1. 16 Dec, 2020 1 commit
    • Roman Perepelitsa's avatar
      fix(genpass): improve performance and usability and fix bugs (#9520) · b28665ae
      Roman Perepelitsa authored
      *Bugs*
      
      The following bugs have been fixed:
      
      - All generators ignored errors from external commands. For example,
        if `/usr/share/dict/words` was unreadable, `genpass-xkcd` would
        print "0-" as a password and return success.
      - All generators silently ignored the argument if it wasn't a number.
        For example, `genpass-apple -2` was generating one password and
        not printing any errors.
      - All generators silently ignored extra arguments. For example,
        `genpass-apple -n 2` was generating one password and not printing
        any errors.
      - `genpass-xkcd` was generating passwords with less than 128 bits of
        security margin in contradiction to documentation. The smaller the
        dictionary size, the weaker the passwords it was generating. For a
        dictionary with 27 words, `genpass-xkcd` was generating passwords
        with 93 bits of security margin (`log2(27!)`).
      - The source of random data used by `genpass-xkcd` was not
        cryptographically secure in contradiction to documentation. See:
        https://www.gnu.org/software/coreutils/manual/html_node/Random-sources.html
      - `genpass-apple` could generate a password with non-ascii characters
        depending on user locale. For example, passwords could contain 'İ'
        for users with Turkish locale.
      - `genpass-apple` didn't work with `ksh_arrays` shell option.
      - `genpass-xkcd` was printing spurious errors with `ksh_arrays` shell
        option.
      - `genpass-xkcd` was producing too short (weak) or too strong (long)
        and/or printing errors when `IFS` was set to non-default value.
      - All generators were printing fewer passwords than requested and
        returning success when passed a very large number as an argument.
      
      *Usability*
      
      Generators are now implemented as self-contained executable files.
      They can be invoked from scripts with no additional setup.
      
      Generators no longer depend on external commands. The only dependencies
      are `/dev/urandom` and, for `genpass-xkcd`, `/usr/share/dict/words`.
      
      All generators used to silently ignore all arguments after the first
      and the first argument if it wasn't a number. For example, both
      `genpass-apple -2` and `genpass-apple -n 2` were generating one password
      and not printing any errors. Now these print an error and fail.
      
      *Performance*
      
      The time it takes to load the plugin has been greatly reduced. This
      translates into faster zsh startup when the plugin is enabled.
      
      Incidentally, two generators out of three have been sped up to a large
      degree while one generator (`genpass-xkcd`) has gotten slower. This is
      unlikely to matter one way or another unless generating a very large
      number of passwords. In the latter case `genpass-xkcd` is now also
      faster than it used to be.
      
      The following table shows benchmark results from Linux x86-64 on i9-7900X.
      The numbers in the second and third columns show how many times a given
      command could be executed per second. Higher numbers are better.
      
      command                     | before (Hz) | after (Hz) | speedup |
      ----------------------------|------------:|-----------:|--------:|
      `source genpass.plugin.zsh` |        4810 |      68700 |  +1326% |
      `genpass-apple`             |        30.3 |        893 |  +2846% |
      `genpass-monkey`            |         203 |       5290 |  +2504% |
      `genpass-xkcd`              |        34.4 |       14.5 |    -58% |
      `genpass-xkcd 1000`         |       0.145 |      0.804 |   +454% |
      b28665ae
  2. 14 Dec, 2020 3 commits
  3. 13 Dec, 2020 2 commits
  4. 12 Dec, 2020 1 commit
  5. 11 Dec, 2020 1 commit
  6. 10 Dec, 2020 1 commit
  7. 09 Dec, 2020 3 commits
  8. 08 Dec, 2020 1 commit
  9. 07 Dec, 2020 2 commits
  10. 05 Dec, 2020 1 commit
  11. 03 Dec, 2020 1 commit
  12. 26 Nov, 2020 1 commit
  13. 25 Nov, 2020 1 commit
  14. 22 Nov, 2020 1 commit
  15. 20 Nov, 2020 2 commits
  16. 19 Nov, 2020 2 commits
  17. 12 Nov, 2020 2 commits
  18. 11 Nov, 2020 2 commits
  19. 10 Nov, 2020 3 commits
  20. 09 Nov, 2020 1 commit
  21. 04 Nov, 2020 1 commit
    • Maksym's avatar
      fix(aws): support MFA for profiles without role to assume (#9411) · 3e6ee85a
      Maksym authored
      Previously, the plugin only supported MFA for profiles that had a role to assume, specified in role_arn. Now, the plugin supports MFA for profiles without a role to assume.
      
      Closes #9408
      
      * refactor(aws plugin): remove dependency on jq
      
      Previously, acp command relied on jq. Now that dependency has been removed, as well as some linter suggestions implemented.
      3e6ee85a
  22. 29 Oct, 2020 3 commits
  23. 27 Oct, 2020 1 commit
  24. 24 Oct, 2020 3 commits