Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 12 May 2012 22:37:56 +0200
From: Frank Dittrich <frank_dittrich@...mail.com>
To: john-dev@...ts.openwall.com
Subject: Re: Fwd: bash auto-completion for john

On 05/12/2012 01:45 AM, magnum wrote:
> On 05/11/2012 09:44 PM, Frank Dittrich wrote:
>> For --rules= and --single=, I'll do the same.
>> Non-jumbo versions don't allow optional parameters for -rules and
>> single, but there might exist "older" jumbo versions which allow
>> parameters for --rules and --single, but don't have --list=...
> 
> IMHO, I'd say we should (care to) support latest core and latest Jumbo
> (in this case). Sure, the better we support old Jumbos, the better. But
> let's not put hours of work for seconds of benefit.

Trouble is, the completion rules will work for any executable called john:
john
./john
/usr/bin/john

Once a user installs the latest jumbo and copies the bash completion
file to /etc/bash_completion.d/, the same completion logic will also
work for a system-wide john which has been installed as a package of the
linux distribution.
So I don't know whether we should care about this.

I continued working on the script and noticed some more problems
which I "documented" using some FIXME comments:

# FIXME: If there is no .rec file in the current directory, completion
#	 for --restore= and --status= will show all files!
######## echo _`for f in *.rec; do echo ${f%.rec};done`_

# FIXME: for some reason completion for --option= only works
#	 if the cursor is at the end of the command,
#	 i.e. [[ ${COMP_POINT} -eq ${#COMP_LINE} ]]
#	 not if some words follow the one to be completed...
#	 If ${cur#*=} is not empty, completion works even in the middle
#	 of the command line
#	 This is annoying if I want to complete --rules= in
#        ./john --rules= --config=test.conf

In these cases, expansion with correct List.Rules section names from the
config file specified works correctly.

./john -co=test.conf --rules=
./john --rules=w --conf:john.conf

If I specify more than one config file, the last one is used for rules
completion:

./john --config=john.conf --config=fd.conf --rules=

will list the rules sections from fd.conf.


Further changes:

I realized that on my system, the function have() is just a dummy always
returning "yes".
That's why I removed the references to have().

Getting rid of have() usage also has another advantage:
Now it is not even necessary to put the file john.bash_completion into
the /etc/bash_completion.d/ directory.

Adding the line
. <path_to_john_source_directory>/john.bash_completion
to ~/.-bashrc is all that's needed to make bash completion for john and
unique work.

So you could make bash completion work for the current user without
requiring admin privilege, by just sourcing john.bash_completion and
adding a line to ~/bashrc which sources the john.bash_completion file.

Alternatively: If the make bash-completion fails due to insufficient
rights, just display instructions how to make bash completion work for
the current user.

Should we discuss possible changes in the completion logic here, or on
john-users?

E.g., currently I use this expansion logic:

$ ./john -in
Pressing [tab] changes -in to --incremental.

For --incremental, there are two possible completion implementations.

The first one:

$ ./john --incremental
Pressing [tab] changes --incremental to --incremental=

$ ./john --incremental=
Pressing [tab] twice lists these options:

$ ./john --incremental=
all      all15    all6     all7     all8     alnum    alpha    digits
digits8  lanman

This means, the only indication that --incremental is a valid option
even without adding =value is that the first completion step for -in
results in --incremental, not --incremental=.

(For -ex on the other hand, pressing [tab] immediately will result in
--external=, because --external requires a value.)


The other implementation would provide these options for a non-jumbo
version):

$ john --incremental
--incremental         --incremental=Alpha
--incremental=All     --incremental=Digits
--incremental=Alnum   --incremental=LanMan

and these for the current git version:

$ ./john --incremental
--incremental          --incremental=alnum
--incremental=all      --incremental=alpha
--incremental=all15    --incremental=digits
--incremental=all6     --incremental=digits8
--incremental=all7     --incremental=lanman
--incremental=all8

(Of course, the number of columns depends on the width of the terminal.
$ ./john --incremental
--incremental          --incremental=all7     --incremental=digits
--incremental=all      --incremental=all8     --incremental=digits8
--incremental=all15    --incremental=alnum    --incremental=lanman
--incremental=all6     --incremental=alpha


With this output, it would be obvious that --incremental is a valid option.

This behavior would also be consistent with current completion for
--markov (jumbo only), --stdout, and --test

$ ./john --markov
--markov
--markov=LEVEL[:START[:END[:LENGTH]]]

$ john --stdout
--stdout         --stdout=LENGTH

$ john --test
--test          --test=SECONDS

$ ./john --show
--show       --show=LEFT

(But there is no completion logic for ./john --markov= and no completion
for ./john --stdout= and ./john --test= and ./john --show=)


For --incremental, the user would have to type the '=' manually, to get

$ ./john --incremental=
all      all6     all8     alpha    digits8
all15    all7     alnum    digits   lanman

after pressing [tab] twice.

Which logic would be preferable?
Is consistent behavior for all options that can be used with and without
a value more important? Or is a more compact list without the --option=
preferable?
Should we discuss this on john-users?

For current non-jumbo builds these options do have optional values:
--incremental
--stdout
--restore
--status
--test

For current git (next jumbo), these options have to be considered in
addition to the official non-jumbo version:
--single
--rules
--markov
--show

Because I am not sure what to prefer, I'll keep the inconsistent
behavior for now in the attached file:

$ ./john --incremental
--incremental          --incremental=all7     --incremental=digits
--incremental=all      --incremental=all8     --incremental=digits8
--incremental=all15    --incremental=alnum    --incremental=lanman
--incremental=all6     --incremental=alpha

or
$ john --incremental
--incremental         --incremental=Alnum   --incremental=Digits
--incremental=All     --incremental=Alpha   --incremental=LanMan

versus

$ ./john --rules

completing to --rules= after pressing [tab]


We should probably decide which behavior is better and unify it for the
 expansion of --rules (jumbo only), --single (jumbo only),
--incremental, --restore and --status (session names derived from .rec
files) .
(Of course, I could also allow a user specific configuration of the
behavior. But may be this is overkill.)

Frank

View attachment "john.bash_completion" of type "text/plain" (16097 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ