがあります"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sエラー: プラグイン \"%s\" が見つかりません"
diff --git a/po/pl.po b/po/pl.po
index 81193228e..4caa4a324 100644
--- a/po/pl.po
+++ b/po/pl.po
@@ -22,8 +22,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2021-01-15 21:34+0100\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Krzysztof Korościk <soltys@soltys.info>\n"
"Language-Team: Polish <kde-i18n-doc@kde.org>\n"
"Language: pl\n"
@@ -941,6 +941,12 @@ msgstr "Hasło zmienione"
msgid "Passphrase added"
msgstr "Dodano hasło"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr "Zabezpieczono dane \"%s\""
@@ -2814,6 +2820,7 @@ msgstr ""
"passphrase <hasło>|-delete || decrypt <hasło>|-discard || set <nazwa> "
"<wartość> || del <nazwa>"
+#, fuzzy
msgid ""
"passphrase: change the passphrase (without passphrase, data is stored as "
"plain text in file sec.conf)\n"
@@ -2833,8 +2840,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2847,6 +2855,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -5040,10 +5050,6 @@ msgstr ""
"(zobacz /help secure)"
#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "%sUwaga: niemożna odczytać hasła z pliku \"%s\""
-
-#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
"secure decrypt, see /help secure)"
@@ -5078,22 +5084,12 @@ msgid "hash algorithm used to check the decrypted data"
msgstr "algorytm haszujący użyty do sprawdzenia rozszyfrowanych danych"
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
-"ścieżka do pliku zawierającego hasło do szyfrowania/rozszyfrowywania "
-"zabezpieczonych danych; opcja ta jest używana tylko podczas odczytu pliku "
-"sec.conf; używana jest tylko pierwsza linia z tego pliku; plik jest używany "
-"tylko jeśli zmienna środowiskowa \"WEECHAT_PASSPHRASE\" nie została "
-"ustawiona (zmienna środowiskowa ma najwyższy priorytet); uwaga "
-"bezpieczeństwa: zaleca się trzymanie tego pliku poza katalogiem domowym "
-"WeeChat (np. w katalogu domowym) i nadanie mu praw do odczytu tylko przez "
-"siebie; przykład: \"~/.weechat-passphrase\""
msgid ""
"use salt when generating key used in encryption (recommended for maximum "
@@ -14853,33 +14849,3 @@ msgstr "%s%s: przekroczono czas na \"%s\" z %s"
#, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s%s: nie można połączyć: niespodziewany błąd (%d)"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sBłąd: nieznany pasek \"%s\""
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sBłąd: nieprawidłowy numer buforu"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sBłąd: nie odnaleziono buforu"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sBłąd: nie odnaleziono filtru \"%s\""
-
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sBłąd: nieznany układ \"%s\""
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sBłąd: niezdefiniowane proxy \"%s\""
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sBłąd: nieprawidłowy numer"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sBłąd: nie udało się ustawić opcji \"%s\""
-
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sBłąd: nieprawidłowy numer okna"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sBłąd: nie znaleziono wtyczki \"%s\""
diff --git a/po/pt.po b/po/pt.po
index 1d4980fbd..7b2a42b01 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -20,8 +20,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-28 16:40+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Vasco Almeida <vascomalmeida@sapo.pt>\n"
"Language-Team: Portuguese <>\n"
"Language: pt\n"
@@ -920,6 +920,12 @@ msgstr "Frase de acesso alterada"
msgid "Passphrase added"
msgstr "Frase de acesso adicionada"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr "Dados protegidos \"%s\" definidos"
@@ -2744,8 +2750,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2758,6 +2765,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -4938,10 +4947,6 @@ msgstr ""
"Para recuperar os dados protegidos, pode usar /secure decrypt (ver /help "
"secure)"
-#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "%sAviso: não foi possível ler a frase de acesso do ficheiro \"%s\""
-
#, fuzzy, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -4980,22 +4985,12 @@ msgid "hash algorithm used to check the decrypted data"
msgstr "algoritmo de hash utilizado para verificar os dados desencriptados"
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
-"caminho para o ficheiro que contém a frase de acesso para encriptar/"
-"desencriptar os dados protegidos; esta opção só é utilizada ao ler o "
-"ficheiro sec.conf; só a primeira linha do ficheiro é utilizada; este "
-"ficheiro só é utilizado se a variável de ambiente \"WEECHAT_PASSPHRASE\" não "
-"estiver definida (a variável de ambiente tem mais prioridade); nota sobre "
-"segurança: recomenda-se que guarde este ficheiro de modo que só possa ser "
-"lido por si e guarde-o fora do diretório do WeeChat (por exemplo no seu "
-"diretório pessoal); exemplo: \"~/.weechat-passphrase\""
msgid ""
"use salt when generating key used in encryption (recommended for maximum "
@@ -14375,33 +14370,3 @@ msgstr "%s%s: tempo limite de \"%s\" com %s"
#, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s%s: não foi possível conectar: erro inesperado (%d)"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sErro: barra desconhecida \"%s\""
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sErro: número de buffer incorreto"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sErro: buffer não encontrado"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sErro: filtro \"%s\" não encontrado"
-
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sErro: disposição \"%s\" desconhecida"
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sErro: proxy desconhecido \"%s\""
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sErro: número incorreto"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sErro: falha ao definir a opção \"%s\""
-
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sErro: número de janela incorreto"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sErro: plugin \"%s\" não encontrado"
diff --git a/po/pt_BR.po b/po/pt_BR.po
index 949632e15..9edcb4dac 100644
--- a/po/pt_BR.po
+++ b/po/pt_BR.po
@@ -21,8 +21,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-18 11:34+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Eduardo Elias <camponez@gmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: pt_BR\n"
@@ -930,6 +930,12 @@ msgstr "Password alterado"
msgid "Passphrase added"
msgstr "Password adicionado"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr ""
@@ -2568,8 +2574,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2582,6 +2589,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -4539,10 +4548,6 @@ msgid ""
"To recover your secured data, you can use /secure decrypt (see /help secure)"
msgstr ""
-#, fuzzy, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "%s%s: não foi possível interpretar arquivo \"%s\""
-
#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -4574,13 +4579,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr ""
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
@@ -12936,33 +12939,3 @@ msgstr "%s%s: tempo esgotado para \"%s\" com %s"
#, fuzzy, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s%s: não foi possível conectar ao remetente"
-
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%sErro: barra desconhecida \"%s\""
-
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%sErro: número do buffer incorreto"
-
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%sErro: buffer não encontrado"
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sErro: filtro \"%s\" não encontrado"
-
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%sErro: disposição desconhecida \"%s\""
-
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%sErro: proxy desconhecido \"%s\""
-
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%sErro: número incorreto"
-
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%sErro: falhou ao configurar a opção \"%s\""
-
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%sErro: número da janela incorreto"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sErro: plugin \"%s\" não encontrado"
diff --git a/po/ru.po b/po/ru.po
index 109d5aba7..450a70b7e 100644
--- a/po/ru.po
+++ b/po/ru.po
@@ -21,8 +21,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2020-04-28 16:40+0200\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Aleksey V Zapparov AKA ixti <ixti@member.fsf.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: ru\n"
@@ -951,6 +951,12 @@ msgstr ""
msgid "Passphrase added"
msgstr ""
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr ""
@@ -2190,8 +2196,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -2204,6 +2211,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -3946,10 +3955,6 @@ msgid ""
"To recover your secured data, you can use /secure decrypt (see /help secure)"
msgstr ""
-#, fuzzy, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr "Не могу записать лог-файл \"%s\"\n"
-
#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
@@ -3981,13 +3986,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr ""
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
@@ -12480,43 +12483,3 @@ msgstr "%s нет аргумента для параметра \"%s\"\n"
#, fuzzy, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr "%s DCC: не могу соединиться с отправителем\n"
-
-#, fuzzy
-#~ msgid "%sError: unknown bar \"%s\""
-#~ msgstr "%s неизвестная функция клавиши \"%s\"\n"
-
-#, fuzzy
-#~ msgid "%sError: incorrect buffer number"
-#~ msgstr "%s неправильный номер буфера\n"
-
-#, fuzzy
-#~ msgid "%sError: buffer not found"
-#~ msgstr "%s plugin \"%s\" не найден\n"
-
-#, fuzzy
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%s plugin \"%s\" не найден\n"
-
-#, fuzzy
-#~ msgid "%sError: unknown layout \"%s\""
-#~ msgstr "%s неизвестная функция клавиши \"%s\"\n"
-
-#, fuzzy
-#~ msgid "%sError: unknown proxy \"%s\""
-#~ msgstr "%s неизвестная функция клавиши \"%s\"\n"
-
-#, fuzzy
-#~ msgid "%sError: incorrect number"
-#~ msgstr "%s неправильный номер буфера\n"
-
-#, fuzzy
-#~ msgid "%sError: failed to set option \"%s\""
-#~ msgstr "%s не могу сохранить конфигурационный файл pluginов\n"
-
-#, fuzzy
-#~ msgid "%sError: incorrect window number"
-#~ msgstr "%s неправильный номер буфера\n"
-
-#, fuzzy
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%s plugin \"%s\" не найден\n"
diff --git a/po/tr.po b/po/tr.po
index cf19c241b..78128fb64 100644
--- a/po/tr.po
+++ b/po/tr.po
@@ -20,8 +20,8 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
-"PO-Revision-Date: 2019-11-03 08:38+0100\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
+"PO-Revision-Date: 2021-02-06 15:55+0100\n"
"Last-Translator: Hasan Kiran <sunder67@hotmail.com>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
"Language: tr\n"
@@ -852,6 +852,12 @@ msgstr ""
msgid "Passphrase added"
msgstr "Tarih eklendi"
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr ""
@@ -1982,8 +1988,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -1996,6 +2003,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -3557,10 +3566,6 @@ msgid ""
msgstr ""
#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr ""
-
-#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
"secure decrypt, see /help secure)"
@@ -3591,13 +3596,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr ""
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
@@ -11409,9 +11412,3 @@ msgstr ""
#, c-format
msgid "%s%s: unable to connect: unexpected error (%d)"
msgstr ""
-
-#~ msgid "%sError: filter \"%s\" not found"
-#~ msgstr "%sHata: filtre \"%s\" bulunamadı"
-
-#~ msgid "%sError: plugin \"%s\" not found"
-#~ msgstr "%sHata: \"%s\" eklentisi bulunamadı"
diff --git a/po/weechat.pot b/po/weechat.pot
index 579502745..018bc220d 100644
--- a/po/weechat.pot
+++ b/po/weechat.pot
@@ -21,7 +21,7 @@ msgid ""
msgstr ""
"Project-Id-Version: WeeChat\n"
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
-"POT-Creation-Date: 2021-02-05 19:50+0100\n"
+"POT-Creation-Date: 2021-02-06 15:52+0100\n"
"PO-Revision-Date: 2014-08-16 10:27+0200\n"
"Last-Translator: Sébastien Helleu <flashcode@flashtux.org>\n"
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
@@ -851,6 +851,12 @@ msgstr ""
msgid "Passphrase added"
msgstr ""
+msgid ""
+"Important: an external program is configured to read the passphrase on "
+"startup (option sec.crypt.passphrase_command); you must ensure this program "
+"returns the new passphrase you just defined"
+msgstr ""
+
#, c-format
msgid "Secured data \"%s\" set"
msgstr ""
@@ -1980,8 +1986,9 @@ msgid ""
"startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" to prevent "
"the prompt (this same variable is used by WeeChat on /upgrade), or to set "
-"option sec.crypt.passphrase_file to read the passphrase from a file (see /"
-"help sec.crypt.passphrase_file).\n"
+"option sec.crypt.passphrase_command to read the passphrase from the output "
+"of an external command like a password manager (see /help sec.crypt."
+"passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -1994,6 +2001,8 @@ msgid ""
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+" use program \"pass\" to read the passphrase on startup:\n"
+" /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
@@ -3546,10 +3555,6 @@ msgid ""
msgstr ""
#, c-format
-msgid "%sWarning: unable to read passphrase from file \"%s\""
-msgstr ""
-
-#, c-format
msgid ""
"%sUnable to reload file sec.conf because there is still encrypted data (use /"
"secure decrypt, see /help secure)"
@@ -3580,13 +3585,11 @@ msgid "hash algorithm used to check the decrypted data"
msgstr ""
msgid ""
-"path to a file containing the passphrase to encrypt/decrypt secured data; "
-"this option is used only when reading file sec.conf; only first line of file "
-"is used; this file is used only if the environment variable "
+"read the passphrase from the output of this command (only the first line is "
+"used and it must not contain any extra character); this option is used only "
+"when reading file sec.conf and if the environment variable "
"\"WEECHAT_PASSPHRASE\" is not set (the environment variable has higher "
-"priority); security note: it is recommended to keep this file readable only "
-"by you and store it outside WeeChat home (for example in your home); "
-"example: \"~/.weechat-passphrase\""
+"priority); example with password-store: \"pass show weechat/passphrase\""
msgstr ""
msgid ""
diff --git a/src/core/wee-command.c b/src/core/wee-command.c
index cdb532796..65567719e 100644
--- a/src/core/wee-command.c
+++ b/src/core/wee-command.c
@@ -5674,6 +5674,16 @@ COMMAND_CALLBACK(secure)
if (secure_hashtable_data->items_count > 0)
command_save_file (secure_config_file);
secure_buffer_display ();
+ if (CONFIG_STRING(secure_config_crypt_passphrase_command)[0])
+ {
+ gui_chat_printf (
+ NULL,
+ _("Important: an external program is configured to read "
+ "the passphrase on startup "
+ "(option sec.crypt.passphrase_command); "
+ "you must ensure this program returns the new "
+ "passphrase you just defined"));
+ }
}
return WEECHAT_RC_OK;
}
@@ -8200,8 +8210,9 @@ command_init ()
"on startup.\n"
"It is possible to set environment variable \"WEECHAT_PASSPHRASE\" "
"to prevent the prompt (this same variable is used by WeeChat on "
- "/upgrade), or to set option sec.crypt.passphrase_file to read "
- "the passphrase from a file (see /help sec.crypt.passphrase_file).\n"
+ "/upgrade), or to set option sec.crypt.passphrase_command to read "
+ "the passphrase from the output of an external command like a "
+ "password manager (see /help sec.crypt.passphrase_command).\n"
"\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command /eval\n"
@@ -8214,6 +8225,8 @@ command_init ()
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
+ " use program \"pass\" to read the passphrase on startup:\n"
+ " /set sec.crypt.passphrase_command \"pass show weechat/passphrase\"\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password \"${sec.data.freenode}\"\n"
diff --git a/src/core/wee-secure-config.c b/src/core/wee-secure-config.c
index a81daf844..2d9b5b878 100644
--- a/src/core/wee-secure-config.c
+++ b/src/core/wee-secure-config.c
@@ -42,7 +42,7 @@ struct t_config_file *secure_config_file = NULL;
struct t_config_option *secure_config_crypt_cipher = NULL;
struct t_config_option *secure_config_crypt_hash_algo = NULL;
-struct t_config_option *secure_config_crypt_passphrase_file = NULL;
+struct t_config_option *secure_config_crypt_passphrase_command = NULL;
struct t_config_option *secure_config_crypt_salt = NULL;
@@ -94,87 +94,47 @@ secure_config_get_passphrase_from_user (const char *error)
}
/*
- * Gets passphrase from a file.
+ * Gets passphrase from a command.
*
- * Returns passphrase read in file (only the first line with max length of
- * 1024 chars), or NULL if error.
+ * Returns passphrase from command output (only the first line with max length
+ * of SECURE_PASSPHRASE_MAX_LENGTH chars), or NULL if error.
*
* Note: result must be freed after use.
*/
char *
-secure_config_get_passphrase_from_file (const char *filename)
+secure_config_get_passphrase_from_command (const char *command)
{
FILE *file;
- char *passphrase, *filename2, buffer[1024+1], *pos;
+ char *passphrase, *pos, buffer[SECURE_PASSPHRASE_MAX_LENGTH + 1];
size_t num_read;
passphrase = NULL;
- filename2 = string_expand_home (filename);
- if (!filename2)
+ file = popen (command, "r");
+ if (!file)
return NULL;
- file = fopen (filename2, "r");
- if (file)
+ num_read = fread (buffer, 1, sizeof (buffer) - 1, file);
+ if (num_read > 0)
{
- num_read = fread (buffer, 1, sizeof (buffer) - 1, file);
- if (num_read > 0)
- {
- buffer[num_read] = '\0';
- pos = strchr (buffer, '\r');
- if (pos)
- pos[0] = '\0';
- pos = strchr (buffer, '\n');
- if (pos)
- pos[0] = '\0';
- if (buffer[0])
- passphrase = strdup (buffer);
- }
- fclose (file);
+ buffer[num_read] = '\0';
+ pos = strchr (buffer, '\r');
+ if (pos)
+ pos[0] = '\0';
+ pos = strchr (buffer, '\n');
+ if (pos)
+ pos[0] = '\0';
+ if (buffer[0])
+ passphrase = strdup (buffer);
}
- free (filename2);
+ pclose (file);
return passphrase;
}
/*
- * Checks option "sec.crypt.passphrase_file".
- */
-
-int
-secure_config_check_crypt_passphrase_file (const void *pointer, void *data,
- struct t_config_option *option,
- const char *value)
-{
- char *passphrase;
-
- /* make C compiler happy */
- (void) pointer;
- (void) data;
- (void) option;
-
- /* empty value is OK in option (no file used for passphrase) */
- if (!value || !value[0])
- return 1;
-
- passphrase = secure_config_get_passphrase_from_file (value);
- if (passphrase)
- free (passphrase);
- else
- {
- gui_chat_printf (NULL,
- _("%sWarning: unable to read passphrase from file "
- "\"%s\""),
- gui_chat_prefix[GUI_CHAT_PREFIX_ERROR],
- value);
- }
-
- return 1;
-}
-
-/*
* Reloads secured data configuration file.
*
* Returns:
@@ -239,10 +199,15 @@ secure_config_data_read_cb (const void *pointer, void *data,
secure_data_encrypted = config_file_string_to_boolean (value);
if (secure_data_encrypted && !secure_passphrase && !gui_init_ok)
{
- /* if a passphrase file is set, use it */
- if (CONFIG_STRING(secure_config_crypt_passphrase_file)[0])
- secure_passphrase = secure_config_get_passphrase_from_file (
- CONFIG_STRING(secure_config_crypt_passphrase_file));
+ /*
+ * if a passphrase command is set, read passphrase from the output
+ * of the command
+ */
+ if (CONFIG_STRING(secure_config_crypt_passphrase_command)[0])
+ {
+ secure_passphrase = secure_config_get_passphrase_from_command (
+ CONFIG_STRING(secure_config_crypt_passphrase_command));
+ }
/* ask passphrase to the user (if no file, or file not found) */
if (!secure_passphrase)
@@ -514,19 +479,17 @@ secure_config_init_options ()
N_("hash algorithm used to check the decrypted data"),
"sha224|sha256|sha384|sha512", 0, 0, "sha256", NULL, 0,
NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL);
- secure_config_crypt_passphrase_file = config_file_new_option (
+ secure_config_crypt_passphrase_command = config_file_new_option (
secure_config_file, ptr_section,
- "passphrase_file", "string",
- N_("path to a file containing the passphrase to encrypt/decrypt secured "
- "data; this option is used only when reading file sec.conf; only "
- "first line of file is used; this file is used only if the "
- "environment variable \"WEECHAT_PASSPHRASE\" is not set (the "
- "environment variable has higher priority); security note: it is "
- "recommended to keep this file readable only by you and store it "
- "outside WeeChat home (for example in your home); example: "
- "\"~/.weechat-passphrase\""),
+ "passphrase_command", "string",
+ N_("read the passphrase from the output of this command (only the "
+ "first line is used and it must not contain any extra character); "
+ "this option is used only when reading file sec.conf and if "
+ "the environment variable \"WEECHAT_PASSPHRASE\" is not set "
+ "(the environment variable has higher priority); "
+ "example with password-store: \"pass show weechat/passphrase\""),
NULL, 0, 0, "", NULL, 0,
- &secure_config_check_crypt_passphrase_file, NULL, NULL,
+ NULL, NULL, NULL,
NULL, NULL, NULL,
NULL, NULL, NULL);
secure_config_crypt_salt = config_file_new_option (
diff --git a/src/core/wee-secure-config.h b/src/core/wee-secure-config.h
index b8ac8f330..3d66df4ba 100644
--- a/src/core/wee-secure-config.h
+++ b/src/core/wee-secure-config.h
@@ -27,7 +27,7 @@ extern struct t_config_section *secure_config_section_pwd;
extern struct t_config_option *secure_config_crypt_cipher;
extern struct t_config_option *secure_config_crypt_hash_algo;
-extern struct t_config_option *secure_config_crypt_passphrase_file;
+extern struct t_config_option *secure_config_crypt_passphrase_command;
extern struct t_config_option *secure_config_crypt_salt;
extern int secure_config_read ();