From 9f810eec6a98011b551c40f8686b88a4fb0b0862 Mon Sep 17 00:00:00 2001 From: neodarz Date: Mon, 9 Sep 2019 07:02:56 +0200 Subject: Add zsh config --- dotfiles/zsh/completion/_ag | 217 +++++ dotfiles/zsh/completion/_berks | 34 + dotfiles/zsh/completion/_bower | 135 +++ dotfiles/zsh/completion/_cmake | 274 ++++++ dotfiles/zsh/completion/_composer | 76 ++ dotfiles/zsh/completion/_docker | 514 +++++++++++ dotfiles/zsh/completion/_hub | 160 ++++ dotfiles/zsh/completion/_knife | 174 ++++ dotfiles/zsh/completion/_node | 66 ++ dotfiles/zsh/completion/_nvm | 85 ++ dotfiles/zsh/completion/_openssl | 1695 +++++++++++++++++++++++++++++++++++++ dotfiles/zsh/completion/_pass | 134 +++ 12 files changed, 3564 insertions(+) create mode 100644 dotfiles/zsh/completion/_ag create mode 100644 dotfiles/zsh/completion/_berks create mode 100644 dotfiles/zsh/completion/_bower create mode 100644 dotfiles/zsh/completion/_cmake create mode 100644 dotfiles/zsh/completion/_composer create mode 100644 dotfiles/zsh/completion/_docker create mode 100644 dotfiles/zsh/completion/_hub create mode 100644 dotfiles/zsh/completion/_knife create mode 100644 dotfiles/zsh/completion/_node create mode 100644 dotfiles/zsh/completion/_nvm create mode 100644 dotfiles/zsh/completion/_openssl create mode 100644 dotfiles/zsh/completion/_pass (limited to 'dotfiles/zsh/completion') diff --git a/dotfiles/zsh/completion/_ag b/dotfiles/zsh/completion/_ag new file mode 100644 index 0000000..6a41710 --- /dev/null +++ b/dotfiles/zsh/completion/_ag @@ -0,0 +1,217 @@ +#compdef ag +# ------------------------------------------------------------------------------ +# Copyright (c) 2015 Github zsh-users - http://github.com/zsh-users +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the zsh-users nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL ZSH-USERS BE LIABLE FOR ANY +# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# ------------------------------------------------------------------------------ +# Description +# ----------- +# +# Completion script for ag (https://github.com/ggreer/the_silver_searcher) +# +# ------------------------------------------------------------------------------ +# Authors +# ------- +# +# * Akira Maeda +# +# ------------------------------------------------------------------------------ +# -*- mode: zsh; sh-indentation: 2; indent-tabs-mode: nil; sh-basic-offset: 2; -*- +# vim: ft=zsh sw=2 ts=2 et +# ------------------------------------------------------------------------------ +_ag_version() { + local version + version=( $($words[1] --version) ) + version=${version[@]:2:1} + version=( "${(@s/./)version}" ) + echo "${version[2]}" +} + +# Dynamically build the file type completion +# Modifies the global $AG_OPTS array +_ag_add_file_types() { + local typ exts + for i in $($words[1] --list-file-types); do + if [[ "${i:0:2}" = '--' ]]; then + if [[ "${typ}x" != "x" ]]; then + AG_OPTS+="${typ}[${exts}]" + fi + typ=$i + exts= + else + exts+=$i + fi + done + AG_OPTS+="${typ}[${exts}]" +} + +# Add version appropriate options above base +# Modifies the global $AG_OPTS array +_ag_add_version_opts() { + local minor=$(_ag_version) + + if [[ $minor -gt 21 ]];then + _ag_add_file_types + AG_OPTS+=( + '(- 1 *)--list-file-types[list supported filetypes to search]' + '--silent[suppress all log messages, including errors]' + ) + fi + + if [[ $minor -gt 22 ]];then + AG_OPTS+=( + '(-z --search-zip)'{-z,--search-zip}'[search contents of compressed files]' + ) + fi + + if [[ $minor -le 24 ]];then + AG_OPTS+=( + '(-s --case-sensitive)'{-s,--case-sensitive}'[match case sensitively]' + '(--noheading --heading)'{--noheading,--heading}'[print file names above matching contents]' + ) + fi + if [[ $minor -gt 24 ]];then + AG_OPTS+=( + '(-s --case-sensitive)'{-s,--case-sensitive}'[Match case sensitively. Default on.]' + '(-H --noheading --heading)'{-H,--noheading,--heading}'[print file names above matching contents]' + '--vimgrep[output results like vim''s, :vimgrep /pattern/g would (report every match on the line)]' + ) + fi + + if [[ $minor -gt 26 ]];then + AG_OPTS+=( + '(-0 --null --print0)'{-0,--null,--print0}'[separate the filenames with \\0, rather than \\n]' + ) + fi + + if [[ $minor -le 27 ]];then + AG_OPTS+=( + '--depth[Search up to NUM directories deep. Default is 25.]:number' + ) + fi + if [[ $minor -gt 27 ]];then + AG_OPTS+=( + '(-c --count)'{-c,--count}'[only print the number of matches in each file]' + '--depth[Search up to NUM directories deep, -1 for unlimited. Default is 25.]:number' + '(-F --fixed-strings)'{-F,--fixed-strings}'[alias for --literal for compatibility with grep]' + ) + fi + + if [[ $minor -le 28 ]];then + AG_OPTS+=( + '(--no-numbers)--no-numbers[donĀ“t show line numbers]' + ) + fi + if [[ $minor -gt 28 ]];then + AG_OPTS+=( + '(--nofilename --filename)'{--nofilename,--filename}'[Print file names. Default on, except when searching a single file.]' + '(--nonumbers --numbers)'{--nonumbers,--numbers}'[Print line numbers. Default is to omit line numbers when searching streams]' + '(-o --only-matching)'{-o,--only-matching}'[print only the matching part of the lines]' + ) + fi +} + +_ag() { + local curcontext="$curcontext" state line cmds update_policy ret=1 + + zstyle -s ":completion:${curcontext}:" cache-policy update_policy + [[ -z "$update_policy" ]] && zstyle ":completion:${curcontext}:" cache-policy _ag_types_caching_policy + + # Don't complete if command doesn't exist + [[ ${+commands[${words[1]}]} -eq 0 ]] && return 0 + + if ( [[ ${+AG_OPTS} -eq 0 ]] || _cache_invalid "_AG_OPTS" ) && ! _retrieve_cache "_AG_OPTS"; then + # Base opts starts at ag version 0.20 + AG_OPTS=( + '(- 1 *)--help[print a short help statement]' + '(- 1 *)--man[print the manual page]' + '(- 1 *)--version[display version and copyright information]' + '--ackmate[output results in a format parseable by AckMate]' + '(-A --after)'{-A,--after}'[Print NUM lines before match. Default is 2]:number' + '(-t --all-text -a --all-types -u --unrestricted)'{-t,--all-text}"[search all text files, excluding hidden ones]" + '(-a --all-types -t --all-text -u --unrestricted)'{-a,--all-types}"[search all text files, excluding hidden ones and not obeying ignore files (.agignore, .gitignore...)]" + '(-B --before)'{-B,--before}'[Print NUM lines after match. Defaults is 2]:number' + '(--nobreak --break)'{--nobreak,--break}'[Print a newline between matches in different files. Default on.]' + '(--color --nocolor)--color[Print color codes in results. Default on.]' + '(--nocolor --color --color-line-number --color-match --color-path)--nocolor[Do not print color codes in results. Default on.]' + '(--nocolor)--color-line-number[Color codes for line numbers. Default is 1;33.]' + '(--nocolor)--color-match[Color codes for result match numbers. Default is 30;43.]' + '(--nocolor)--color-path[Color codes for path names. Default is 1;32.]' + '--column[print column numbers in results]' + '(-C --context)'{-C,--context}'[Print NUM lines before and after matches. Default is 2.]:number' + '(-D --debug)'{-D,--debug}'[enable debug logging]' + '(-G --file-search-regex)'{-G,--file-search-regex}'[only search file names matching PATTERN]:pattern' + '(-l --files-with-matches)'{-l,--files-with-matches}'[only print filenames containing matches, not matching lines]' + '(-L --files-without-matches)'{-L,--files-without-matches}"[only print filenames that don't contain matches]" + '(-f --follow)'{-f,--follow}'[follow symlinks]' + '(-g)-g[print filenames that match PATTERN]:pattern' + '(--nogroup --group)'{--nogroup,--group}'[same as --\[no\]break --\[no\]heading]' + '--hidden[search hidden files, still obeys ignore files.]' + '*--ignore[Ignore files/directories matching this pattern. Literal file and directory names are also allowed.]:files:_files' + '(-i --ignore-case)'{-i,--ignore-case}'[match case insensitively]:pattern' + '*--ignore-dir[alias for --ignore for compatibility with ack]:files:_files' + '(-v --invert-match)'{-v,--invert-match}'[invert match]' + '(-Q --literal)'{-Q,--literal}'[match PATTERN literally, no regular expression]' + '(-m --max-count)'{-m,--max-count}'[Skip the rest of a file after NUM matches. Default is 10,000.]:number' + '(--pager --nopager)'{--pager,--nopager}'[Display results with PAGER. Disabled by default.]:pager program:_command_names' + '(--passthrough)--passthrough[when searching a stream, print all lines even if they don''t match]' + '(-p --path-to-agignore)'{-p,--path-to-agignore}'[provide a path to a specific .agignore file]:files:_files' + '--print-long-lines[print matches on very long lines, > 2k characters by default]' + '--search-binary[search binary files]' + '(-U --skip-vcs-ignores)'{-U,--skip-vcs-ignores}'[ignore VCS ignore files (.gitigore, .hgignore, svn:ignore), but still use .agignore]' + '(-S --smart-case)'{-S,--smart-case}'[match case sensitively if PATTERN contains any uppercase letters, else match case insensitively]' + '--stats[print stats (files scanned, time taken, etc)]' + '(-u --unrestricted -t --all-text -a --all-types)'{-u,--unrestricted}'[search ALL files, includes: hidden, binary & ignored files (.agignore, .gitignore...)]' + '(-w --word-regexp)'{-w,--word-regexp}'[only match whole words]' + ) + _ag_add_version_opts + AG_OPTS+=( + '*: :_files' + ) + [[ $#AG_OPTS -gt 0 ]] && _store_cache '_AG_OPTS' AG_OPTS + fi + + _arguments -C -s -S ${AG_OPTS} && ret=0 + unset AG_OPTS + + case $state in + # placeholder + esac + + return ret +} + +_ag_types_caching_policy() { + # Rebuild if .agignore more recent than cache. + [[ -f $HOME/.agignore && $$HOME/.agignore -nt "$1" ]] && return 0 + + # Rebuild if cache is older than one week. + local -a oldp + oldp=( "$1"(Nmw+1) ) + (( $#oldp )) && return 0 + + return 1 +} + +_ag "$@" diff --git a/dotfiles/zsh/completion/_berks b/dotfiles/zsh/completion/_berks new file mode 100644 index 0000000..3c79cfb --- /dev/null +++ b/dotfiles/zsh/completion/_berks @@ -0,0 +1,34 @@ +#compdef berks + +local -a _1st_arguments +_1st_arguments=( + 'apply: Apply version locks from Berksfile.lock to a Chef environment' + 'contingent: List all cookbooks that depend on the given cookbook in your Berksfile' + 'cookbook: Create a skeleton for a new cookbook' + 'help: Describe available commands or one specific command' + 'info: Display name, author, copyright, and dependency information about a cookbook' + 'init: Initialize Berkshelf in the given directory' + 'install: Install the cookbooks specified in the Berksfile' + 'list: List cookbooks and their dependencies specified by your Berksfile' + 'outdated: List dependencies that have new versions available that satisfy their constraints' + 'package: Vendor and archive the dependencies of a Berksfile' + 'search: Search the remote source for cookbooks matching the partial name' + 'shelf: Interact with the cookbook store' + 'show: Display the path to a cookbook on disk' + 'update: Update the cookbooks (and dependencies) specified in the Berksfile' + 'upload: Upload the cookbook specified in the Berksfile to the Chef Server' + 'vendor: Vendor the cookbooks specified by the Berksfile into a directory' + 'verify: Perform a quick validation on the contents of your resolved cookbooks' + 'version: Display version' + 'viz: Visualize the dependency graph' +) + +_arguments \ + '(-v)'{-v,--version}'[version]' \ + '(-h)'{-h,--help}'[help]' \ + '*:: :->subcmds' && return 0 + +if (( CURRENT == 1 )); then + _describe -t commands "berks subcommand" _1st_arguments + return +fi diff --git a/dotfiles/zsh/completion/_bower b/dotfiles/zsh/completion/_bower new file mode 100644 index 0000000..aede57c --- /dev/null +++ b/dotfiles/zsh/completion/_bower @@ -0,0 +1,135 @@ +#compdef bower +# ------------------------------------------------------------------------------ +# Description +# ----------- +# +# Completion script for Bower (http://bower.io). +# +# ------------------------------------------------------------------------------ +# Authors +# ------- +# +# * Joe Lencioni (https://github.com/lencioni) +# +# ------------------------------------------------------------------------------ + + +local curcontext="$curcontext" state line _packages _opts ret=1 + +_arguments -C -A "-v" -A "--version" \ + '(- 1 *)'{-v,--version}'[display version information]' \ + '1: :->cmds' \ + '*:: :->args' && ret=0 + +case $state in + cmds) + _values "bower command" \ + "cache[Manage bower cache]" \ + "help[Display help information about Bower]" \ + "home[Opens a package homepage into your favorite browser]" \ + "info[Info of a particular package]" \ + "init[Interactively create a bower.json file]" \ + "install[Install a package locally]" \ + "link[Symlink a package folder]" \ + "list[List local packages]" \ + "lookup[Look up a package URL by name]" \ + "prune[Removes local extraneous packages]" \ + "register[Register a package]" \ + "search[Search for a package by name]" \ + "update[Update a local package]" \ + "uninstall[Remove a local package]" \ + "version[Bump a package version]" + _arguments \ + '(--force)--force[Makes various commands more forceful]' \ + '(--json)--json[Output consumable JSON]' \ + '(--log-level)--log-level[What level of logs to report]' \ + '(--offline)--offline[Do not hit the network]' \ + '(--quiet)--quiet[Only output important information]' \ + '(--silent)--silent[Do not output anything, besides errors]' \ + '(--verbose)--verbose[Makes output more verbose]' \ + '(--allow-root)--allow-root[Allows running commands as root]' + ret=0 + ;; + args) + case $line[1] in + help) + _values 'commands' \ + 'cache' \ + 'home' \ + 'info' \ + 'init' \ + 'install' \ + 'link' \ + 'list' \ + 'lookup' \ + 'prune' \ + 'register' \ + 'search' \ + 'update' \ + 'uninstall' \ + 'version' + ret=0 + ;; + (home|info|init|link|lookup|prune|register|search) + _arguments \ + '(--help)--help[Show help message]' + ret=0 + ;; + install) + _arguments \ + '(--force-latest)--force-latest[Force latest version on conflict]' \ + '(--help)--help[Show help message]' \ + '(--production)--production[Do not install project devDependencies]' \ + '(--save)--save[Save installed packages into the project''s bower.json dependencies]' \ + '(--save-dev)--save-dev[Save installed packages into the project''s bower.json devDependencies]' + ret=0 + ;; + list) + _arguments \ + '(--help)--help[Show help message]' \ + '(--paths)--paths[Generate a simple JSON source mapping]' \ + '(--relative)--relative[Make paths relative to the directory config property, which defaults to bower_components]' + ret=0 + ;; + uninstall) + _arguments \ + '(--help)--help[Show help message]' \ + '(--save)--save[Save installed packages into th projects''s bower.json dependencies]' \ + '(--save-dev)--save-dev[Save installed packages into th projects''s bower.json devDependencies]' + ret=0 + ;; + update) + _arguments \ + '(--force-latest)--force-latest[Force latest version on conflict]' \ + '(--help)--help[Show help message]' \ + '(--production)--production[Do not install project devDependencies]' + ret=0 + ;; + version) + _arguments \ + '(--message)--message[Custom git commit and tag message]' + ret=0 + ;; + exec) + _normal && ret=0 + ;; + *) + _opts=( $(bower help $line[1] | sed -e '/^ \[-/!d; s/^ \[\(-[^=]*\)=.*/\1/') ) + _opts+=( $(bower help $line[1] | sed -e '/^ -/!d; s/^ \(-.\), \[\(-[^=]*\)=.*/\1 \2/') ) + if [[ $_opts != "" ]]; then + _values 'options' $_opts && ret=0 + fi + ;; + esac + ;; +esac + +return ret + +# Local Variables: +# mode: Shell-Script +# sh-indentation: 2 +# indent-tabs-mode: nil +# sh-basic-offset: 2 +# End: +# vim: ft=zsh sw=2 ts=2 et diff --git a/dotfiles/zsh/completion/_cmake b/dotfiles/zsh/completion/_cmake new file mode 100644 index 0000000..544137b --- /dev/null +++ b/dotfiles/zsh/completion/_cmake @@ -0,0 +1,274 @@ +#compdef cmake + +# Description +# ----------- +# +# Completion script for CMake (http://www.cmake.org). +# +# ------------------------------------------------------------------------- +# Authors +# ------- +# +# * Scott M. Kroll +# +# ------------------------------------------------------------------------- +# Notes +# ----- +# +# * By default only C and C++ languages are supported for compiler flag +# variables. To define your own list of languages: +# +# cmake_langs=('C' 'C' +# 'CXX' 'C++') +# zstyle ':completion:*:cmake:*' languages $cmake_langs +# +# ------------------------------------------------------------------------- + +_cmake() { + local context state line curcontext="$curcontext" cmake_args + + local cmake_help_actions;cmake_help_actions=( + '(- 1)--help-command[Print help for a single command and exit]:command-name:_cmake_command_names' + '(- 1)--help-command-list[List available listfile commands and exit]' + '(- 1)--help-commands[Print help for all commands and exit]' + '(- 1)--help-compatcommands[Print help for compatibility commands]' + '(- 1)--help-module[Print help for compatibility commands]:module-name:_cmake_module_names' + '(- 1)--help-module-list[Print help for a single module and exit]' + '(- 1)--help-modules[Print help for all modules and exit]' + '(- 1)--help-property[List available properties and exit]:property-name:_cmake_property_names' + '(- 1)--help-property-list[List available properties and exit]' + '(- 1)--help-properties[Print help for all properties and exit]' + '(- 1)--help-variable[Print help for a single variable and exit]:variable-name:_cmake_variable_names' + '(- 1)--help-variable-list[List documented variables and exit]' + '(- 1)--help-variables[Print help for all variables and exit]' + '(- 1)--copyright[Print the CMake copyright and exit]' + '(- 1)'{--help,-help,-usage,-h,-H}'[Print usage information and exit]' + '(- 1)--help-full[Print full help and exit]' + '(- 1)--help-html[Print full help in HTML format]' + '(- 1)--help-man[Print full help as a UNIX man page and exit]' + '(- 1)'{--version,-version}'[Print full help as a UNIX man page and exit]' + ) + + local cmake_build_options;cmake_build_options=( + '-C[Pre-load a script to populate the cache]:script:_files' + '*-D-[Create a cmake cache entry]:property:_cmake_define_property' + '-U[Remove matching entries from CMake cache]:globbing expression' + '-G[Specify a makefile generator]:generator:_cmake_generators' + '-T[Specify toolset name if supported by generator]:toolset name' + '(-Wno-dev -Wdev)-Wno-dev[Suppress developer warnings]' + '(-Wno-dev -Wdev)-Wdev[Enable developer warnings]' + '-i[Run in wizard mode]' + '-L-[List cache variables]::_values "options" "[non-advanced cache variables]" "A[advanced cache variables]" "H[non-advanced cached variables with help]" "AH[advanced cache variables with help]"' + '--trace[Put cmake in trace mode]' + ':cmake project:_files -/' + ) + + local cmake_command_actions;cmake_command_actions=( + '-E[CMake command mode]:*:command' + ) + + _arguments -C -s \ + - help \ + "$cmake_help_actions[@]" \ + - command \ + "$cmake_command_actions[@]" \ + - build_opts \ + "$cmake_build_options[@]" && return 0 +} + +# ------------------- +# _cmake_command_names +# ------------------- +(( $+functions[_cmake_command_names] )) || +_cmake_command_names() { + local command_names; command_names=(${(f)"$($service --help-command-list 2> /dev/null)"}) + _values 'command name' ${command_names[@]:1} && return 0 +} + +# ----------------- +# _cmake_list_names +# ----------------- +(( $+functions[_cmake_list_names] )) || +_cmake_list_names() { + local command; command="$@[1]" + local desc; desc="$@[2]" + local list_names; list_names=(${(f)"$($service $command 2> /dev/null | sed -e 's/\[/\\\[/' -e 's/\]/\\\]/')"}) + + _values ${desc} ${list_names[@]:1} && return 0 +} + +# ------------------ +# _cmake_module_names +# ------------------ +(( $+functions[_cmake_module_names] )) || +_cmake_module_names() { + _cmake_list_names '--help-module-list' 'module name' && return 0 +} + +# -------------------- +# _cmake_property_names +# -------------------- +(( $+functions[_cmake_property_names] )) || +_cmake_property_names() { + _cmake_list_names '--help-property-list' 'property name' && return 0 +} + +# --------------------- +# _cmake_variable_names +# --------------------- +(( $+functions[_cmake_variable_names] )) || +_cmake_variable_names() { + _cmake_list_names '--help-variable-list' 'variable name' && return 0 +} + +# ---------------------- +# _cmake_define_property +# ---------------------- +(( $+functions[_cmake_define_property] )) || +_cmake_define_property() { + if compset -P '*='; then + _wanted property-values expl 'property value' _cmake_define_property_values ${${IPREFIX%=}#-D} && return 0 + else + _wanted property-names expl 'property name' _cmake_define_property_names -qS= && return 0 + fi +} + +# ---------------------------- +# _cmake_define_property_names +# ---------------------------- +(( $+functions[_cmake_define_property_names] )) || +_cmake_define_property_names() { + local alternatives; alternatives=( + 'common-property-names:common property name:_cmake_define_common_property_names -qS=' + ) + local -A cmake_langs + zstyle -a ":completion:${curcontext}:" languages cmake_langs + [[ $#cmake_langs -eq 0 ]] && cmake_langs=('C' 'C' 'CXX' 'C++') + + for cmake_lang in ${(k)cmake_langs}; do + cmake_lang_desc="${cmake_langs[$cmake_lang]}" + alternatives+=("${cmake_lang//:/-}-property-names:${cmake_lang_desc} language property name:_cmake_define_lang_property_names -qS= ${cmake_lang} ${cmake_lang_desc}") + done + + _alternative "${alternatives[@]}" +} + +# --------------------------------- +# _cmake_define_lang_property_names +# --------------------------------- +(( $+functions[_cmake_define_lang_property_names] )) || +_cmake_define_lang_property_names() { + local cmake_lang="$@[-2]" cmake_lang_desc="$@[-1]" + local properties; properties=( + "CMAKE_${cmake_lang}_COMPILER:${cmake_lang_desc} compiler" + "CMAKE_${cmake_lang}_FLAGS:${cmake_lang_desc} compiler flags for all builds" + "CMAKE_${cmake_lang}_FLAGS_DEBUG:${cmake_lang_desc} compiler flags for all Debug build" + "CMAKE_${cmake_lang}_FLAGS_RLEASE:${cmake_lang_desc} compiler flags for all Relase build" + "CMAKE_${cmake_lang}_FLAGS_MINSIZREL:${cmake_lang_desc} compiler flags for all MinSizRel build" + "CMAKE_${cmake_lang}_FLAGS_RELWITHDEBINFO:${cmake_lang_desc} compiler flags for all RelWithDebInfo build" + ) + + _describe -t "${cmake_lang//:/-}-property-names" "${cmake_lang_desc} property name" properties $@[0,-3] && return 0 +} + +# ----------------------------------- +# _cmake_define_common_property_names +# ----------------------------------- +(( $+functions[_cmake_define_common_property_names] )) || +_cmake_define_common_property_names() { + local properties; properties=( + 'CMAKE_BUILD_TYPE:Specifies the build type for make based generators' + 'CMAKE_TOOLCHAIN_FILE:Absolute or relative path to a cmake script which sets up toolchain related variables' + 'CMAKE_COLOR_MAKEFILE:Enables/disables color output when using the Makefile generator' + 'CMAKE_INSTALL_PREFIX:Install directory used by install' + ) + + _describe -t 'common-property-names' 'common property name' properties $@ +} + +# ---------------------------- +# _cmake_define_property_values +# ---------------------------- +(( $+functions[_cmake_define_property_values] )) || +_cmake_define_property_values() { + local ret=1 + setopt localoptions extendedglob + case $@[-1] in + (CMAKE_BUILD_TYPE) _wanted build-types expl 'build type' _cmake_build_types && ret=0;; + (CMAKE_TOOLCHAIN_FILE) _wanted toolchain-files expl 'file' _cmake_toolchain_files && ret=0;; + (CMAKE_COLOR_MAKEFILE) _wanted booleans expl 'boolean' _cmake_booleans && ret=0;; + (CMAKE_INSTALL_PREFIX) _files -/ && ret=0;; + (CMAKE_*_COMPILER) _wanted compilers expl 'compiler' _cmake_compilers && ret=0;; + (CMAKE_*_FLAGS(|_?*)) _message -e compiler-flags 'compiler flags' && ret=0;; + (*) _files && ret=0;; + esac + + return ret +} + +# ------------------ +# _cmake_build_types +# ------------------ +(( $+functions[_cmake_build_types] )) || +_cmake_build_types() { + local build_types; build_types=( + 'Debug' + 'Release' + 'RelWithDebInfo' + 'MinSizeRel' + ) + _values 'build type' ${build_types[@]} +} + +# ----------------- +# _cmake_generators +# ----------------- +(( $+functions[_cmake_generators] )) || +_cmake_generators() { + local generators; generators=( + 'Unix Makefiles' + 'Ninja' + 'CodeBlocks - Ninja' + 'CodeBlocks - Unix Makefiles' + 'Eclipse CDT4 - Ninja' + 'Eclipse CDT4 - Unix Makefiles' + 'KDevelop3' + 'KDevelop3 - Unix Makefiles' + 'Sublime Text 2 - Ninja' + 'Sublime Text 2 - Unix Makefiles' + ) + + _describe -t generators 'generator' generators +} + +# ---------------------- +# _cmake_toolchain_files +# ---------------------- +(( $+functions[_cmake_toolchain_files] )) || +_cmake_toolchain_files() { + _files -g '*\.cmake*' +} + +# --------------- +# _cmake_booleans +# --------------- +(( $+functions[_cmake_booleans] )) || +_cmake_booleans() { + local booleans; booleans=( + 'YES' + 'NO' + ) + _describe -t booleans 'boolean' booleans +} + +# --------------- +# _cmake_compilers +# --------------- +(( $+functions[_cmake_compilers] )) || +_cmake_compilers() { + _command_names -e +} + + +_cmake "$@" + diff --git a/dotfiles/zsh/completion/_composer b/dotfiles/zsh/completion/_composer new file mode 100644 index 0000000..f30360f --- /dev/null +++ b/dotfiles/zsh/completion/_composer @@ -0,0 +1,76 @@ +#compdef composer +# ------------------------------------------------------------------------------ +# Copyright (c) 2011 Github zsh-users - http://github.com/zsh-users +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the zsh-users nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL ZSH-USERS BE LIABLE FOR ANY +# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# ------------------------------------------------------------------------------ +# Description +# ----------- +# +# Completion script for composer (https://getcomposer.org/). +# +# ------------------------------------------------------------------------------ +# Authors +# ------- +# +# * Daniel Gomes (me@danielcsgomes.com) +# * Valerii Hiora (https://github.com/vhbit) +# * loranger (https://github.com/loranger) +# +# ------------------------------------------------------------------------------ + +local curcontext=$curcontext state line +declare -A opt_args + +_composer_get_command_list () { + composer --no-ansi | sed "1,/Available commands/d" | awk '/ [a-z]+/ { print $1 }' +} + +_composer_get_required_list () { + composer show -s --no-ansi | sed '1,/requires/d' | awk 'NF > 0 && !/^requires \(dev\)/{ print $1 }' +} + + +_composer () { + local curcontext="$curcontext" state line + typeset -A opt_args + + _arguments \ + '1: :->command'\ + '*: :->args' + if [ -f composer.json ]; then + case $state in + command) + compadd `_composer_get_command_list` + ;; + *) + compadd `_composer_get_required_list` + ;; + esac + else + compadd create-project init search selfupdate show + fi +} + +compdef _composer composer diff --git a/dotfiles/zsh/completion/_docker b/dotfiles/zsh/completion/_docker new file mode 100644 index 0000000..3215814 --- /dev/null +++ b/dotfiles/zsh/completion/_docker @@ -0,0 +1,514 @@ +#compdef docker +# +# zsh completion for docker (http://docker.com) +# +# version: 0.3.0 +# github: https://github.com/felixr/docker-zsh-completion +# +# contributors: +# - Felix Riedel +# - Vincent Bernat +# +# license: +# +# Copyright (c) 2013, Felix Riedel +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY +# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +__docker_get_containers() { + local kind expl + declare -a running stopped lines args + + kind=$1 + shift + [[ $kind = (stopped|all) ]] && args=($args -a) + + lines=(${(f)"$(_call_program commands docker ps ${args})"}) + + # Parse header line to find columns + local i=1 j=1 k header=${lines[1]} + declare -A begin end + while (( $j < ${#header} - 1 )) { + i=$(( $j + ${${header[$j,-1]}[(i)[^ ]]} - 1)) + j=$(( $i + ${${header[$i,-1]}[(i) ]} - 1)) + k=$(( $j + ${${header[$j,-1]}[(i)[^ ]]} - 2)) + begin[${header[$i,$(($j-1))]}]=$i + end[${header[$i,$(($j-1))]}]=$k + } + lines=(${lines[2,-1]}) + + # Container ID + local line + local s + for line in $lines; do + s="${line[${begin[CONTAINER ID]},${end[CONTAINER ID]}]%% ##}" + s="$s:${(l:15:: :::)${${line[${begin[CREATED]},${end[CREATED]}]/ ago/}%% ##}}" + s="$s, ${${${line[$begin[IMAGE],$end[IMAGE]]}/:/\\:}%% ##}" + if [[ ${line[${begin[STATUS]},${end[STATUS]}]} = Exit* ]]; then + stopped=($stopped $s) + else + running=($running $s) + fi + done + + # Names + local name + local -a names + for line in $lines; do + names=(${(ps:,:)${${line[${begin[NAMES]},-1]}%% *}}) + for name in $names; do + s="${name}:${(l:15:: :::)${${line[${begin[CREATED]},${end[CREATED]}]/ ago/}%% ##}}" + s="$s, ${${${line[$begin[IMAGE],$end[IMAGE]]}/:/\\:}%% ##}" + if [[ ${line[${begin[STATUS]},${end[STATUS]}]} = Exit* ]]; then + stopped=($stopped $s) + else + running=($running $s) + fi + done + done + + [[ $kind = (running|all) ]] && _describe -t containers-running "running containers" running + [[ $kind = (stopped|all) ]] && _describe -t containers-stopped "stopped containers" stopped +} + +__docker_stoppedcontainers() { + __docker_get_containers stopped "$@" +} + +__docker_runningcontainers() { + __docker_get_containers running "$@" +} + +__docker_containers () { + __docker_get_containers all "$@" +} + +__docker_images () { + local expl + declare -a images + images=(${${${${(f)"$(_call_program commands docker images)"}[2,-1]}/ ##/\\:}%% *}) + images=(${${images%\\:}#} ${${${(f)"$(_call_program commands docker images)"}[2,-1]}/(#b)([^ ]##) ##([^ ]##) ##([^ ]##)*/${match[3]}:${(r:15:: :::)match[2]} in ${match[1]}}) + _describe -t docker-images "images" images +} + +__docker_tags() { + local expl + declare -a tags + tags=(${${${${${(f)"$(_call_program commands docker images)"}#* }## #}%% *}[2,-1]}) + _describe -t docker-tags "tags" tags +} + +__docker_repositories_with_tags() { + if compset -P '*:'; then + __docker_tags + else + __docker_repositories -qS ":" + fi +} + +__docker_search() { + # declare -a dockersearch + local cache_policy + zstyle -s ":completion:${curcontext}:" cache-policy cache_policy + if [[ -z "$cache_policy" ]]; then + zstyle ":completion:${curcontext}:" cache-policy __docker_caching_policy + fi + + local searchterm cachename + searchterm="${words[$CURRENT]%/}" + cachename=_docker-search-$searchterm + + local expl + local -a result + if ( [[ ${(P)+cachename} -eq 0 ]] || _cache_invalid ${cachename#_} ) \ + && ! _retrieve_cache ${cachename#_}; then + _message "Searching for ${searchterm}..." + result=(${${${(f)"$(_call_program commands docker search ${searchterm})"}%% *}[2,-1]}) + _store_cache ${cachename#_} result + fi + _wanted dockersearch expl 'available images' compadd -a result +} + +__docker_caching_policy() +{ + oldp=( "$1"(Nmh+1) ) # 1 hour + (( $#oldp )) +} + + +__docker_repositories () { + local expl + declare -a repos + repos=(${${${(f)"$(_call_program commands docker images)"}%% *}[2,-1]}) + _describe -t docker-repos "repositories" repos "$@" +} + +__docker_commands () { + # local -a _docker_subcommands + local cache_policy + + zstyle -s ":completion:${curcontext}:" cache-policy cache_policy + if [[ -z "$cache_policy" ]]; then + zstyle ":completion:${curcontext}:" cache-policy __docker_caching_policy + fi + + if ( [[ ${+_docker_subcommands} -eq 0 ]] || _cache_invalid docker_subcommands) \ + && ! _retrieve_cache docker_subcommands; + then + local -a lines + lines=(${(f)"$(_call_program commands docker 2>&1)"}) + _docker_subcommands=(${${${lines[$((${lines[(i)Commands:]} + 1)),${lines[(I) *]}]}## #}/ ##/:}) + _docker_subcommands=($_docker_subcommands 'help:Show help for a command') + _store_cache docker_subcommands _docker_subcommands + fi + _describe -t docker-commands "docker command" _docker_subcommands +} + +__docker_subcommand () { + local -a _command_args + case "$words[1]" in + (attach) + _arguments \ + '--no-stdin[Do not attach stdin]' \ + '--sig-proxy[Proxy all received signals to the process (non-TTY mode only)]' \ + ':containers:__docker_runningcontainers' + ;; + (build) + _arguments \ + {-f,--file=-}'[Dockerfile to use]:Dockerfile:_files' \ + '--force-rm[Always remove intermediate containers]' \ + '--no-cache[Do not use cache when building the image]' \ + '--pull[Attempt to pull a newer version of the image]' \ + {-q,--quiet}'[Suppress verbose build output]' \ + '--rm[Remove intermediate containers after a successful build]' \ + {-t,--tag=-}'[Repository, name and tag to be applied]:repository:__docker_repositories_with_tags' \ + ':path or URL:_directories' + ;; + (commit) + _arguments \ + {-a,--author=-}'[Author]:author: ' \ + {-m,--message=-}'[Commit message]:message: ' \ + {-p,--pause}'[Pause container during commit]' \ + ':container:__docker_containers' \ + ':repository:__docker_repositories_with_tags' + ;; + (cp) + _arguments \ + ':container:->container' \ + ':hostpath:_files' + case $state in + (container) + if compset -P '*:'; then + _files + else + __docker_containers -qS ":" + fi + ;; + esac + ;; + (diff|export) + _arguments '*:containers:__docker_containers' + ;; + (events) + _arguments \ + '*'{-f,--filter=-}'[Filter values]:filter: ' \ + '--since=-[Events created since this timestamp]:timestamp: ' \ + '--until=-[Events created until this timestamp]:timestamp: ' + ;; + (exec) + local state ret + _arguments \ + {-d,--detach}'[Detached mode: leave the container running in the background]' \ + {-i,--interactive}'[Keep stdin open even if not attached]' \ + {-t,--tty}'[Allocate a pseudo-tty]' \ + ':containers:__docker_runningcontainers' \ + '*::command:->anycommand' && ret=0 + + case $state in + (anycommand) + shift 1 words + (( CURRENT-- )) + _normal + ;; + esac + + return ret + ;; + (history) + _arguments \ + '--no-trunc[Do not truncate output]' \ + {-q,--quiet}'[Only show numeric IDs]' \ + '*:images:__docker_images' + ;; + (images) + _arguments \ + {-a,--all}'[Show all images]' \ + '*'{-f,--filter=-}'[Filter values]:filter: ' \ + '--no-trunc[Do not truncate output]' \ + {-q,--quiet}'[Only show numeric IDs]' \ + ':repository:__docker_repositories' + ;; + (inspect) + _arguments \ + {-f,--format=-}'[Format the output using the given go template]:template: ' \ + '*:containers:__docker_containers' + ;; + (import) + _arguments \ + ':URL:(- http:// file://)' \ + ':repository:__docker_repositories_with_tags' + ;; + (info) + ;; + (import) + _arguments \ + ':URL:(- http:// file://)' \ + ':repository:__docker_repositories_with_tags' + ;; + (insert) + _arguments '1:containers:__docker_containers' \ + '2:URL:(http:// file://)' \ + '3:file:_files' + ;; + (kill) + _arguments \ + {-s,--signal=-}'[Signal to send]:signal:_signals' \ + '*:containers:__docker_runningcontainers' + ;; + (load) + _arguments \ + {-i,--input=-}'[Read from tar archive file]:archive file:_files -g "*.((tar|TAR)(.gz|.GZ|.Z|.bz2|.lzma|.xz|)|(tbz|tgz|txz))(-.)"' + ;; + (login) + _arguments \ + {-e,--email=-}'[Email]:email: ' \ + {-p,--password=-}'[Password]:password: ' \ + {-u,--user=-}'[Username]:username: ' \ + ':server: ' + ;; + (logout) + _arguments \ + ':server: ' + ;; + (logs) + _arguments \ + {-f,--follow}'[Follow log output]' \ + {-t,--timestamps}'[Show timestamps]' \ + '--tail=-[Output the last K lines]:lines:(1 10 20 50 all)' \ + '*:containers:__docker_containers' + ;; + (port) + _arguments \ + '1:containers:__docker_runningcontainers' \ + '2:port:_ports' + ;; + (pause|unpause) + _arguments \ + '1:containers:__docker_runningcontainers' + ;; + (start) + _arguments \ + {-a,--attach}'[Attach container'"'"'s stdout/stderr and forward all signals]' \ + {-i,--interactive}'[Attach container'"'"'s stding]' \ + '*:containers:__docker_stoppedcontainers' + ;; + (stats) + _arguments \ + '*:containers:__docker_runningcontainers' + ;; + (rm) + _arguments \ + {-f,--force}'[Force removal]' \ + {-l,--link}'[Remove the specified link and not the underlying container]' \ + {-v,--volumes}'[Remove the volumes associated to the container]' \ + '*:containers:__docker_stoppedcontainers' + ;; + (rmi) + _arguments \ + {-f,--force}'[Force removal]' \ + '--no-prune[Do not delete untagged parents]' \ + '*:images:__docker_images' + ;; + (restart|stop) + _arguments \ + {-t,--time=-}'[Number of seconds to try to stop for before killing the container]:seconds to before killing:(1 5 10 30 60)' \ + '*:containers:__docker_runningcontainers' + ;; + (top) + _arguments \ + '1:containers:__docker_runningcontainers' \ + '(-)*:: :->ps-arguments' + case $state in + (ps-arguments) + _ps + ;; + esac + + ;; + (ps) + _arguments \ + {-a,--all}'[Show all containers]' \ + '--before=-[Show only container created before...]:containers:__docker_containers' \ + '*'{-f,--filter=-}'[Filter values]:filter: ' \ + {-l,--latest}'[Show only the latest created container]' \ + '-n[Show n last created containers, include non-running one]:n:(1 5 10 25 50)' \ + '--no-trunc[Do not truncate output]' \ + {-q,--quiet}'[Only show numeric IDs]' \ + {-s,--size}'[Display total file sizes]' \ + '--since=-[Show only containers created since...]:containers:__docker_containers' + ;; + (tag) + _arguments \ + {-f,--force}'[force]'\ + ':image:__docker_images'\ + ':repository:__docker_repositories_with_tags' + ;; + (create|run) + _arguments \ + {-a,--attach}'[Attach to stdin, stdout or stderr]' \ + '*--add-host=-[Add a custom host-to-IP mapping]:host\:ip mapping: ' \ + {-c,--cpu-shares=-}'[CPU shares (relative weight)]:CPU shares:(0 10 100 200 500 800 1000)' \ + '*--cap-add=-[Add Linux capabilities]:capability: ' \ + '*--cap-drop=-[Drop Linux capabilities]:capability: ' \ + '--cidfile=-[Write the container ID to the file]:CID file:_files' \ + '--cpuset=-[CPUs in which to allow execution]:CPU set: ' \ + {-d,--detach}'[Detached mode: leave the container running in the background]' \ + '*--device=-[Add a host device to the container]:device:_files' \ + '*--dns=-[Set custom dns servers]:dns server: ' \ + '*--dns-search=-[Set custom DNS search domains]:dns domains: ' \ + '*'{-e,--environment=-}'[Set environment variables]:environment variable: ' \ + '--entrypoint=-[Overwrite the default entrypoint of the image]:entry point: ' \ + '*--env-file=-[Read environment variables from a file]:environment file:_files' \ + '*--expose=-[Expose a port from the container without publishing it]: ' \ + {-h,--hostname=-}'[Container host name]:hostname:_hosts' \ + {-i,--interactive}'[Keep stdin open even if not attached]' \ + '*--link=-[Add link to another container]:link:->link' \ + '*--lxc-conf=-[Add custom lxc options]:lxc options: ' \ + '-m[Memory limit (in bytes)]:limit: ' \ + '--name=-[Container name]:name: ' \ + '--net=-[Network mode]:network mode:(bridge none container host)' \ + {-P,--publish-all}'[Publish all exposed ports]' \ + '*'{-p,--publish=-}'[Expose a container'"'"'s port to the host]:port:_ports' \ + '--privileged[Give extended privileges to this container]' \ + '--restart=-[Restart policy]:restart policy:(no on-failure always)' \ + '--rm[Remove intermediate containers when it exits]' \ + '*--security-opt=-[Security options]:security option: ' \ + '--sig-proxy[Proxy all received signals to the process (non-TTY mode only)]' \ + {-t,--tty}'[Allocate a pseudo-tty]' \ + {-u,--user=-}'[Username or UID]:user:_users' \ + '*-v[Bind mount a volume]:volume: '\ + '*--volumes-from=-[Mount volumes from the specified container]:volume: ' \ + {-w,--workdir=-}'[Working directory inside the container]:directory:_directories' \ + '(-):images:__docker_images' \ + '(-):command: _command_names -e' \ + '*::arguments: _normal' + + case $state in + (link) + if compset -P '*:'; then + _wanted alias expl 'Alias' compadd -E "" + else + __docker_runningcontainers -qS ":" + fi + ;; + esac + + ;; + (pull) + _arguments \ + {-a,--all-tags}'[Download all tagged images]' \ + ':name:__docker_search' + ;; + (push) + _arguments ':images:__docker_images' + ;; + (rename) + _arguments \ + ':old name:__docker_containers' \ + ':new name: ' + ;; + (save) + _arguments \ + {-o,--output=-}'[Write to file]:file:_files' \ + '*:images:__docker_images' + ;; + (search) + _arguments \ + '--automated[Only show automated builds]' \ + '--no-trunc[Do not truncate output]' \ + {-s,--stars=-}'[Only display with at least X stars]:stars:(0 10 100 1000)' \ + ':term: ' + ;; + (wait) + _arguments '*:containers:__docker_runningcontainers' + ;; + (help) + _arguments ':subcommand:__docker_commands' + ;; + (*) + _message 'Unknown sub command' + esac + +} + +_docker () { + # Support for subservices, which allows for `compdef _docker docker-shell=_docker_containers`. + # Based on /usr/share/zsh/functions/Completion/Unix/_git without support for `ret`. + if [[ $service != docker ]]; then + _call_function - _$service + return + fi + + local curcontext="$curcontext" state line + typeset -A opt_args + + _arguments -C \ + '-H[tcp://host:port to bind/connect to]:socket: ' \ + '(-): :->command' \ + '(-)*:: :->option-or-argument' + + if (( CURRENT == 1 )); then + + fi + case $state in + (command) + __docker_commands + ;; + (option-or-argument) + curcontext=${curcontext%:*:*}:docker-$words[1]: + __docker_subcommand + ;; + esac +} + +_docker "$@" + +# Local Variables: +# mode: Shell-Script +# sh-indentation: 4 +# indent-tabs-mode: nil +# sh-basic-offset: 4 +# End: +# vim: ft=zsh sw=4 ts=4 et diff --git a/dotfiles/zsh/completion/_hub b/dotfiles/zsh/completion/_hub new file mode 100644 index 0000000..df09ace --- /dev/null +++ b/dotfiles/zsh/completion/_hub @@ -0,0 +1,160 @@ +#compdef hub + +# Zsh will source this file when attempting to autoload the "_hub" function, +# typically on the first attempt to complete the hub command. We define two new +# setup helper routines (one for the zsh-distributed version, one for the +# git-distributed, bash-based version). Then we redefine the "_hub" function to +# call "_git" after some other interception. +# +# This is pretty fragile, if you think about it. Any number of implementation +# changes in the "_git" scripts could cause problems down the road. It would be +# better if the stock git completions were just a bit more permissive about how +# it allowed third-party commands to be added. + +(( $+functions[__hub_setup_zsh_fns] )) || +__hub_setup_zsh_fns () { + (( $+functions[_git-alias] )) || + _git-alias () { + _arguments \ + '-s[output shell script suitable for eval]' \ + '1::shell:(zsh bash csh)' + } + + (( $+functions[_git-browse] )) || + _git-browse () { + _arguments \ + '-u[output the URL]' \ + '2::subpage:(wiki commits issues)' + } + + (( $+functions[_git-compare] )) || + _git-compare () { + _arguments \ + '-u[output the URL]' \ + ':[start...]end range:' + } + + (( $+functions[_git-create] )) || + _git-create () { + _arguments \ + '::name (REPOSITORY or ORGANIZATION/REPOSITORY):' \ + '-p[make repository private]' \ + '-d[description]:description' \ + '-h[home page]:repository home page URL:_urls' + } + + (( $+functions[_git-fork] )) || + _git-fork () { + _arguments \ + '--no-remote[do not add a remote for the new fork]' + } + + (( $+functions[_git-pull-request] )) || + _git-pull-request () { + _arguments \ + '-f[force (skip check for local commits)]' \ + '-b[base]:base ("branch", "owner\:branch", "owner/repo\:branch"):' \ + '-h[head]:head ("branch", "owner\:branch", "owner/repo\:branch"):' \ + - set1 \ + '-m[message]' \ + '-F[file]' \ + - set2 \ + '-i[issue]:issue number:' \ + - set3 \ + '::issue-url:_urls' + } + + # stash the "real" command for later + functions[_hub_orig_git_commands]=$functions[_git_commands] + + # Replace it with our own wrapper. + declare -f _git_commands >& /dev/null && unfunction _git_commands + _git_commands () { + local ret=1 + # call the original routine + _call_function ret _hub_orig_git_commands + + # Effectively "append" our hub commands to the behavior of the original + # _git_commands function. Using this wrapper function approach ensures + # that we only offer the user the hub subcommands when the user is + # actually trying to complete subcommands. + hub_commands=( + alias:'show shell instructions for wrapping git' + pull-request:'open a pull request on GitHub' + fork:'fork origin repo on GitHub' + create:'create new repo on GitHub for the current project' + browse:'browse the project on GitHub' + compare:'open GitHub compare view' + ci-status:'lookup commit in GitHub Status API' + ) + _describe -t hub-commands 'hub command' hub_commands && ret=0 + + return ret + } +} + +(( $+functions[__hub_setup_bash_fns] )) || +__hub_setup_bash_fns () { + # TODO more bash-style fns needed here to complete subcommand args. They take + # the form "_git_CMD" where "CMD" is something like "pull-request". + + # Duplicate and rename the 'list_all_commands' function + eval "$(declare -f __git_list_all_commands | \ + sed 's/__git_list_all_commands/__git_list_all_commands_without_hub/')" + + # Wrap the 'list_all_commands' function with extra hub commands + __git_list_all_commands() { + cat <<-EOF +alias +pull-request +fork +create +browse +compare +ci-status +EOF + __git_list_all_commands_without_hub + } + + # Ensure cached commands are cleared + __git_all_commands="" +} + +# redefine _hub to a much smaller function in the steady state +_hub () { + # only attempt to intercept the normal "_git" helper functions once + (( $+__hub_func_replacement_done )) || + () { + # At this stage in the shell's execution the "_git" function has not yet + # been autoloaded, so the "_git_commands" or "__git_list_all_commands" + # functions will not be defined. Call it now (with a bogus no-op service + # to prevent premature completion) so that we can wrap them. + if declare -f _git >& /dev/null ; then + _hub_noop () { __hub_zsh_provided=1 } # zsh-provided will call this one + __hub_noop_main () { __hub_git_provided=1 } # git-provided will call this one + local service=hub_noop + _git + unfunction _hub_noop + unfunction __hub_noop_main + service=git + fi + + if (( $__hub_zsh_provided )) ; then + __hub_setup_zsh_fns + elif (( $__hub_git_provided )) ; then + __hub_setup_bash_fns + fi + + __hub_func_replacement_done=1 + } + + # Now perform the actual completion, allowing the "_git" function to call our + # replacement "_git_commands" function as needed. Both versions expect + # service=git or they will call nonexistent routines or end up in an infinite + # loop. + service=git + declare -f _git >& /dev/null && _git +} + +# make sure we actually attempt to complete on the first "tab" from the user +_hub diff --git a/dotfiles/zsh/completion/_knife b/dotfiles/zsh/completion/_knife new file mode 100644 index 0000000..7f8c95e --- /dev/null +++ b/dotfiles/zsh/completion/_knife @@ -0,0 +1,174 @@ +#compdef knife + +# These flags should be available everywhere according to man knife +knife_general_flags=( --help --server-url --key --config --editor --format --log_level --logfile --no-editor --user --print-after --version --yes ) + +# knife has a very special syntax, some example calls are: +# knife status +# knife cookbook list +# knife role show ROLENAME +# knife data bag show DATABAGNAME +# knife role show ROLENAME --attribute ATTRIBUTENAME +# knife cookbook show COOKBOOKNAME COOKBOOKVERSION recipes + +# The -Q switch in compadd allow for completions of things like "data bag" without having to go through two rounds of completion and avoids zsh inserting a \ for escaping spaces +_knife() { + local curcontext="$curcontext" state line + typeset -A opt_args + cloudproviders=(bluebox ec2 rackspace slicehost terremark) + _arguments \ + '1: :->knifecmd'\ + '2: :->knifesubcmd'\ + '3: :->knifesubcmd2' \ + '4: :->knifesubcmd3' \ + '5: :->knifesubcmd4' \ + '6: :->knifesubcmd5' + + case $state in + knifecmd) + compadd -Q "$@" bootstrap client configure cookbook "cookbook site" "data bag" exec index node recipe role search ssh status windows $cloudproviders + ;; + knifesubcmd) + case $words[2] in + (bluebox|ec2|rackspace|slicehost|terremark) + compadd "$@" server images + ;; + client) + compadd -Q "$@" "bulk delete" list create show delete edit reregister + ;; + configure) + compadd "$@" client + ;; + cookbook) + compadd -Q "$@" test list create download delete "metadata from" show "bulk delete" metadata upload + ;; + node) + compadd -Q "$@" "from file" create show edit delete list run_list "bulk delete" + ;; + recipe) + compadd "$@" list + ;; + role) + compadd -Q "$@" "bulk delete" create delete edit "from file" list show + ;; + windows) + compadd "$@" bootstrap + ;; + *) + _arguments '2:Subsubcommands:($(_knife_options1))' + esac + ;; + knifesubcmd2) + case $words[3] in + server) + compadd "$@" list create delete + ;; + images) + compadd "$@" list + ;; + site) + compadd "$@" vendor show share search download list unshare + ;; + (show|delete|edit) + _arguments '3:Subsubcommands:($(_chef_$words[2]s_remote))' + ;; + (upload|test) + _arguments '3:Subsubcommands:($(_chef_$words[2]s_local) --all)' + ;; + list) + compadd -a "$@" knife_general_flags + ;; + bag) + compadd -Q "$@" show edit list "from file" create delete + ;; + *) + _arguments '3:Subsubcommands:($(_knife_options2))' + esac + ;; + knifesubcmd3) + case $words[3] in + show) + case $words[2] in + cookbook) + versioncomp=1 + _arguments '4:Cookbookversions:($(_cookbook_versions) latest)' + ;; + (node|client|role) + compadd "$@" --attribute + esac + esac + case $words[4] in + (show|edit) + _arguments '4:Subsubsubcommands:($(_chef_$words[2]_$words[3]s_remote))' + ;; + file) + _arguments '*:file or directory:_files -g "*.(rb|json)"' + ;; + list) + compadd -a "$@" knife_general_flags + ;; + *) + _arguments '*:Subsubcommands:($(_knife_options3))' + esac + ;; + knifesubcmd4) + if (( versioncomp > 0 )); then + compadd "$@" attributes definitions files libraries providers recipes resources templates + else + _arguments '*:Subsubcommands:($(_knife_options2))' + fi + ;; + knifesubcmd5) + _arguments '*:Subsubcommands:($(_knife_options3))' + esac +} + +# Helper functions to provide the argument completion for several depths of commands +_knife_options1() { + ( for line in $( knife $words[2] --help | grep -v "^knife" ); do echo $line | grep "\-\-"; done ) +} + +_knife_options2() { + ( for line in $( knife $words[2] $words[3] --help | grep -v "^knife" ); do echo $line | grep "\-\-"; done ) +} + +_knife_options3() { + ( for line in $( knife $words[2] $words[3] $words[4] --help | grep -v "^knife" ); do echo $line | grep "\-\-"; done ) +} + +# The chef_x_remote functions use knife to get a list of objects of type x on the server +_chef_roles_remote() { + (knife role list | grep \" | awk '{print $1}' | awk -F"," '{print $1}' | awk -F"\"" '{print $2}') +} + +_chef_clients_remote() { + (knife client list | grep \" | awk '{print $1}' | awk -F"," '{print $1}' | awk -F"\"" '{print $2}') +} + +_chef_nodes_remote() { + (knife node list | grep \" | awk '{print $1}' | awk -F"," '{print $1}' | awk -F"\"" '{print $2}') +} + +_chef_cookbooks_remote() { + (knife cookbook list | grep \" | awk '{print $1}' | awk -F"," '{print $1}' | awk -F"\"" '{print $2}') +} + +_chef_sitecookbooks_remote() { + (knife cookbook site list | grep \" | awk '{print $1}' | awk -F"," '{print $1}' | awk -F"\"" '{print $2}') +} + +_chef_data_bags_remote() { + (knife data bag list | grep \" | awk '{print $1}' | awk -F"," '{print $1}' | awk -F"\"" '{print $2}') +} + +# The chef_x_local functions use the knife config to find the paths of relevant objects x to be uploaded to the server +_chef_cookbooks_local() { + (for i in $( grep cookbook_path $HOME/.chef/knife.rb | awk 'BEGIN {FS = "[" }; {print $2}' | sed 's/\,//g' | sed "s/'//g" | sed 's/\(.*\)]/\1/' ); do ls $i; done) +} + +# This function extracts the available cookbook versions on the chef server +_cookbook_versions() { + (knife cookbook show $words[4] | grep -v $words[4] | grep -v -E '\]|\[|\{|\}' | sed 's/ //g' | sed 's/"//g') +} + +_knife "$@" diff --git a/dotfiles/zsh/completion/_node b/dotfiles/zsh/completion/_node new file mode 100644 index 0000000..f9ef3c7 --- /dev/null +++ b/dotfiles/zsh/completion/_node @@ -0,0 +1,66 @@ +#compdef node +# ------------------------------------------------------------------------------ +# Copyright (c) 2011 Github zsh-users - http://github.com/zsh-users +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the zsh-users nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL ZSH-USERS BE LIABLE FOR ANY +# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# ------------------------------------------------------------------------------ +# Description +# ----------- +# +# Completion script for Node.js v0.8.4 (http://nodejs.org) +# +# ------------------------------------------------------------------------------ +# Authors +# ------- +# +# * Mario Fernandez (https://github.com/sirech) +# * Nicholas Penree (https://github.com/drudge) +# +# ------------------------------------------------------------------------------ + +local curcontext="$curcontext" state line ret=1 +typeset -A opt_args + +_arguments -C \ + '(- 1 *)--help[print options help]' \ + '(- 1 *)'{-v,--version}'[print node version]' \ + '(--no-deprecation)--no-deprecation[silence deprecation warnings]' \ + '(--trace-deprecation)--trace-deprecation[show stack traces on deprecations]' \ + '(- 1 *)--v8-options[print v8 command line options]' \ + '(--max-stack-size)--max-stack-size=[set max v8 stack size (bytes)]' \ + '(-e --eval)'{-e,--eval}'[evaluate script]:Inline Script' \ + '(-i --interactive)'{-i,--interactive}'[always enter the REPL even if stdin does not appear to be a terminal]' \ + '(-p --print)'{-p,--print}'[print result of --eval]' \ + '(--vars)--vars[print various compiled-in variables]' \ + '*:JS Script:_files -g "*.js"' && ret=0 + +return ret + +# Local Variables: +# mode: Shell-Script +# sh-indentation: 2 +# indent-tabs-mode: nil +# sh-basic-offset: 2 +# End: +# vim: ft=zsh sw=2 ts=2 et diff --git a/dotfiles/zsh/completion/_nvm b/dotfiles/zsh/completion/_nvm new file mode 100644 index 0000000..2f6acc5 --- /dev/null +++ b/dotfiles/zsh/completion/_nvm @@ -0,0 +1,85 @@ +#compdef nvm +# ------------------------------------------------------------------------------ +# Description +# ----------- +# +# Completion script for nvm (https://github.com/creationix/nvm). +# +# ------------------------------------------------------------------------------ +# Authors +# ------- +# +# * Changwoo Park (https://github.com/pismute) +# +# ------------------------------------------------------------------------------ + +local curcontext="$curcontext" state line ret=1 + +local -a _1st_arguments +_1st_arguments=( + 'help:Show this message' + 'install:Download and install a ' + 'uninstall:Uninstall a ' + 'use:Modify PATH to use ' + 'run:Run with as arguments' + 'ls:List installed [versions]' + 'ls-remote:List remote versions available for install' + 'deactivate:Undo effects of NVM on current shell' + 'alias:Set an alias named pointing to . Show all aliases beginning with [].' + 'unalias:Deletes the alias named ' + 'copy-packages:Install global NPM packages contained in to current version' + 'clear-cache:Clear cache' + 'version:Show current node version' +) + +_arguments -C \ + '1: :->cmds' \ + '*: :->args' && ret=0 + +__nvm_aliases(){ + local aliases + aliases="" + if [ -d $NVM_DIR/alias ]; then + aliases="`cd $NVM_DIR/alias && ls`" + fi + echo "${aliases}" +} + +__nvm_versions(){ + echo "$(nvm_ls) $(__nvm_aliases)" +} + +case $state in + cmds) + _describe -t commands 'nvm command' _1st_arguments && ret=0 + ;; + + args) + case $words[2] in + (use|run|ls|list|install|uninstall|copy-packages) + + _values 'version' $(__nvm_versions) && ret=0 + ;; + + (alias|unalias) + + _values 'aliases' $(__nvm_aliases) && ret=0 + ;; + + *) + (( ret )) && _message 'no more arguments' + ;; + + esac + ;; +esac + +return ret + +# Local Variables: +# mode: Shell-Script +# sh-indentation: 2 +# indent-tabs-mode: nil +# sh-basic-offset: 2 +# End: +# vim: ft=zsh sw=2 ts=2 et diff --git a/dotfiles/zsh/completion/_openssl b/dotfiles/zsh/completion/_openssl new file mode 100644 index 0000000..1c48650 --- /dev/null +++ b/dotfiles/zsh/completion/_openssl @@ -0,0 +1,1695 @@ +#compdef openssl +# ------------------------------------------------------------------------------ +# Copyright (c) 2011 Github zsh-users - http://github.com/zsh-users +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# * Neither the name of the zsh-users nor the +# names of its contributors may be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +# DISCLAIMED. IN NO EVENT SHALL ZSH-USERS BE LIABLE FOR ANY +# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# ------------------------------------------------------------------------------ + +# openssl command [ command_opts ] [ command_args ] +# pseudo commands: +# openssl [ list-standard-commands | list-message-digest-commands | list-cipher-commands | list-cipher-algorithms | list-message-digest-algorithms | list-public-key-algorithms] + +_openssl() { + local openssl_commands cmd cmds + if [[ "$CURRENT" -lt 2 ]]; then + # I do not think this can happen... + return + elif [[ "$CURRENT" -eq 2 ]]; then + # first parameter, the command + openssl_commands=(${(f)"$(openssl list-standard-commands; \ + openssl list-message-digest-commands; \ + openssl list-cipher-commands)"} \ + list-standard-commands \ + list-message-digest-commands \ + list-cipher-commands \ + list-cipher-algorithms \ + list-message-digest-algorithms \ + list-public-key-algorithms) + _describe 'openssl commands' openssl_commands + else + # $CURRENT -gt 2 + cmd="${words[2]}" + # Note: we could use ${(k)functions} to get a list of all functions and + # filter those that start with _openssl_ + # but that would mean defining a new function *somewhere* might mess with + # the completion... + cmds=(asn1parse ca ciphers cms crl crl2pkcs7 dgst dh dhparam dsa dsaparam \ + ec ecparam enc engine errstr gendh gendsa genpkey genrsa nseq ocsp \ + passwd pkcs12 pkcs7 pkcs8 pkey pkeyparam pkeyutl prime rand req rsa \ + rsautl s_client s_server s_time sess_id smime speed spkac srp ts \ + verify version x509) + # check if $cmd is in $cmds, the list of supported commands + if [[ "${cmds[(r)$cmd]}" == "${cmd}" ]]; then + # we should be able to complete $cmd + # run _openssl_$cmd with the remaining words from the command line + shift words + (( CURRENT-- )) + _openssl_${cmd} + elif [[ "${${(@f)"$(openssl list-cipher-commands)"}[(r)$cmd]}" == "${cmd}" ]]; then + # $cmd is a cipher command, which is practically an alias to enc + shift words + (( CURRENT-- )) + _openssl_enc + elif [[ "${${(@f)"$(openssl list-message-digest-commands)"}[(r)$cmd]}" == "${cmd}" ]]; then + # $cmd is a message digest command, which is practically an alias to dgst + shift words + (( CURRENT-- )) + _openssl_dgst + fi + fi +} + + +_openssl_asn1parse() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format - one of DER PEM]:format:(DER PEM)' \ + '-in[input file]:file:_files' \ + '-out[output file (output format is always DER]:file:_files' \ + "-noout[don't produce any output]" \ + '-offset[offset into file]:number: ' \ + '-length[length of section in file]:number: ' \ + '-i[indent entries]' \ + '-dump[dump unknown data in hex form]' \ + '-dlimit[dump the first arg bytes of unknown data in hex form]:number: ' \ + '-oid[file of extra oid definitions]:file:_files' \ + "-strparse[a series of these can be used to 'dig' into multiple ASN1 blob wrappings]:offset:" \ + '-genstr[string to generate ASN1 structure from]:str:' \ + '-genconf[file to generate ASN1 structure from]:file:_files' +} + + +_openssl_ca() { + # written for openssl 1.0.1k + _arguments -C \ + '-verbose[talk alot while doing things]' \ + '-config[a config file]:file:_files' \ + '-name[the particular CA definition to use]:section: ' \ + '-gencrl[generate a new CRL]' \ + '-crldays[days is when the next CRL is due]:days: ' \ + '-crlhours[hours is when the next CRL is due]:hours: ' \ + '-startdate[certificate validity notBefore]:date: ' \ + '-enddate[certificate validity notAfter (overrides -days)]:date: ' \ + '-days[number of days to certify the certificate for]:days: ' \ + '-md[md to use, one of md2, md5, sha or sha1]:alg:(md2 md5 sha sha1)' \ + "-policy[the CA 'policy' to support]:policy: " \ + '-keyfile[private key file]:file:_files' \ + '-keyform[private key file format (PEM or ENGINE)]:format:(PEM ENGINE)' \ + '-key[key to decode the private key if it is encrypted]:password: ' \ + '-cert[the CA certificate]:file:_files' \ + '-selfsign[sign a certificate with the key associated with it]' \ + '-in[the input PEM encoded certificate request(s)]:file:_files' \ + '-out[where to put the output file(s)]:file:_files' \ + '-outdir[where to put output certificates]:dir:_files -/' \ + '-infiles[the last argument, requests to process]:*:files:_files' \ + '-spkac[file contains DN and signed public key and challenge]:file:_files' \ + '-ss_cert[file contains a self signed cert to sign]:file:_files' \ + "-preserveDN[don't re-order the DN]" \ + "-noemailDN[don't add the EMAIL field into certificate' subject]" \ + "-batch[don't ask questions]" \ + '-msie_hack[msie modifications to handle all those universal strings]' \ + '-revoke[revoke a certificate (given in file)]:file:_files' \ + "-subj[use arg instead of request's subject]:subject: " \ + '-utf8[input characters are UTF8 (default ASCII)]' \ + '-multivalue-rdn[enable support for multivalued RDNs]' \ + '-extensions[extension section (override value in config file)]:section: ' \ + '-extfile[configuration file with X509v3 extentions to add]:file:_files' \ + '-crlexts[CRL extension section (override value in config file)]:section: ' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-status[shows certificate status given the serial number]:serial: ' \ + '-updatedb[updates db for expired certificates]' +} + + +_openssl_ciphers() { + # written for openssl 1.0.1k + _arguments -C \ + '-v[verbose mode, a textual listing of the SSL/TLS ciphers in OpenSSL]' \ + '-V[even more verbose]' \ + '-ssl2[SSL2 mode]' \ + '-ssl3[SSL3 mode]' \ + '-tls1[TLS1 mode]' \ + ':cipher suite:_list_ciphers' +} + + +_openssl_cms() { + # written for openssl 1.0.1k + _arguments -C \ + '-encrypt[encrypt message]' \ + '-decrypt[decrypt encrypted message]' \ + '-sign[sign message]' \ + '-verify[verify signed message]' \ + '-cmsout[output CMS structure]' \ + '-des3[encrypt with triple DES]' \ + '-des[encrypt with DES]' \ + '-seed[encrypt with SEED]' \ + '-rc2-40[encrypt with RC2-40 (default)]' \ + '-rc2-64[encrypt with RC2-64]' \ + '-rc2-128[encrypt with RC2-128]' \ + '-aes128[encrypt PEM output with cbc aes]' \ + '-aes192[encrypt PEM output with cbc aes]' \ + '-aes256[encrypt PEM output with cbc aes]' \ + '-camellia128[encrypt PEM output with cbc camellia]' \ + '-camellia192[encrypt PEM output with cbc camellia]' \ + '-camellia256[encrypt PEM output with cbc camellia]' \ + "-nointern[don't search certificates in message for signer]" \ + "-nosigs[don't verify message signature]" \ + "-noverify[don't verify signers certificate]" \ + "-nocerts[don't include signers certificate when signing]" \ + '-nodetach[use opaque signing]' \ + "-noattr[don't include any signed attributes]" \ + "-binary[don't translate message to text]" \ + '-certfile[other certificates file]:file:_files' \ + '-certsout[certificate output file]:file:_files' \ + '-signer[signer certificate file]:file:_files' \ + '-recip[recipient certificate file for decryption]:file:_files' \ + '-keyid[use subject key identifier]' \ + '-in[input file]:file:_files' \ + '-inform[input format SMIME (default), PEM or DER]:format:(SMIME PEM DER)' \ + '-inkey[input private key (if not signer or recipient)]:file:_files' \ + '-keyform[input private key format (PEM or ENGINE)]:format:(PEM ENGINE)' \ + '-out[output file]:file:_files' \ + '-outform[output format SMIME (default), PEM or DER]:format:(SMIME PEM DER)' \ + '-content[supply or override content for detached signature]:file:_files' \ + '-to[to address mail head]:address: ' \ + '-from[from address mail head]:address: ' \ + '-subject[subject mail head]:subject: ' \ + '-text[include or delete text MIME headers]' \ + '-CApath[trusted certificates directory]:dir:_files -/' \ + '-CAfile[trusted certificates file]:file:_files' \ + "-crl_check[check revocation status of signer's certificate using CRLs]" \ + "-crl_check_all[check revocation status of signer's certificate chain using CRLs]" \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '*:certificate:_files' +} + + +_openssl_crl() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format - default PEM (DER or PEM)]:format:(PEM DER)' \ + '-outform[output format - default PEM]:format:(PEM DER)' \ + '-text[print out a text format version]' \ + '-in[input file - default stdin]:file:_files' \ + '-out[output file - default stdout]:file:_files' \ + '-hash[print hash value]' \ + '-hash_old[print old-style (MD5) hash value]' \ + '-fingerprint[print the crl fingerprint]' \ + '-issuer[print issuer DN]' \ + '-lastupdate[print lastUpdate field]' \ + '-nextupdate[print nextUpdate field]' \ + '-crlnumber[print CRL number]' \ + '-noout[no CRL output]' \ + '-CAfile[verify CRL using certificates in the specified file]:file:_files' \ + '-CApath[verify CRL using certificates in the specified directory]:dir:_files -/' \ + '*-nameopt[various certificate name options]:options:_nameopts' +} + + +_openssl_crl2pkcs7() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format - DER or PEM]:format:(PEM DER)' \ + '-outform[output format - DER or PEM]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-certfile[certificates file of chain to a trusted CA (can be used more than once)]:file:_files' \ + "-nocrl[no crl to load, just certs from '-certfile']" +} + + +_openssl_dgst() { + # written for openssl 1.0.1k + local digests + digests=(-dss1 -md4 -md5 -mdc2 -ripemd160 -sha -sha1 -sha224 -sha256 -sha384 -sha512 -whirlpool) + # -hmac is listed twice because it's documented twice by openssl + _arguments -C -A '-*' \ + '(-r -hex -binary)-c[to output the digest with separating colons]' \ + '(-c -hex -binary)-r[to output the digest in coreutils format]' \ + '-d[to output debug info]' \ + '(-c -r -binary)-hex[output as hex dump]' \ + '(-c -r -hex)-binary[output in binary form]' \ + '-hmac[set the HMAC key to arg]:key: ' \ + '-non-fips-allow[allow use of non FIPS digest]' \ + '-sign[sign digest using private key in the specified file]:file:_files' \ + '-verify[verify a signature using public key in the specified file]:file:_files' \ + '-prverify[verify a signature using private key in the specified file]:file:_files' \ + '-keyform[key file format (PEM or ENGINE)]:format:(PEM ENGINE)' \ + '-out[output to filename rather than stdout]:file:_files' \ + '-signature[signature to verify]:file:_files' \ + '-sigopt[signature parameter]:nm\:v: ' \ + '-hmac[create hashed MAC with key]:key: ' \ + '-mac[create MAC (not neccessarily HMAC)]:algorithm: ' \ + '-macopt[MAC algorithm parameters or key]:nm\:v: ' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + "($digests)-dss1[use the dss1 message digest algorithm]" \ + "($digests)-md4[to use the md4 message digest algorithm]" \ + "($digests)-md5[to use the md5 message digest algorithm]" \ + "($digests)-mdc2[to use the mdc2 message digest algorithm]" \ + "($digests)-ripemd160[to use the ripemd160 message digest algorithm]" \ + "($digests)-sha[to use the sha message digest algorithm]" \ + "($digests)-sha1[to use the sha1 message digest algorithm]" \ + "($digests)-sha224[to use the sha224 message digest algorithm]" \ + "($digests)-sha256[to use the sha256 message digest algorithm]" \ + "($digests)-sha384[to use the sha384 message digest algorithm]" \ + "($digests)-sha512[to use the sha512 message digest algorithm]" \ + "($digests)-whirlpool[to use the whirlpool message digest algorithm]" \ + '*:file:_files' +} + + +_openssl_dh() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-check[check the DH parameters]' \ + '-text[print a text form of the DH parameters]' \ + '-C[output C code]' \ + '-noout[no output]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_dhparam() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-dsaparam[read or generate DSA parameters, convert to DH]' \ + '-check[check the DH parameters]' \ + '-text[print a text form of the DH parameters]' \ + '-C[output C code]' \ + '-2[generate parameters using 2 as the generator value]' \ + '-5[generate parameters using 5 as the generator value]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-noout[no output]' \ + ':numbits: ' +} + + +_openssl_dsa() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-passin[input file pass phrase source]:file:_files' \ + '-out[output file]:file:_files' \ + '-passout[output file pass phrase source]:file:_files' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-des[encrypt PEM output with cbc des]' \ + '-des3[encrypt PEM output with ede cbc des using 168 bit key]' \ + '-idea[encrypt PEM output with cbc idea]' \ + '-aes128[encrypt PEM output with cbc aes]' \ + '-aes192[encrypt PEM output with cbc aes]' \ + '-aes256[encrypt PEM output with cbc aes]' \ + '-camellia128[encrypt PEM output with cbc camellia]' \ + '-camellia192[encrypt PEM output with cbc camellia]' \ + '-camellia256[encrypt PEM output with cbc camellia]' \ + '-seed[encrypt PEM output with cbc seed]' \ + '-text[print the key in text]' \ + "-noout[don't print key out]" \ + '-modulus[print the DSA public value]' +} + + +_openssl_dsaparam() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-text[print as text]' \ + '-C[output C code]' \ + '-noout[no output]' \ + '-genkey[generate a DSA key]' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + ':numbits: ' +} + + +_openssl_ec() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-passin[input file pass phrase source]:file:_files' \ + '-out[output file]:file:_files' \ + '-passout[output file pass phrase source]:file:_files' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + "-des[encrypt PEM output, instead of 'des' every other cipher supported by OpenSSL can be used]" \ + '-text[print the key]' \ + "-noout[don't print key out]" \ + '-param_out[print the elliptic curve parameters]' \ + '-conv_form[specifies the point conversion form]:form:(compressed uncompressed hybrid)' \ + '-param_enc[specifies the way the ec parameters are encoded in the asn1 der encoding]:encoding:(named_curve explicit)' +} + + +_openssl_ecparam() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file - default stdin]:file:_files' \ + '-out[output file - default stdout]:file:_files' \ + '-noout[do not print the ec parameter]' \ + '-text[print the ec parameters in text form]' \ + '-check[validate the ec parameters]' \ + "-C[print a 'C' function creating the parameters]" \ + "-name[use the ec parameters with 'short name' name]:name: " \ + "-list_curves[prints a list of all currently available curve 'short names']" \ + '-conv_form[specifies the point conversion form]:form:(compressed uncompressed hybrid)' \ + '-param_enc[specifies the way the ec parameters are encoded in the asn1 der encoding]:encoding:(named_curve explicit)' \ + "-no_seed[if 'explicit' parameters are chosen do not use the seed]" \ + '-genkey[generate ec key]' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_enc() { + # written for openssl 1.0.1k + local ciphers + ciphers=(-aes-128-cbc -aes-128-cbc-hmac-sha1 -aes-128-cfb -aes-128-cfb1 \ + -aes-128-cfb8 -aes-128-ctr -aes-128-ecb -aes-128-gcm -aes-128-ofb \ + -aes-128-xts -aes-192-cbc -aes-192-cfb -aes-192-cfb1 -aes-192-cfb8 \ + -aes-192-ctr -aes-192-ecb -aes-192-gcm -aes-192-ofb -aes-256-cbc \ + -aes-256-cbc-hmac-sha1 -aes-256-cfb -aes-256-cfb1 -aes-256-cfb8 \ + -aes-256-ctr -aes-256-ecb -aes-256-gcm -aes-256-ofb -aes-256-xts \ + -aes128 -aes192 -aes256 -bf -bf-cbc -bf-cfb -bf-ecb -bf-ofb \ + -blowfish -camellia-128-cbc -camellia-128-cfb -camellia-128-cfb1 \ + -camellia-128-cfb8 -camellia-128-ecb -camellia-128-ofb \ + -camellia-192-cbc -camellia-192-cfb -camellia-192-cfb1 \ + -camellia-192-cfb8 -camellia-192-ecb -camellia-192-ofb \ + -camellia-256-cbc -camellia-256-cfb -camellia-256-cfb1 \ + -camellia-256-cfb8 -camellia-256-ecb -camellia-256-ofb \ + -camellia128 -camellia192 -camellia256 -cast -cast-cbc -cast5-cbc \ + -cast5-cfb -cast5-ecb -cast5-ofb -des -des-cbc -des-cfb -des-cfb1 \ + -des-cfb8 -des-ecb -des-ede -des-ede-cbc -des-ede-cfb -des-ede-ofb \ + -des-ede3 -des-ede3-cbc -des-ede3-cfb -des-ede3-cfb1 \ + -des-ede3-cfb8 -des-ede3-ofb -des-ofb -des3 -desx -desx-cbc \ + -id-aes128-GCM -id-aes192-GCM -id-aes256-GCM -idea -idea-cbc \ + -idea-cfb -idea-ecb -idea-ofb -rc2 -rc2-40-cbc -rc2-64-cbc \ + -rc2-cbc -rc2-cfb -rc2-ecb -rc2-ofb -rc4 -rc4-40 -rc4-hmac-md5 \ + -rc5 -rc5-cbc -rc5-cfb -rc5-ecb -rc5-ofb -seed -seed-cbc -seed-cfb \ + -seed-ecb -seed-ofb) + _arguments -C \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-pass[pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-e[encrypt]' \ + '-d[decrypt]' \ + '(-a -base64)'{-a,-base64}'[base64 encode/decode, depending on encryption flag]' \ + '-k[the password to derive the key from]:password: ' \ + '-kfile[read the password to derive the key from the first line of the file]:file:_files' \ + '-md[the md to use to create a key from a passphrase]:alg:(md2 md5 sha sha1)' \ + '-S[the actual salt to use]:salt: ' \ + '-K[the actual key to use]:key: ' \ + '-iv[the actual IV to use]:IV: ' \ + '-p[print out the key and IV used]' \ + '-P[print out the key and IV used the exit]' \ + '-bufsize[set the buffer size for I/O]:size: ' \ + '-nopad[disable standard block padding]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + "(${ciphers})-aes-128-cbc[cipher types]" \ + "(${ciphers})-aes-128-cbc-hmac-sha1[cipher types]" \ + "(${ciphers})-aes-128-cfb[cipher types]" \ + "(${ciphers})-aes-128-cfb1[cipher types]" \ + "(${ciphers})-aes-128-cfb8[cipher types]" \ + "(${ciphers})-aes-128-ctr[cipher types]" \ + "(${ciphers})-aes-128-ecb[cipher types]" \ + "(${ciphers})-aes-128-gcm[cipher types]" \ + "(${ciphers})-aes-128-ofb[cipher types]" \ + "(${ciphers})-aes-128-xts[cipher types]" \ + "(${ciphers})-aes-192-cbc[cipher types]" \ + "(${ciphers})-aes-192-cfb[cipher types]" \ + "(${ciphers})-aes-192-cfb1[cipher types]" \ + "(${ciphers})-aes-192-cfb8[cipher types]" \ + "(${ciphers})-aes-192-ctr[cipher types]" \ + "(${ciphers})-aes-192-ecb[cipher types]" \ + "(${ciphers})-aes-192-gcm[cipher types]" \ + "(${ciphers})-aes-192-ofb[cipher types]" \ + "(${ciphers})-aes-256-cbc[cipher types]" \ + "(${ciphers})-aes-256-cbc-hmac-sha1[cipher types]" \ + "(${ciphers})-aes-256-cfb[cipher types]" \ + "(${ciphers})-aes-256-cfb1[cipher types]" \ + "(${ciphers})-aes-256-cfb8[cipher types]" \ + "(${ciphers})-aes-256-ctr[cipher types]" \ + "(${ciphers})-aes-256-ecb[cipher types]" \ + "(${ciphers})-aes-256-gcm[cipher types]" \ + "(${ciphers})-aes-256-ofb[cipher types]" \ + "(${ciphers})-aes-256-xts[cipher types]" \ + "(${ciphers})-aes128[cipher types]" \ + "(${ciphers})-aes192[cipher types]" \ + "(${ciphers})-aes256[cipher types]" \ + "(${ciphers})-bf[cipher types]" \ + "(${ciphers})-bf-cbc[cipher types]" \ + "(${ciphers})-bf-cfb[cipher types]" \ + "(${ciphers})-bf-ecb[cipher types]" \ + "(${ciphers})-bf-ofb[cipher types]" \ + "(${ciphers})-blowfish[cipher types]" \ + "(${ciphers})-camellia-128-cbc[cipher types]" \ + "(${ciphers})-camellia-128-cfb[cipher types]" \ + "(${ciphers})-camellia-128-cfb1[cipher types]" \ + "(${ciphers})-camellia-128-cfb8[cipher types]" \ + "(${ciphers})-camellia-128-ecb[cipher types]" \ + "(${ciphers})-camellia-128-ofb[cipher types]" \ + "(${ciphers})-camellia-192-cbc[cipher types]" \ + "(${ciphers})-camellia-192-cfb[cipher types]" \ + "(${ciphers})-camellia-192-cfb1[cipher types]" \ + "(${ciphers})-camellia-192-cfb8[cipher types]" \ + "(${ciphers})-camellia-192-ecb[cipher types]" \ + "(${ciphers})-camellia-192-ofb[cipher types]" \ + "(${ciphers})-camellia-256-cbc[cipher types]" \ + "(${ciphers})-camellia-256-cfb[cipher types]" \ + "(${ciphers})-camellia-256-cfb1[cipher types]" \ + "(${ciphers})-camellia-256-cfb8[cipher types]" \ + "(${ciphers})-camellia-256-ecb[cipher types]" \ + "(${ciphers})-camellia-256-ofb[cipher types]" \ + "(${ciphers})-camellia128[cipher types]" \ + "(${ciphers})-camellia192[cipher types]" \ + "(${ciphers})-camellia256[cipher types]" \ + "(${ciphers})-cast[cipher types]" \ + "(${ciphers})-cast-cbc[cipher types]" \ + "(${ciphers})-cast5-cbc[cipher types]" \ + "(${ciphers})-cast5-cfb[cipher types]" \ + "(${ciphers})-cast5-ecb[cipher types]" \ + "(${ciphers})-cast5-ofb[cipher types]" \ + "(${ciphers})-des[cipher types]" \ + "(${ciphers})-des-cbc[cipher types]" \ + "(${ciphers})-des-cfb[cipher types]" \ + "(${ciphers})-des-cfb1[cipher types]" \ + "(${ciphers})-des-cfb8[cipher types]" \ + "(${ciphers})-des-ecb[cipher types]" \ + "(${ciphers})-des-ede[cipher types]" \ + "(${ciphers})-des-ede-cbc[cipher types]" \ + "(${ciphers})-des-ede-cfb[cipher types]" \ + "(${ciphers})-des-ede-ofb[cipher types]" \ + "(${ciphers})-des-ede3[cipher types]" \ + "(${ciphers})-des-ede3-cbc[cipher types]" \ + "(${ciphers})-des-ede3-cfb[cipher types]" \ + "(${ciphers})-des-ede3-cfb1[cipher types]" \ + "(${ciphers})-des-ede3-cfb8[cipher types]" \ + "(${ciphers})-des-ede3-ofb[cipher types]" \ + "(${ciphers})-des-ofb[cipher types]" \ + "(${ciphers})-des3[cipher types]" \ + "(${ciphers})-desx[cipher types]" \ + "(${ciphers})-desx-cbc[cipher types]" \ + "(${ciphers})-id-aes128-GCM[cipher types]" \ + "(${ciphers})-id-aes192-GCM[cipher types]" \ + "(${ciphers})-id-aes256-GCM[cipher types]" \ + "(${ciphers})-idea[cipher types]" \ + "(${ciphers})-idea-cbc[cipher types]" \ + "(${ciphers})-idea-cfb[cipher types]" \ + "(${ciphers})-idea-ecb[cipher types]" \ + "(${ciphers})-idea-ofb[cipher types]" \ + "(${ciphers})-rc2[cipher types]" \ + "(${ciphers})-rc2-40-cbc[cipher types]" \ + "(${ciphers})-rc2-64-cbc[cipher types]" \ + "(${ciphers})-rc2-cbc[cipher types]" \ + "(${ciphers})-rc2-cfb[cipher types]" \ + "(${ciphers})-rc2-ecb[cipher types]" \ + "(${ciphers})-rc2-ofb[cipher types]" \ + "(${ciphers})-rc4[cipher types]" \ + "(${ciphers})-rc4-40[cipher types]" \ + "(${ciphers})-rc4-hmac-md5[cipher types]" \ + "(${ciphers})-rc5[cipher types]" \ + "(${ciphers})-rc5-cbc[cipher types]" \ + "(${ciphers})-rc5-cfb[cipher types]" \ + "(${ciphers})-rc5-ecb[cipher types]" \ + "(${ciphers})-rc5-ofb[cipher types]" \ + "(${ciphers})-seed[cipher types]" \ + "(${ciphers})-seed-cbc[cipher types]" \ + "(${ciphers})-seed-cfb[cipher types]" \ + "(${ciphers})-seed-ecb[cipher types]" \ + "(${ciphers})-seed-ofb[cipher types]" +} + + +_openssl_engine() { + # written for openssl 1.0.1k + _arguments -C \ + '(-vv -vvv -vvvv)-v[verbose mode, for each engine, list its "control commands"]' \ + "(-v -vvv -vvvv)-vv[like -v, but additionally display each command's description]" \ + '(-v -vv -vvvv)-vvv[like -vv, but also add the input flags for each command]' \ + '(-v -vv -vvv)-vvvv[like -vvv, but also show internal input flags]' \ + '-c[for each engine, also list the capabilities]' \ + '(-tt)-t[for each engine, check that they are really available]' \ + '(-t)-tt[display error trace for unavailable engines]' \ + "-pre[runs command 'cmd' against the ENGINE before any attempts to load it (if -t is used)]:cmd: " \ + "-post[runs command 'cmd' against the ENGINE after loading it (only used if -t is also provided)]:cmd: " \ + '*:engine:_engines' + # TODO: can cmd (for -pre and -post) be completed? +} + + +_openssl_errstr() { + # written for openssl 1.0.1k + # written for openssl 1.0.2a + _arguments -C \ + '-stats' \ + ':errno: ' +} + + +_openssl_gendh() { + # written for openssl 1.0.1k + _arguments -C \ + "-out[output the key to 'file']:file:_files" \ + '-2[use 2 as the generator value]' \ + '-5[use 5 as the generator value]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + ':numbits: ' +} + + +_openssl_gendsa() { + # written for openssl 1.0.1k + _arguments -C \ + "-out[output the key to 'file']:file:_files" \ + '-des[encrypt the generated key with DES in cbc mode]' \ + '-des3[encrypt the generated key with DES in ede cbc mode (168 bit key)]' \ + '-idea[encrypt the generated key with IDEA in cbc mode]' \ + '-seed[encrypt PEM output with cbc seed]' \ + '-aes128[encrypt PEM output with cbc aes]' \ + '-aes192[encrypt PEM output with cbc aes]' \ + '-aes256[encrypt PEM output with cbc aes]' \ + '-camellia128[encrypt PEM output with cbc camellia]' \ + '-camellia192[encrypt PEM output with cbc camellia]' \ + '-camellia256[encrypt PEM output with cbc camellia]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + ':dsaparam-file:_files' +} + + +_openssl_genpkey() { + # written for openssl 1.0.1k + local ciphers cipher_opts + ciphers=( ${$(openssl list-cipher-algorithms | cut -d' ' -f1)} ) + cipher_opts=() + for alg in ${ciphers}; do + cipher_opts=(${cipher_opts} "(${${(l:32:: ::-:)ciphers[@]}// / })-${alg}[use this cipher to encrypt the key]") + done + _arguments -C \ + '-out[output file]:file:_files' \ + '-outform[output format]:format:(PEM DER)' \ + '-pass[output file pass phrase source]:pass phrase source:_pass_phrase_source' \ + $cipher_opts \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '(-algorithm)-paramfile[parameters file]:file:_files' \ + '(-paramfile)-algorithm[the public key algorithm]:algorithm:(EC RSA DSA DH)' \ + '-pkeyopt[public key options]:option\:value: ' \ + '-genparam[generate parameters, not key]' \ + '-text[print the in text]' + # NB: options order may be important! See the manual page. + # TODO: complete pkeyopts + # However: "The precise set of options supported depends on the public key + # algorithm used and its implementation." +} + + +_openssl_genrsa() { + # written for openssl 1.0.1k + _arguments -C \ + '-des[encrypt the generated key with DES in cbc mode]' \ + '-des3[encrypt the generated key with DES in ede cbc mode (168 bit key)]' \ + '-idea[encrypt the generated key with IDEA in cbc mode]' \ + '-seed[encrypt PEM output with cbc seed]' \ + '-aes128[encrypt PEM output with cbc aes]' \ + '-aes192[encrypt PEM output with cbc aes]' \ + '-aes256[encrypt PEM output with cbc aes]' \ + '-camellia128[encrypt PEM output with cbc camellia]' \ + '-camellia192[encrypt PEM output with cbc camellia]' \ + '-camellia256[encrypt PEM output with cbc camellia]' \ + '-out[output the key to file]:file:_files' \ + '-passout[output file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-f4[use F4 (0x10001) for the E value]' \ + '-3[use 3 for the E value]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + ':numbits: ' +} + + +_openssl_nseq() { + # written for openssl 1.0.1k + _arguments -C \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-toseq[output NS Sequence file]' +} + + +_openssl_ocsp() { + # written for openssl 1.0.1k + _arguments -C \ + '-out[output filename]:file:_files' \ + '-issuer[issuer certificate]:file:_files' \ + '-cert[certificate to check]:file:_files' \ + '-serial[serial number to check]:serial: ' \ + '-signer[certificate to sign OCSP request with]:file:_files' \ + '-signkey[private key to sign OCSP request with]:file:_files' \ + '-sign_other[additional certificates to include in signed request]:file:_files' \ + "-no_certs[don't include any certificates in signed request]" \ + '-req_text[print text form of request]' \ + '-resp_text[print text form of response]' \ + '-text[print text form of request and response]' \ + '-reqout[write DER encoded OCSP request to "file"]:file:_files' \ + '-respout[write DER encoded OCSP reponse to "file"]:file:_files' \ + '-reqin[read DER encoded OCSP request from "file"]:file:_files' \ + '-respin[read DER encoded OCSP reponse from "file"]:file:_files' \ + '-nonce[add OCSP nonce to request]' \ + "-no_nonce[don't add OCSP nonce to request]" \ + '-url[OCSP responder URL]:URL: ' \ + '-host[send OCSP request to given host on given port]:host\:port: ' \ + '-path[path to use in OCSP request]' \ + '-CApath[trusted certificates directory]:directory:_files -/' \ + '-CAfile[trusted certificates file]:file:_files' \ + '-VAfile[validator certificates file]:file:_files' \ + '-validity_period[maximum validity discrepancy in seconds]:seconds: ' \ + '-status_age[maximum status age in seconds]:seconds: ' \ + "-noverify[don't verify response at all]" \ + '-verify_other[additional certificates to search for signer]:file:_files' \ + "-trust_other[don't verify additional certificates]" \ + "-no_intern[don't search certificates contained in response for signer]" \ + "-no_signature_verify[don't check signature on response]" \ + "-no_cert_verify[don't check signing certificate]" \ + "-no_chain[don't chain verify response]" \ + "-no_cert_checks[don't do additional checks on signing certificate]" \ + '-port[port to run responder on]:port: ' \ + '-index[certificate status index file]:file:_files' \ + '-CA[CA certificate]:file:_files' \ + '-rsigner[responder certificate to sign responses with]:file:_files' \ + '-rkey[responder key to sign responses with]:file:_files' \ + '-rother[other certificates to include in response]:file:_files' \ + "-resp_no_certs[don't include any certificates in response]" \ + '-nmin[number of minutes before next update]:minutes: ' \ + '-ndays[number of days before next update]:days: ' \ + '-resp_key_id[identify reponse by signing certificate key ID]' \ + '-nrequest[number of requests to accept (default unlimited)]:limit: ' \ + '-dss1[use specified digest in the request]' \ + '-md4[use specified digest in the request]' \ + '-md5[use specified digest in the request]' \ + '-mdc2[use specified digest in the request]' \ + '-ripemd160[use specified digest in the request]' \ + '-ripemd[use specified digest in the request]' \ + '-rmd160[use specified digest in the request]' \ + '-sha1[use specified digest in the request]' \ + '-sha224[use specified digest in the request]' \ + '-sha256[use specified digest in the request]' \ + '-sha384[use specified digest in the request]' \ + '-sha512[use specified digest in the request]' \ + '-sha[use specified digest in the request]' \ + '-ssl2-md5[use specified digest in the request]' \ + '-ssl3-md5[use specified digest in the request]' \ + '-ssl3-sha1[use specified digest in the request]' \ + '-whirlpool[use specified digest in the request]' \ + '-timeout[timeout connection to OCSP responder after n seconds]:seconds: ' +} + + +_openssl_passwd() { + # written for openssl 1.0.1k + _arguments -C \ + '-crypt[standard Unix password algorithm (default)]' \ + '-1[MD5-based password algorithm]' \ + '-apr1[MD5-based password algorithm, Apache variant]' \ + '-salt[use provided salt]:salt: ' \ + '-in[read passwords from file]:file:_files' \ + '-stdin[read passwords from stdin]' \ + '-noverify[never verify when reading password from terminal]' \ + '-quiet[no warnings]' \ + '-table[format output as table]' \ + '-reverse[switch table columns]' \ + '*:password:' +} + + +_openssl_pkcs12() { + # written for openssl 1.0.2d + local algorithms + algorithms=(aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc \ + aes-256-ecb bf-cbc bf-cfb bf-ecb bf-ofb camellia-128-cbc \ + camellia-128-ecb camellia-192-cbc camellia-192-ecb \ + camellia-256-cbc camellia-256-ecb cast-cbc cast5-cbc cast5-cfb \ + cast5-ecb cast5-ofb des-cbc des-cfb des-ecb des-ede des-ede-cbc \ + des-ede-cfb des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb \ + des-ede3-ofb des-ofb idea-cbc idea-cfb idea-ecb idea-ofb \ + rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc4 \ + rc4-40 rc5-cbc rc5-cfb rc5-ecb rc5-ofb seed-cbc seed-cfb \ + seed-ecb seed-ofb PBE-MD2-DES PBE-MD5-DES PBE-SHA1-RC2-64 \ + PBE-MD2-RC2-64 PBE-MD5-RC2-64 PBE-SHA1-DES PBE-SHA1-RC4-128 \ + PBE-SHA1-RC4-40 PBE-SHA1-3DES PBE-SHA1-2DES PBE-SHA1-RC2-128 \ + PBE-SHA1-RC2-40) + _arguments -C \ + '-export[output PKCS12 file]' \ + '-chain[add certificate chain]' \ + '-inkey[private key if not infile]:file:_files' \ + '-certfile[add all certs in the specified file]:file:_files' \ + "-CApath[PEM format directory of CA's]:file:_files" \ + "-CAfile[PEM format file of CA's]:file:_files" \ + '-name[use specified friendly name]:name: ' \ + '*-caname[use specified CA friendly name]:name: ' \ + '-in[input filename]:file:_files' \ + '-out[output filename]:file:_files' \ + "-noout[don't output anything, just verify]" \ + "-nomacver[don't verify MAC]" \ + "-nocerts[don't output certificates]" \ + '-clcerts[only output client certificates]' \ + '-cacerts[only output CA certificates]' \ + "-nokeys[don't output private keys]" \ + '-info[give info about PKCS#12 structure]' \ + '-des[encrypt private keys with DES]' \ + '-des3[encrypt private keys with triple DES (default)]' \ + '-idea[encrypt private keys with idea]' \ + '-seed[encrypt private keys with seed]' \ + '-aes128[encrypt PEM output with cbc aes]' \ + '-aes192[encrypt PEM output with cbc aes]' \ + '-aes256[encrypt PEM output with cbc aes]' \ + '-camellia128[encrypt PEM output with cbc camellia]' \ + '-camellia192[encrypt PEM output with cbc camellia]' \ + '-camellia256[encrypt PEM output with cbc camellia]' \ + "-nodes[don't encrypt private keys]" \ + "-noiter[don't use encryption iteration]" \ + "-nomaciter[don't use MAC iteration]" \ + '-maciter[use MAC iteration]' \ + "-nomac[don't generate MAC]" \ + '-twopass[separate MAC, encryption passwords]' \ + '-descert[encrypt PKCS#12 certificates with triple DES (default RC2-40)]' \ + "-certpbe[specify certificate PBE algorithm (default RC2-40)]:alg:(${algorithms})" \ + '-keypbe[specify private key PBE algorithm (default 3DES)]:alg:(${algorithms})' \ + '-macalg[digest algorithm used in MAC (default SHA1)]:alg:_list_message_digest_algorithms' \ + '-keyex[set MS key exchange type]' \ + '-keysig[set MS key signature type]' \ + '-password[set import/export password source]:pass phrase source:_pass_phrase_source' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-passout[output file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-CSP[Microsoft CSP name]:name: ' \ + '-LMK[add local machine keyset attribute to private key]' +} + + +_openssl_pkcs7() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-print_certs[print any certs or crl in the input]' \ + '-text[print full details of certificates]' \ + "-noout[don't output encoded data]" \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_pkcs8() { + # written for openssl 1.0.2d + _arguments -C \ + '-in[input file]:file:_files' \ + '-inform[input format]:format:(PEM DER)' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-outform[output format]:format:(PEM DER)' \ + '-out[output file]:file:_files' \ + '-passout[output file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-topk8[output PKCS8 file]' \ + '-nooct[use (nonstandard) no octet format]' \ + '-embed[use (nonstandard) embedded DSA parameters format]' \ + '-nsdb[use (nonstandard) DSA Netscape DB format]' \ + '-noiter[use 1 as iteration count]' \ + '-nocrypt[use or expect unencrypted private key]' \ + '-v2[use PKCS#5 v2.0 and given cipher]:alg:(aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc aes-256-ecb bf bf-cbc bf-cfb bf-ecb bf-ofb camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb camellia-256-cbc camellia-256-ecb cast cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb des3 desx idea idea-cbc idea-cfb idea-ecb idea-ofb rc2 rc2-40-cbc rc2-64-cbc rc2-cbc rc2-cfb rc2-ecb rc2-ofb rc4 rc4-40 rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb seed seed-cbc seed-cfb seed-ecb seed-ofb)' \ + '-v2prf[set the PRF algorithm to use with PKCS#5 v2.0]:alg:(hmacWithMD5 hmacWithRMD160 hmacWithSHA1 hmacWithSHA224 hmacWithSHA256 hmacWithSHA384 hmacWithSHA512)' \ + '-v1[use PKCS#5 v1.5 and given cipher]:obj:(PBE-MD2-DES PBE-MD5-DES PBE-SHA1-RC2-64 PBE-MD2-RC2-64 PBE-MD5-RC2-64 PBE-SHA1-DES PBE-SHA1-RC4-128 PBE-SHA1-RC4-40 PBE-SHA1-3DES PBE-SHA1-2DES PBE-SHA1-RC2-128 PBE-SHA1-RC2-40)' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_pkey() { + # written for openssl 1.0.1k + _arguments -C \ + '-in[input file]:file:_files' \ + '-inform[input format]:format:(PEM DER)' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-outform[output format]:format:(PEM DER)' \ + '-out[output file]:file:_files' \ + '-passout[output file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_pkeyparam() { + # written for openssl 1.0.1k + _arguments -C \ + '-in[the input filename to read parameters from]:file:_files' \ + '-out[the output filename to write parameters]:file:_files' \ + '-text[prints out the parameters in plain text in addition to the encoded version]' \ + '-noout[do not output the encoded version of the parameters]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_pkeyutl() { + # written for openssl 1.0.1k + _arguments -C \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-sigfile[signature file (verify operation only)]:file:_files' \ + '-inkey[input key]:file:_files' \ + '-keyform[private key format]:format:(PEM DER)' \ + '-pubin[input is a public key]' \ + '-certin[input is a certificate carrying a public key]' \ + '-pkeyopt[public key options]:option\:value:_pkeyopts' \ + '-sign[sign with private key]' \ + '-verify[verify with public key]' \ + '-verifyrecover[verify with public key, recover original data]' \ + '-encrypt[encrypt with public key]' \ + '-decrypt[decrypt with private key]' \ + '-derive[derive shared secret]' \ + '-hexdump[hex dump output]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-passin[pass phrase source]:pass phrase source:_pass_phrase_source' +} + + +_openssl_prime() { + # written for openssl 1.0.1k + _arguments -C \ + '-hex[hex]' \ + '-checks[number of checks]:checks: ' \ + ':number:' +} + + +_openssl_rand() { + # written for openssl 1.0.1k + _arguments -C \ + '-out[write to file]:file:_files' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-base64[base64 encode output]' \ + '-hex[hex encode output]' \ + ':num:' +} + + +_openssl_req() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-text[text form of request]' \ + '-pubkey[output public key]' \ + '-noout[do not output REQ]' \ + '-verify[verify signature on REQ]' \ + '-modulus[RSA modulus]' \ + "-nodes[don't encrypt the output key]" \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + "-subject[output the request's subject]" \ + '-passin[private key pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-key[use the private key contained in the specified file]:file:_files' \ + '-keyform[key file format]:format:(PEM DER)' \ + '-keyout[file to send the key to]:file:_files' \ + '-rand[files to use for random number input]:file:_rand_files' \ + "-newkey rsa\:-[generate a new RSA key of the specified number of bits in size]:bits: " \ + "-newkey dsa\:[generate a new DSA key, parameters taken from CA in the specified file]:file:_files" \ + "-newkey ec\:[generate a new EC key, parameters taken from CA in the specified file]:file:_files" \ + '-md2[digest to sign with]' \ + '-md4[digest to sign with]' \ + '-md5[digest to sign with]' \ + '-mdc2[digest to sign with]' \ + '-sha1[digest to sign with]' \ + '-config[request template file]:file:_files' \ + '-subj[set or modify request subject]:subject: ' \ + '-multivalue-rdn[enable support for multivalued RDNs]' \ + '-new[new request]' \ + '-batch[do not ask anything during request generation]' \ + '-x509[output a x509 structure instead of a certificate request]' \ + '-days[number of days a certificate generated by -x509 is valid for]:days: ' \ + '-set_serial[serial number to use for a certificate generated by -x509]:serial: ' \ + '-newhdr[output "NEW" in the header lines]' \ + "-asn1-kludge[output the 'request' in a format that is wrong but some CA's have been reported as requiring]" \ + '-extensions[specify certificate extension section (override value in config file)]:section: ' \ + '-reqexts[specify request extension section (override value in config file)]:section: ' \ + '-utf8[input characters are UTF8 (default ASCII)]' \ + '*-nameopt[various certificate name options]:options:_nameopts' \ + '*-reqopt[- various request text options]:options:_certopts' + # TODO: complete -extensions and -reqexts +} + + +_openssl_rsa() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER NET)' \ + '-outform[output format]:format:(PEM DER NET)' \ + '-in[input file]:file:_files' \ + '-sgckey[use IIS SGC key format]' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-out[output file]:file:_files' \ + '-passout[output file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-des[encrypt PEM output with cbc des]' \ + '-des3[encrypt PEM output with ede cbc des using 168 bit key]' \ + '-idea[encrypt PEM output with cbc idea]' \ + '-seed[encrypt PEM output with cbc seed]' \ + '-aes128[encrypt PEM output with cbc aes]' \ + '-aes192[encrypt PEM output with cbc aes]' \ + '-aes256[encrypt PEM output with cbc aes]' \ + '-camellia128[encrypt PEM output with cbc camellia]' \ + '-camellia192[encrypt PEM output with cbc camellia]' \ + '-camellia256[encrypt PEM output with cbc camellia]' \ + '-text[print the key in text]' \ + "-noout[don't print key out]" \ + '-modulus[print the RSA key modulus]' \ + '-check[verify key consistency]' \ + '-pubin[expect a public key in input file]' \ + '-pubout[output a public key]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_rsautl() { + # written for openssl 1.0.1k + _arguments -C \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-inkey[input key]:file:_files' \ + '-keyform[private key format]:format:(PEM DER)' \ + '-pubin[input is an RSA public]' \ + '-certin[input is a certificate carrying an RSA public key]' \ + '-ssl[use SSL v2 padding]' \ + '-raw[use no padding]' \ + '-pkcs[use PKCS#1 v1.5 padding (default)]' \ + '-oaep[use PKCS#1 OAEP]' \ + '-sign[sign with private key]' \ + '-verify[verify with public key]' \ + '-encrypt[encrypt with public key]' \ + '-decrypt[decrypt with private key]' \ + '-hexdump[hex dump output]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-passin[pass phrase source]:pass phrase source:_pass_phrase_source' +} + + +_openssl_s_client() { + # written for openssl 1.0.1k + _arguments -C \ + '(-6)-4[use IPv4 only]' \ + '(-4)-6[use IPv6 only]' \ + '(-connect)-host[use -connect instead]:host: ' \ + '(-connect)-port[use -connect instead]:port: ' \ + '(-host -port)-connect[who to connect to (default is localhost:4433)]:host\:port: ' \ + '-verify[turn on peer certificate verification]:depth: ' \ + '-verify_return_error[return verification errors]' \ + '-cert[certificate file to use, PEM format assumed]:file:_files' \ + '-certform[certificate format (PEM or DER) PEM default]:format:(PEM DER)' \ + '-key[private key file to use, in cert file if not specified but cert file is]:file:_files' \ + '-keyform[key format (PEM or DER) PEM default]:format:(PEM DER)' \ + '-pass[private key file pass phrase source]:pass phrase source:_pass_phrase_source' \ + "-CApath[PEM format directory of CA's]:directory:_files -/" \ + "-CAfile[PEM format file of CA's]:file:_files" \ + '-reconnect[drop and re-make the connection with the same Session-ID]' \ + '-pause[sleep(1) after each read(2) and write(2) system call]' \ + '-prexit[print session information even on connection failure]' \ + '-showcerts[show all certificates in the chain]' \ + '-debug[extra output]' \ + '-msg[show protocol messages]' \ + '-nbio_test[more ssl protocol testing]' \ + "-state[print the 'ssl' states]" \ + '-nbio[run with non-blocking IO]' \ + '-crlf[convert LF from terminal into CRLF]' \ + '-quiet[no s_client output]' \ + '(-no_ign_eof)-ign_eof[ignore input eof (default when -quiet)]' \ + "(-ign_eof)-no_ign_eof[don't ignore input eof]" \ + '-psk_identity[PSK identity]:identity: ' \ + '-psk[PSK in hex (without 0x)]:key: ' \ + "-srpuser[SRP authentification for 'user']:user: " \ + "-srppass[password for 'user']:password: " \ + '-srp_lateuser[SRP username into second ClientHello message]' \ + '-srp_moregroups[tolerate other than the known g N values]' \ + '-srp_strength[minimal length in bits for N (default 1024)]:int: ' \ + '(-no_ssl2 -ssl3 -tls1 -tls1_1 -tls1_2 -dtls1)-ssl2[just use SSLv2]' \ + '(-no_ssl3 -ssl2 -tls1 -tls1_1 -tls1_2 -dtls1)-ssl3[just use SSLv3]' \ + '(-no_tls1_2 -ssl2 -ssl3 -tls1 -tls1_1 -dtls1)-tls1_2[just use TLSv1.2]' \ + '(-no_tls1_1 -ssl2 -ssl3 -tls1 -tls1_1 -dtls1)-tls1_1[just use TLSv1.1]' \ + '(-no_tls1 -ssl2 -ssl3 -tls1 -tls1_1 -dtls1)-tls1[just use TLSv1.0]' \ + '(-no_dtls1 -ssl2 -ssl3 -tls1 -tls1_1 -tls1_2)-dtls1[just use DTLSv1]' \ + '-fallback_scsv[send TLS_FALLBACK_SCSV]' \ + '-mtu[set the link layer MTU]' \ + '(-tls1_2)-no_tls1_2[turn off TLSv1.2]' \ + '(-tls1_1)-no_tls1_1[turn off TLSv1.1]' \ + '(-tls1)-no_tls1[turn off TLSv1.0]' \ + '(-ssl3)-no_ssl3[turn off SSLv3]' \ + '(-ssl2)-no_ssl2[turn off SSLv2]' \ + '-bugs[switch on all SSL implementation bug workarounds]' \ + "-serverpref[use server's cipher preferences (only SSLv2)]" \ + '-cipher[preferred cipher to use]:cipher suite:_list_ciphers' \ + "-starttls[use the STARTTLS command before starting TLS for those protocols that support it]:protocol:(smtp pop3 imap ftp xmpp)" \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-sess_out[file to write SSL session to]:file:_files' \ + '-sess_in[file to read SSL session from]:file:_files' \ + '-servername[set TLS extension servername in ClientHello]:host: ' \ + '-tlsextdebug[hex dump of all TLS extensions received]' \ + '-status[request certificate status from server]' \ + '-no_ticket[disable use of RFC4507bis session tickets]' \ + '-nextprotoneg[enable NPN extension, considering named protocols supported (comma-separated list)]:protocols: ' \ + '-legacy_renegotiation[enable use of legacy renegotiation (dangerous)]' \ + '-use_srtp[offer SRTP key management with a colon-separated profile list]:profiles: ' \ + '-keymatexport[export keying material using label]:label: ' \ + '-keymatexportlen[export len bytes of keying material (default 20)]:len: ' +} + + +_openssl_s_server() { + # written for openssl 1.0.1k + _arguments -C \ + '-accept[port to accept on (default is 4433)]:port: ' \ + '-context[set session ID context]:id: ' \ + '-verify[turn on peer certificate verification]:depth: ' \ + '-Verify[turn on peer certificate verification, must have a cert]:depth: ' \ + '-verify_return_error[return verification errors]' \ + '-cert[certificate file to use (default is server.pem)]:file:_files' \ + '-crl_check[check the peer certificate has not been revoked by its CA]' \ + '-crl_check_all[check the peer certificate has not been revoked by its CA or any other CRL in the CA chain]' \ + '-certform[certificate format]:format:(PEM DER)' \ + '-key[Private Key file to use, in cert file if not specified (default is server.pem)]:file:_files' \ + '-keyform[key format]:format:(PEM DER ENGINE)' \ + '-pass[private key file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-dcert[second certificate file to use (usually for DSA)]:file:_files' \ + '-dcertform[second certificate format]:format:(PEM DER)' \ + '-dkey[second private key file to use (usually for DSA)]:file:_files' \ + '-dkeyform[second key format]:format:(PEM DER ENGINE)' \ + '-dpass[second private key file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-dhparam[DH parameter file to use, in cert file if not specified or a default set of parameters is used]:file:_files' \ + '-named_curve[elliptic curve name to use for ephemeral ECDH keys. (default is nistp256)]:named curve:_list_curves' \ + '-nbio[run with non-blocking IO]' \ + '-nbio_test[test with the non-blocking test bio]' \ + '-crlf[convert LF from terminal into CRLF]' \ + '-debug[print more output]' \ + '-msg[show protocol messages]' \ + '-state[print the SSL states]' \ + "-CApath[PEM format directory of CA's]:file:_files -/" \ + "-CAfile[PEM format file of CA's]:file:_files" \ + "-nocert[don't use any certificates (Anon-DH)]" \ + '-cipher[preferred cipher to use]:cipher suite:_list_ciphers' \ + "-serverpref[use server's cipher preferences]" \ + '-quiet[no server output]' \ + '-no_tmp_rsa[do not generate a tmp RSA key]' \ + '-psk_hint[PSK identity hint to use]:hint: ' \ + '-psk[PSK in hex (without 0x)]:PSK: ' \ + '-srpvfile[the verifier file for SRP]:file:_files' \ + '-srpuserseed[a seed string for a default user salt]:seed: ' \ + '-ssl2[just talk SSLv2]' \ + '-ssl3[just talk SSLv3]' \ + '-tls1_2[just talk TLSv1.2]' \ + '-tls1_1[just talk TLSv1.1]' \ + '-tls1[just talk TLSv1]' \ + '-dtls1[just talk DTLSv1]' \ + '-timeout[enable timeouts]' \ + '-mtu[set link layer MTU]' \ + '-chain[read a certificate chain]' \ + '-no_ssl2[just disable SSLv2]' \ + '-no_ssl3[just disable SSLv3]' \ + '-no_tls1[just disable TLSv1]' \ + '-no_tls1_1[just disable TLSv1.1]' \ + '-no_tls1_2[just disable TLSv1.2]' \ + '-no_dhe[disable ephemeral DH]' \ + '-no_ecdhe[disable ephemeral ECDH]' \ + '-bugs[turn on SSL bug compatibility]' \ + '-hack[workaround for early Netscape code]' \ + "-www[respond to a 'GET /' with a status page]" \ + "-WWW[respond to a 'GET / HTTP/1.0' with file ./]" \ + "-HTTP[respond to a 'GET / HTTP/1.0' with file ./ with the assumption it contains a complete HTTP response]" \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-id_prefix[generate SSL/TLS session IDs prefixed by arg]:prefix: ' \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-servername[servername for HostName TLS extension]:hostname: ' \ + '-servername_fatal[on mismatch send fatal alert (default warning alert)]' \ + '-cert2[certificate file to use for servername (default is server2.pem)]:file:_files' \ + '-key2[Private Key file to use for servername, in cert file if not specified (default is server2.pem)]:file:_files' \ + '-tlsextdebug[hex dump of all TLS extensions received]' \ + '-no_ticket[disable use of RFC4507bis session tickets]' \ + '-legacy_renegotiation[enable use of legacy renegotiation (dangerous)]' \ + '-nextprotoneg[set the advertised protocols for the NPN extension (comma-separated list)]:protocol:(http/1.0 http/1.1)' \ + '-use_srtp[offer SRTP key management with a colon-separated profile list]:profiles: ' \ + '-4[use IPv4 only]' \ + '-6[use IPv6 only]' \ + '-keymatexport[export keying material using label]:label: ' \ + '-keymatexportlen[export len bytes of keying material (default 20)]:length: ' \ + '-status[respond to certificate status requests]' \ + '-status_verbose[enable status request verbose printout]' \ + '-status_timeout[status request responder timeout]:seconds: ' \ + '-status_url[status request fallback URL]:URL: ' + # TODO: srtp profiles +} + + +_openssl_s_time() { + # written for openssl 1.0.1k + _arguments -C \ + '-connect[host:port to connect to (default is localhost:4433)]:host\:port: ' \ + '-nbio[run with non-blocking IO]' \ + '-ssl2[just use SSLv2]' \ + '-ssl3[just use SSLv3]' \ + '-bugs[turn on SSL bug compatibility]' \ + '-new[just time new connections]' \ + '-reuse[just time connection reuse]' \ + "-www[retrieve the specified page from the site]:page: " \ + '-time[max number of seconds to collect data, default 30]:seconds: ' \ + '-verify[turn on peer certificate verification]:depth: ' \ + '-cert[certificate file to use, PEM format assumed]:file:_files' \ + '-key[RSA file to use, PEM format assumed, key is in cert file]:file:_files' \ + "-CApath[PEM format directory of CA's]:file:_files -/" \ + "-CAfile[PEM format file of CA's]:file:_files" \ + '-cipher[preferred cipher to use]:cipher suite:_list_ciphers' +} + + +_openssl_sess_id() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format]:format:(PEM DER)' \ + '-outform[output format]:format:(PEM DER)' \ + '-in[input file (default stdin)]:file:_files' \ + '-out[output file (default stdout)]:file:_files' \ + '-text[print ssl session id details]' \ + '-cert[output certificate ]' \ + '-noout[no CRL output]' \ + '-context[set the session ID context]:id: ' +} + + +_openssl_smime() { + # written for openssl 1.0.1k + _arguments -C \ + '-encrypt[encrypt message]' \ + '-decrypt[decrypt encrypted message]' \ + '-sign[sign message]' \ + '-verify[verify signed message]' \ + '-pk7out[output PKCS#7 structure]' \ + '-des3[encrypt with triple DES]' \ + '-des[encrypt with DES]' \ + '-seed[encrypt with SEED]' \ + '-rc2-40[encrypt with RC2-40 (default)]' \ + '-rc2-64[encrypt with RC2-64]' \ + '-rc2-128[encrypt with RC2-128]' \ + '-aes128[encrypt PEM output with cbc aes]' \ + '-aes192[encrypt PEM output with cbc aes]' \ + '-aes256[encrypt PEM output with cbc aes]' \ + '-camellia128[encrypt PEM output with cbc camellia]' \ + '-camellia192[encrypt PEM output with cbc camellia]' \ + '-camellia256[encrypt PEM output with cbc camellia]' \ + "-nointern[don't search certificates in message for signer]" \ + "-nosigs[don't verify message signature]" \ + "-noverify[don't verify signers certificate]" \ + "-nocerts[don't include signers certificate when signing]" \ + '-nodetach[use opaque signing]' \ + "-noattr[don't include any signed attributes]" \ + "-binary[don't translate message to text]" \ + '-certfile[other certificates file]:file:_files' \ + '-signer[signer certificate file]:file:_files' \ + '-recip[recipient certificate file for decryption]:file:_files' \ + '-in[input file]:file:_files' \ + '-inform[input format]:format:(SMIME PEM DER)' \ + '-inkey[input private key (if not signer or recipient)]:file:_files' \ + '-keyform[input private key format]:format:(PEM ENGINE)' \ + '-out[output file]:file:_files' \ + '-outform[output format]:format:(SMIME PEM DER)' \ + '-content[supply or override content for detached signature]:file:_files' \ + '-to[to address]:address: ' \ + '-from[from address]:address: ' \ + '-subject[subject]:subject: ' \ + '-text[include or delete text MIME headers]' \ + '-CApath[trusted certificates directory]:directory:_files -/' \ + '-CAfile[trusted certificates file]:file:_files' \ + "-crl_check[check revocation status of signer's certificate using CRLs]" \ + "-crl_check_all[check revocation status of signer's certificate chain using CRLs]" \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-rand[files to use for random number input]:file:_rand_files' \ + ':certificate:_files' +} + + +_openssl_speed() { + # written for openssl 1.0.1k + local algorithms + algorithms=(mdc2 md4 md5 hmac sha1 sha256 sha512 whirlpoolrmd160 idea-cbc \ + seed-cbc rc2-cbc rc5-cbc bf-cbc des-cbc des-ede3 aes-128-cbc \ + aes-192-cbc aes-256-cbc aes-128-ige aes-192-ige aes-256-ige \ + camellia-128-cbc camellia-192-cbc camellia-256-cbc rc4 rsa512 \ + rsa1024 rsa2048 rsa4096 dsa512 dsa1024 dsa2048 ecdsap160 \ + ecdsap192 ecdsap224 ecdsap256 ecdsap384 ecdsap521 ecdsak163 \ + ecdsak233 ecdsak283 ecdsak409 ecdsak571 ecdsab163 ecdsab233 \ + ecdsab283 ecdsab409 ecdsab571 ecdsa ecdhp160 ecdhp192 ecdhp224 \ + ecdhp256 ecdhp384 ecdhp521 ecdhk163 ecdhk233 ecdhk283 ecdhk409 \ + ecdhk571 ecdhb163 ecdhb233 ecdhb283 ecdhb409 ecdhb571 ecdh idea \ + seed rc2 des aes camellia rsa blowfish) + _arguments -C \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-evp[use the specified EVP]:EVP: ' \ + '-decrypt[time decryption instead of encryption (only EVP)]' \ + '-mr[produce machine readable output]' \ + '-multi[run n benchmarks in parallel]:benchmarks: ' \ + "*:algorithm:(${algorithms})" +} + + +_openssl_spkac() { + # written for openssl 1.0.1k + _arguments -C \ + '-in[input file]:file:_files' \ + '-out[output file]:file:_files' \ + '-key[create SPKAC using private key]:file:_files' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-challenge[challenge string]:string: ' \ + '-spkac[alternative SPKAC name]:spkacname: ' \ + '-spksect[alternative section name]:section: ' \ + "-noout[don't print SPKAC]" \ + '-pubkey[output public key]' \ + '-verify[verify SPKAC signature]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' +} + + +_openssl_srp() { + # written for openssl 1.0.1k + _arguments -C \ + '-verbose[talk alot while doing things]' \ + '-config[a config file]:file:_files' \ + '-name[the particular srp definition to use]:definition: ' \ + '-srpvfile[the srp verifier file name]:file:_files' \ + '(-modify -delete -list)-add[add an user and srp verifier]' \ + '(-add -delete -list)-modify[modify the srp verifier of an existing user]' \ + '(-add -modify -list)-delete[delete user from verifier file]' \ + '(-add -modify -delete)-list[list user]' \ + '-gn[g and N values to be used for new verifier]:g and N: ' \ + '-userinfo[additional info to be set for user]:userinfo: ' \ + '-passin[input file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-passout[output file pass phrase source]:pass phrase source:_pass_phrase_source' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '-rand[files to use for random number input]:file:_rand_files' \ + ':user:' +} + + +_openssl_ts() { + # written for openssl 1.0.1k + # written for openssl 1.0.2e + local action digests + digests=(-dss1 -md4 -md5 -mdc2 -ripemd160 -sha -sha1 -sha224 -sha256 \ + -sha384 -sha512 -whirlpool) + if [[ "${CURRENT}" -eq 2 ]]; then + # first parameter to ts + _values 'openssl time stamp action' '-query[time stamp request generation]' '-reply[time stamp response generation]' '-verify[time stamp response verification]' + else + action="${words[2]}" + case "${action}" in + -query) + _arguments -C \ + '-rand[files to use for random number input]:file:_rand_files' \ + '-config[config file to use]:file:_files' \ + '(-digest)-data[data file for which the time stamp request needs to be created]:file:_files' \ + '(-data)-digest[digest of the data file]:bytes: ' \ + "($digests)-dss1[use the dss1 message digest algorithm]" \ + "($digests)-md4[to use the md4 message digest algorithm]" \ + "($digests)-md5[to use the md5 message digest algorithm]" \ + "($digests)-mdc2[to use the mdc2 message digest algorithm]" \ + "($digests)-ripemd160[to use the ripemd160 message digest algorithm]" \ + "($digests)-sha[to use the sha message digest algorithm]" \ + "($digests)-sha1[to use the sha1 message digest algorithm]" \ + "($digests)-sha224[to use the sha224 message digest algorithm]" \ + "($digests)-sha256[to use the sha256 message digest algorithm]" \ + "($digests)-sha384[to use the sha384 message digest algorithm]" \ + "($digests)-sha512[to use the sha512 message digest algorithm]" \ + "($digests)-whirlpool[to use the whirlpool message digest algorithm]" \ + '-policy[policy to use for creating the time stamp token]:policy ID: ' \ + '-no_nonce[do not include a nonce in the request]' \ + '-cert[request a signing certificate in the response]' \ + '-in[use the previously created time stamp request]:file:_files' \ + '-out[name of the output file to which the request will be written]:file:_files' \ + '-text[output in human-readable format instead of DER]' + ;; + -reply) + _arguments -C \ + '-config[config file to use]:file:_files' \ + '-section[config file section for response generation]:section: ' \ + '-queryfile[file containing a DER encoded time stamp request]:file:_files' \ + '-passin[private key password source]:pass phrase source:_pass_phrase_source' \ + '-signer[signer certificate of the TSA in PEM format]:file:_files' \ + '-inkey[signer private key in PEM format]:file:_files' \ + '-chain[signer certificate chain in PEM format]:file:_files' \ + '-policy[default policy to use for response]:policy ID: ' \ + '-in[use the previously created time stamp response in DER format]:file:_files' \ + '-token_in[the paramter to -in is a time stamp token in DER format]' \ + '-out[name of the output file to which the response will be written]:file:_files' \ + '-token_out[output a time stamp token instead of a time stamp response]' \ + '-text[output in human-readable format instead of DER]' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' + ;; + -verify) + _arguments -C \ + '(-digest -queryfile)-data[verify response against the specified file]:file:_files' \ + '(-data -queryfile)-digest[verify the response against the specified message digest]:digest bytes: ' \ + '(-data -digest)-queryfile[the original time stamp request in DER format]:file:_files' \ + '-in[time stamp response that needs to be verified in DER format]:file:_files' \ + '-token_in[the paramter to -in is a time stamp token in DER format]' \ + '-CApath[directory containing the trused CA certificates of the client]:directory:_files -/' \ + '-CAFile[file containing a set of trusted self-signed CA certificates in PEM format]:file:_files' \ + '-untrusted[set of additional untrusted certificates in PEM format which may be needed when building the certificate chain]:file:_files' + ;; + esac + fi +} + + +_openssl_verify() { + # written for openssl 1.0.1k + _arguments -C \ + '-CApath[a directory of trusted certificates]:directory:_files -/' \ + '-CAfile[file A file of trusted certificates]:file:_files' \ + '-purpose[the intended use for the certificate]:purpose:(sslclient sslserver nssslserver smimesign smimeencrypt crlsign any ocsphelper timestampsign)' \ + '*-policy[enable policy processing and add arg to the user-initial-policy-set]:object name or OID: ' \ + '-ignore_critical[ignore critical extensions]' \ + '-attime[perform validation checks using the given time]:timestamp: ' \ + '-check_ss_sig[verify the signature on the self-signed root CA]' \ + "-crlfile[file containing one or more CRL's (in PEM format) to load]:file:_files" \ + '-crl_check[check end entity certificate in CRL]' \ + '-crl_check_all[check all certificates in CRL]' \ + '-policy_check[enables certificate policy processing]' \ + '-explicit_policy[set policy variable require-explicit-policy]' \ + '-inhibit_any[set policy variable inhibit-any-policy]' \ + '-inhibit_map[set policy variable inhibit-policy-mapping]' \ + '-x509_strict[strict X.509-compliance]' \ + '-extended_crl[enable extended CRL features]' \ + '-use_deltas[enable support for delta CRLs]' \ + '-policy_print[print out diagnostics related to policy processing]' \ + '-untrusted[a file of untrusted certificates]:file:_files' \ + '(-*)-help[print out a usage message]' \ + '-issuer_checks[print out diagnostics relating to searches for the issuer certificate of the current certificate]' \ + '-verbose[print extra information about the operations being performed]' \ + '*:certificate:_files' + # TODO: - may be used to separate certificates from options + # TODO: Do not hardcode purposes +} + + +_openssl_version() { + # written for openssl 1.0.1k + _arguments -C \ + '-a[all information, this is the same as setting all the other flags]' \ + '-v[the current OpenSSL version]' \ + '-b[the date the current version of OpenSSL was built]' \ + '-o[option information: various options set when the library was built]' \ + '-f[compilation flags]' \ + '-p[platform setting]' \ + '-d[OPENSSLDIR setting]' +} + + +_openssl_x509() { + # written for openssl 1.0.1k + _arguments -C \ + '-inform[input format - default PEM (one of DER, NET or PEM)]:format:(DER NET PEM)' \ + '-outform[output format - default PEM (one of DER, NET or PEM)]:arg:(DER NET PEM)' \ + '-keyform[private key format - default PEM]:arg:(DER PEM)' \ + '-CAform[CA format - default PEM]:arg:(DER PEM)' \ + '-CAkeyform[CA key format - default PEM]:arg:(DER PEM)' \ + '-in[input file - default stdin]:file:_files' \ + '-out[output file - default stdout]:file:_files' \ + '-passin[private key password source]:pass phrase source:_pass_phrase_source' \ + '-serial[print serial number value]' \ + '-subject_hash[print subject hash value]' \ + '-subject_hash_old[print old-style (MD5) subject hash value]' \ + '-issuer_hash[print issuer hash value]' \ + '-issuer_hash_old[print old-style (MD5) issuer hash value]' \ + '-hash[synonym for -subject_hash]' \ + '-subject[print subject DN]' \ + '-issuer[print issuer DN]' \ + '-email[print email address(es)]' \ + '-startdate[notBefore field]' \ + '-enddate[notAfter field]' \ + '-purpose[print out certificate purposes]' \ + '-dates[both Before and After dates]' \ + '-modulus[print the RSA key modulus]' \ + '-pubkey[output the public key]' \ + '-fingerprint[print the certificate fingerprint]' \ + '-alias[output certificate alias]' \ + '-noout[no certificate output]' \ + '-ocspid[print OCSP hash values for the subject name and public key]' \ + '-ocsp_uri[print OCSP Responder URL(s)]' \ + '-trustout[output a "trusted" certificate]' \ + '-clrtrust[clear all trusted purposes]' \ + '-clrreject[clear all rejected purposes]' \ + '-addtrust[trust certificate for a given purpose]:purpose:(clientAuth serverAuth emailProtection)' \ + '-addreject[reject certificate for a given purpose]:purpose:(clientAuth serverAuth emailProtection)' \ + '-setalias[set certificate alias]:alias: ' \ + '-days[how long till expiry of a signed certificate (default 30 days)]:days: ' \ + '-checkend[check whether the cert expires in the specified time]:seconds: ' \ + '-signkey[self sign cert with arg]:file:_files' \ + '-x509toreq[output a certification request object]' \ + '-req[input is a certificate request, sign and output]' \ + '-CA[set the CA certificate, must be PEM format]:file:_files' \ + '-CAkey[set the CA key, must be PEM format]:file:_files' \ + '-CAcreateserial[create serial number file if it does not exist]' \ + '-CAserial[serial file]:file:_files' \ + '-set_serial[serial number to use]' \ + '-text[print the certificate in text form]' \ + '-C[print out C code forms]' \ + '(-md5 -sha1 -mdc2)-md2[digest to use]' \ + '(-md2 -sha1 -mdc2)-md5[digest to use]' \ + '(-md2 -md5 -mdc2)-sha1[digest to use]' \ + '(-md2 -md5 -sha1)-mdc2[digest to use]' \ + '-extfile[configuration file with X509V3 extensions to add]' \ + '-extensions[section from config file with X509V3 extensions to add]' \ + '-clrext[delete extensions before signing and input certificate]' \ + '*-nameopt[various certificate name options]:options:_nameopts' \ + '-engine[use the specified engine, possibly a hardware device]:engine:_engines' \ + '*-certopt[various certificate text options]:options:_certopts' +} + + +_pass_phrase_source() { + # pass:password + # env:var + # file:pathname + # fd:number + # stdin + _values -S : 'pass phrase source' \ + 'pass[obtain the password from the command line]:password: ' \ + 'env[obtain the password from the environment variable var]:var:_parameters -g "*export*"' \ + 'file[obtain the password from a file]:file:_files' \ + 'fd[read the password from the file descriptor number]:number: ' \ + 'stdin[read the password from standard input]' +} + + +_rand_files() { + # FIXME: this does not allow using multiple files separated by : + # the following would probably work, but how to generate $files? + #_values -s : -S ' ' 'random source file or directory' ${files} + _files +} + + +_engines() { + # openssl engines + local engines + engines=(${${${(@f)"$(_call_program engines openssl engine)"}%)*}#\(}) + _values 'engines' ${engines} +} + + +_list_ciphers() { + # openssl ciphers + local ciphers + # add cipher suites + ciphers=(${(@s/:/)"$(_call_program ciphers openssl ciphers)"}) + # add static cipher strings + ciphers=(${ciphers} \ + 'DEFAULT[the default cipher list]' \ + 'COMPLEMENTOFDEFAULT[the ciphers included in ALL but not enabled by default]' \ + 'ALL[all cipher suites except the eNULL ciphers]' \ + 'COMPLEMENTOFALL[the cipher suites not enabled by ALL]' \ + 'HIGH["high" encryption cipher suites]' \ + 'MEDIUM["medium" encryption cipher suites]' \ + 'LOW["low" encryption cipher suites]' \ + {EXP,EXPORT}'[export encryption algorithms]' \ + 'EXPORT40[40 bit export encryption algorithms]' \ + 'EXPORT56[56 bit export encryption algorithms]' \ + {eNULL,NULL}'[ciphers offering no encryption]' \ + 'aNULL[ciphers offering no authentication]' \ + {kRSA,RSA}'[cipher suites rusing RSA key exchange]' \ + 'kDHr[cipher suites using DH key agreement signed by CAs with RSA keys]' \ + 'kDHd[cipher suites using DH key agreement signed by CAs with DSS keys]' \ + 'kDH[cipher suites using DH key agreement]' \ + {kDHE,kEDH}'[cipher suites using ephemeral DH key agreement, including anonymous cipher suites]' \ + {DHE,EDH}'[cipher suites using authenticated ephemeral DH key agreement]' \ + 'ADH[anonymous DH cipher suites, not including anonymous ECDH ciphers]' \ + 'DH[cipher suites using DH, including anonymous DH, ephemeral DH and fixed DH]' \ + 'kECDHr[cipher suites using fixed ECDH key agreement signed by CAs with RSA keys]' \ + 'kECDHe[cipher suites using fixed ECDH key agreement signed by CAs with ECDSA keys]' \ + 'kECDH[cipher suites using fixed ECDH key agreement]' \ + {kECDHE,kEECDH}'[cipher suites using ephemeral ECDH key agreement, including anonymous cipher suites]' \ + {ECDHE,kEECDH}'[cipher suites using authenticated ephemeral ECDH key agreement]' \ + 'AECDH[anonymous Elliptic Curve Diffie Hellman cipher suites]' \ + 'ECDH[cipher suites using ECDH key exchange, including anonymous, ephemeral and fixed ECDH]' \ + 'aRSA[cipher suites using RSA authentication]' \ + {aDSS,DSS}'[cipher suites using DSS authentication]' \ + 'aDH[cipher suites effectively using DH authentication]' \ + 'aECDH[cipher suites effectively using ECDH authentication]' \ + {aECDSA,ECDSA}'[cipher suites using ECDSA authentication]' \ + 'TLSv1.2[TLSv1.2 cipher suites]' \ + 'TLSv1[TLSv1.0 cipher suites]' \ + 'SSLv3[SSLv3.0 cipher suites]' \ + 'SSLv2[SSLv2.0 cipher suites]' \ + 'AES128[cipher suites using 128 bit AES]' \ + 'AES256[cipher suites using 256 bit AES]' \ + 'AES[cipher suites using AES]' \ + 'AESGCM[AES in Galois Counter Mode (GCM)]' \ + 'CAMELLIA128[cipher suites using 128 bit CAMELLIA]' \ + 'CAMELLIA256[cipher suites using 256 bit CAMELLIA]' \ + 'CAMELLIA[cipher suites using CAMELLIA]' \ + '3DES[cipher suites using triple DES]' \ + 'DES[cipher suites using DES (not triple DES)]' \ + 'RC4[cipher suites using RC4]' \ + 'RC2[cipher suites using RC2]' \ + 'IDEA[cipher suites using IDEA]' \ + 'SEED[cipher suites using SEED]' \ + 'MD5[cipher suites using MD5]' \ + {SHA1,SHA}'[cipher suites using SHA1]' \ + 'SHA256[cipher suites using SHA256]' \ + 'SHA384[cipher suites using SHA284]' \ + 'aGOST[cipher suites using GOST R 34.10 for authenticaction]' \ + 'aGOST01[cipher suites using GOST R 34.10-2001 authentication]' \ + 'aGOST94[cipher suites using GOST R 34.10-94 authentication]' \ + 'kGOST[cipher suites, using VKO 34.10 key exchange]' \ + 'GOST94[cipher suites, using HMAC based on GOST R 34.11-94]' \ + 'GOST89MAC[cipher suites using GOST 28147-89 MAC instead of HMAC]' \ + 'PSK[cipher suites using pre-shared keys (PSK)]' \ + 'SUITEB128[suite B mode operation using 128 or 192 bit level of security]' \ + 'SUITEB128ONLY[suite B mode operation using 128 bit level of security]' \ + 'SUITEB192[suite B mode operation using 192 bit level of security]' \ + ) + # FIXME: support !, + and - before each cipher suite + _values -s : 'cipher suite' ${ciphers} +} + + +_list_curves() { + # openssl ecparam -list_curves + local curves not_curves + curves="$(_call_program list_curves openssl ecparam -list_curves)" + # identify lines that do not contain curve names but only descriptions + not_curves=(${${(f)curves[@]}:#*:*}) + # remove non-curve lines, trailing descriptions and leading spaces + curves=(${${${${(f)curves[@]}:|not_curves}%:*}##* }) + _values 'named curves' ${curves} +} + + +_list_message_digest_algorithms() { + # openssl list-message-digest-algorithms + local algorithms + algorithms=(${${(@f)"$(_call_program message_digest_algorithms openssl list-message-digest-algorithms)"}%% *}) + _values 'message digest algorithms' ${algorithms} +} + + +_nameopts() { + _values -s ',' -w 'nameopts' \ + '(-compat compat)'{-compat,compat}'[use the old format. This is equivalent to specifying no name options at all]' \ + '(-RFC2253 RFC2253)'{-RFC2253,RFC2253}'[displays names compatible with RFC2253 equivalent to esc_2253, esc_ctrl, esc_msb, utf8, dump_nostr, dump_unknown, dump_der, sep_comma_plus, dn_rev and sname]' \ + '(-oneline oneline)'{-oneline,oneline}'[a oneline format which is more readable than RFC2253. Equivalent to esc_2253, esc_ctrl, esc_msb, utf8, dump_nostr, dump_der, use_quote, sep_comma_plus_space, space_eq and sname options]' \ + '(-multiline multiline)'{-multiline,multiline}'[a multiline format. Equivalent to esc_ctrl, esc_msb, sep_multiline, space_eq, lname and align]' \ + '(-esc_2253 esc_2253)'{-esc_2253,esc_2253}'[escape the "special" characters required by RFC2253 in a field]' \ + '(-esc_ctrl esc_ctrl)'{-esc_ctrl,esc_ctrl}'[escape control characters]' \ + '(-esc_msb esc_msb)'{-esc_msb,esc_msb}'[escape characters with the MSB set]' \ + '(-use_quote use_quote)'{-use_quote,use_quote}'[escapes some characters by surrounding the whole string with " characters]' \ + '(-utf8 utf8)'{-utf8,utf8}'[convert all strings to UTF8 format first]' \ + '(-ignore_type ignore_type)'{-ignore_type,ignore_type}'[this option does not attempt to interpret multibyte characters in any way]' \ + '(-show_type show_type)'{-show_type,show_type}'[show the type of the ASN1 character string]' \ + '(-dump_der dump_der)'{-dump_der,dump_der}'[use DER encoding when hexdumping fields]' \ + '(-dump_nostr dump_nostr)'{-dump_nostr,dump_nostr}'[dump non character string types]' \ + '(-dump_all dump_all)'{-dump_all,dump_all}'[dump all fields]' \ + '(-dump_unknown dump_unknown)'{-dump_unknown,dump_unknown}'[dump any field whose OID is not recognised by OpenSSL]' \ + '(-sep_comma_plus sep_comma_plus)'{-sep_comma_plus,sep_comma_plus}'[these options determine the field separators]' \ + '(-sep_comma_plus_space sep_comma_plus_space)'{-sep_comma_plus_space,sep_comma_plus_space}'[these options determine the field separators]' \ + '(-sep_semi_plus_space sep_semi_plus_space)'{-sep_semi_plus_space,sep_semi_plus_space}'[these options determine the field separators]' \ + '(-sep_multiline sep_multiline)'{-sep_multiline,sep_multiline}'[these options determine the field separators]' \ + '(-dn_rev dn_rev)'{-dn_rev,dn_rev}'[reverse the fields of the DN]' \ + '(-nofname nofname)'{-nofname,nofname}'[do not display field names]' \ + '(-sname sname)'{-sname,sname}'[display field names in short form]' \ + '(-lname lname)'{-lname,lname}'[display field names in long form]' \ + '(-oid oid)'{-oid,oid}'[display field names in numerical form]' \ + '(-align align)'{-align,align}'[align field values for a more readable output. Only usable with sep_multiline]' \ + '(-space_eq space_eq)'{-space_eq,space_eq}'[places spaces around the = character which follows the field name]' +} + + +_certopts() { + _values -s ',' -w 'certopts' \ + 'compatible[use the old format. This is equivalent to specifying no output options at all]' \ + "no_header[don't print header information: that is the lines saying \"Certificate\" and \"Data\"]" \ + "no_version[don't print out the version number]" \ + "no_serial[don't print out the serial number]" \ + "no_signame[don't print out the signature algorithm used]" \ + "no_validity[don't print the validity, that is the notBefore and notAfter fields]" \ + "no_subject[don't print out the subject name]" \ + "no_issuer[don't print out the issuer name]" \ + "no_pubkey[don't print out the public key]" \ + "no_sigdump[don't give a hexadecimal dump of the certificate signature]" \ + "no_aux[don't print out certificate trust information]" \ + "no_extensions[don't print out any X509V3 extensions]" \ + 'ext_default[retain default extension behaviour: attempt to print out unsupported certificate extensions]' \ + 'ext_error[print an error message for unsupported certificate extensions]' \ + 'ext_parse[ASN1 parse unsupported extensions]' \ + 'ext_dump[hex dump unsupported extensions]' \ + '(no_issuer no_pubkey no_header no_version no_sigdump no_signame)ca_default[the value used by the ca utility, equivalent to no_issuer, no_pubkey, no_header, no_version, no_sigdump and no_signame]' +} + + +_openssl "$@" + +# vim: ft=zsh sw=2 ts=2 et diff --git a/dotfiles/zsh/completion/_pass b/dotfiles/zsh/completion/_pass new file mode 100644 index 0000000..858f217 --- /dev/null +++ b/dotfiles/zsh/completion/_pass @@ -0,0 +1,134 @@ +#compdef pass +#autoload + +# Copyright (C) 2012 - 2014: +# Johan Venant +# Brian Mattern +# Jason A. Donenfeld . +# All Rights Reserved. +# This file is licensed under the GPLv2+. Please see COPYING for more information. + + +_pass () { + local cmd + if (( CURRENT > 2)); then + cmd=${words[2]} + # Set the context for the subcommand. + curcontext="${curcontext%:*:*}:pass-$cmd" + # Narrow the range of words we are looking at to exclude `pass' + (( CURRENT-- )) + shift words + # Run the completion for the subcommand + case "${cmd}" in + init) + _arguments : \ + "-p[gpg-id will only be applied to this subfolder]" \ + "--path[gpg-id will only be applied to this subfolder]" + _pass_complete_keys + ;; + ls|list|edit) + _pass_complete_entries_with_subdirs + ;; + insert) + _arguments : \ + "-e[echo password to console]" \ + "--echo[echo password to console]" \ + "-m[multiline]" \ + "--multiline[multiline]" + _pass_complete_entries_with_subdirs + ;; + generate) + _arguments : \ + "-n[don't include symbols in password]" \ + "--no-symbols[don't include symbols in password]" \ + "-c[copy password to the clipboard]" \ + "--clip[copy password to the clipboard]" \ + "-f[force overwrite]" \ + "--force[force overwrite]" \ + "-i[replace first line]" \ + "--in-place[replace first line]" + _pass_complete_entries_with_subdirs + ;; + cp|copy|mv|rename) + _arguments : \ + "-f[force rename]" \ + "--force[force rename]" + _pass_complete_entries_with_subdirs + ;; + rm) + _arguments : \ + "-f[force deletion]" \ + "--force[force deletion]" \ + "-r[recursively delete]" \ + "--recursive[recursively delete]" + _pass_complete_entries_with_subdirs + ;; + git) + local -a subcommands + subcommands=( + "init:Initialize git repository" + "push:Push to remote repository" + "pull:Pull from remote repository" + "config:Show git config" + "log:Show git log" + "reflog:Show git reflog" + ) + _describe -t commands 'pass git' subcommands + ;; + show|*) + _pass_cmd_show + ;; + esac + else + local -a subcommands + subcommands=( + "init:Initialize new password storage" + "ls:List passwords" + "find:Find password files or directories based on pattern" + "grep:Search inside decrypted password files for matching pattern" + "show:Decrypt and print a password" + "insert:Insert a new password" + "generate:Generate a new password using pwgen" + "edit:Edit a password with \$EDITOR" + "mv:Rename the password" + "cp:Copy the password" + "rm:Remove the password" + "git:Call git on the password store" + "version:Output version information" + "help:Output help message" + ) + _describe -t commands 'pass' subcommands + _arguments : \ + "--version[Output version information]" \ + "--help[Output help message]" + _pass_cmd_show + fi +} + +_pass_cmd_show () { + _arguments : \ + "-c[put it on the clipboard]" \ + "--clip[put it on the clipboard]" + _pass_complete_entries +} +_pass_complete_entries_helper () { + local IFS=$'\n' + local prefix="${PASSWORD_STORE_DIR:-$HOME/.password-store}" + _values -C 'passwords' ${$(find -L "$prefix" \( -name .git -o -name .gpg-id \) -prune -o $@ -print 2>/dev/null | sed -e "s#${prefix}/\{0,1\}##" -e 's#\.gpg##' | sort):-""} +} + +_pass_complete_entries_with_subdirs () { + _pass_complete_entries_helper +} + +_pass_complete_entries () { + _pass_complete_entries_helper -type f +} + +_pass_complete_keys () { + local IFS=$'\n' + # Extract names and email addresses from gpg --list-keys + _values 'gpg keys' $(gpg2 --list-secret-keys --with-colons | cut -d : -f 10 | sort -u | sed '/^$/d') +} + +_pass -- cgit v1.2.1