Closed float0n closed 11 months ago
https://github.com/lastpass/lastpass-cli/issues/540 seems related
Hi, Same here. It's seems that certificate's thumbrint are stored here : https://github.com/lastpass/lastpass-cli/blob/master/pins.h
May be, you can update theses informations ?
I am also suddenly seeing this issue.
Hi, Same here. It's seems that certificate's thumbrint are stored here : https://github.com/lastpass/lastpass-cli/blob/master/pins.h
May be, you can update theses informations ?
Hello! Just for clarification, the maintainer is the one responsible for updating pins.h, correct? It's not something we, as users, can modify ourselves to resolve the issue, is it?
Hi, Same here. It's seems that certificate's thumbrint are stored here : https://github.com/lastpass/lastpass-cli/blob/master/pins.h
May be, you can update theses informations ?
Hello! Just for clarification, the maintainer is the one responsible for updating pins.h, correct? It's not something we, as users, can modify ourselves to resolve the issue, is it?
We might be able to gather the missing information by retrieving the fingerprints of each certificate and modifying the relevant file through a pull request. However, rebuilding the program and releasing the new version will still need to be done by the maintainers. Moreover, I believe they have all the necessary information in their possession. It remains to be seen how responsive they can be.
I did extract a pin from the cert presented to me using (echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
, popped that in a local copy of pins.h, rebuilt, and was able to log in.
So this really does look to be problem.
@NikitaCOEUR They do seem fairly responsive - my phonecall to support referred me to this issue tracker :D
I've just opened a support ticket via the portal for them to look into it...
I just got off the phone with support, extremely unhelpful they simply said "We don't support this" no explanation as to why or any other information.
I did extract a pin from the cert presented to me using
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
, popped that in a local copy of pins.h, rebuilt, and was able to log in.So this really does look to be problem.
I'm trying to find the file pins.h after installing the lastpass-cli, but I couldn't find it. Could you please add more details about where we should edit?
@aha-sage you need to pull down the repo and build it.
I did extract a pin from the cert presented to me using
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
, popped that in a local copy of pins.h, rebuilt, and was able to log in. So this really does look to be problem.I'm trying to find the file pins.h after installing the lastpass-cli, but I couldn't find it. Could you please add more details about where we should edit?
You'll have to build from source by cloning this repo first.
build instructions on a mac, you may need to run brew install cmake
git clone https://github.com/lastpass/lastpass-cli.git
cd lastpass-cli
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
# edit pins.h, prepend the results of the command above
make
mv build/lpass /usr/local/bin/lpass
I am getting this error after updating the pins.h and attempting to run make to build
CMake Error at /usr/local/Cellar/cmake/3.27.4/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:230 (message): Could NOT find PkgConfig (missing: PKG_CONFIG_EXECUTABLE) Call Stack (most recent call first): /usr/local/Cellar/cmake/3.27.4/share/cmake/Modules/FindPackageHandleStandardArgs.cmake:600 (_FPHSA_FAILURE_MESSAGE) /usr/local/Cellar/cmake/3.27.4/share/cmake/Modules/FindPkgConfig.cmake:99 (find_package_handle_standard_args) CMakeLists.txt:10 (find_package)
Steps to remediate (I'm on macOS):
cd [directory]
[directory] being the path of the downloaded repository. (echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
make
from Terminal.Note: on macOS, I received the following error:
"/bin/sh: cmake: command not found make: *** [build/Makefile] Error 127"
Which was resolved by installing cmake using Brew: brew install cmake
brew install pkg-config cmake
resolves the "Could NOT find PkgConfig" error as well
Its working for me now, Thanks everyone for your help. Summarization for mac users
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
brew install cmake
brew install pkg-config
make
sudo DESTDIR=~/Downloads/lastpass-cli/ make install
sudo mv ~/Downloads/lastpass-cli/usr/bin/lpass /usr/local/bin/lpass
Full instructions for Homebrew users who have a recipe development environment ready (homebrew-core checked out):
brew edit lastpass-cli
Add these blocks
## Insert this after the other patch call
patch :DATA
## Insert this at the end of lastpass-cli.rb
__END__
diff --git a/pins.h b/pins.h
index 7455574..d07703b 100644
--- a/pins.h
+++ b/pins.h
@@ -19,5 +19,7 @@ const char *PK_PINS[] = {
"SQAWwwYXoceSd8VNbiyxspGXEjFndkklEO2XzLMts10=",
/* future lastpass.eu backup (leaf) */
"qr2VCNpUi0PK80PfRyF7lFBIEU1Gzz931k03hrD+xGQ=",
+ /* intermittent fix 2023-08-29 for lastpass.com key */
+ "YDjIAXSYj+mh+25FGifAiKN4oNOAj+as6gQv4naQG0M=",
};
#endif
HOMEBREW_NO_INSTALL_FROM_API=1 brew reinstall -s lastpass-cli
Unable to build on Ubuntu 20.04.3, maybe I'm missing something obvious?
/usr/bin/ld: CMakeFiles/lpass.dir/cmd-login.c.o:(.bss+0x0): multiple definition of `ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/cmd-login.c.o:(.bss+0x8): multiple definition of `ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/cmd-share.c.o:(.bss+0x0): multiple definition of `ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/cmd-share.c.o:(.bss+0x8): multiple definition of `ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/cmd.c.o:(.bss+0x0): multiple definition of `ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/cmd.c.o:(.bss+0x8): multiple definition of `ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/lpass.c.o:(.bss+0x0): multiple definition of `ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/lpass.c.o:(.bss+0x8): multiple definition of `ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/process.c.o:(.bss+0x0): multiple definition of `ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/process.c.o:(.bss+0x8): multiple definition of `ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/upload-queue.c.o:(.bss+0x0): multiple definition of `ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/upload-queue.c.o:(.bss+0x8): multiple definition of `ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/util.c.o:(.bss+0x0): multiple definition of `ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/util.c.o:(.bss+0x8): multiple definition of `ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
collect2: error: ld returned 1 exit status
make[3]: *** [CMakeFiles/lpass.dir/build.make:741: lpass] Error 1
make[3]: Leaving directory '/home/darmstrong/Projects/lastpass-cli/build'
make[2]: *** [CMakeFiles/Makefile2:88: CMakeFiles/lpass.dir/all] Error 2
make[2]: Leaving directory '/home/darmstrong/Projects/lastpass-cli/build'
make[1]: *** [Makefile:146: all] Error 2
make[1]: Leaving directory '/home/darmstrong/Projects/lastpass-cli/build'
make: *** [Makefile:8: all] Error 2
@gavinkingston, to make your build-from-source process work on Apple silicon, I had to override the binary in /opt/homebrew/bin/lpass
. A quick cross-platform tweak worked for me:
sudo mv ~/Downloads/lastpass-cli/usr/bin/lpass `which lpass`
Unable to build on Ubuntu 20.04.3, maybe I'm missing something obvious?
Try:
export CFLAGS="-fcommon"
make clean
make
@whatsupdox That was it, thank you!
You all are awesome :)
@gavinkingston tried your solution and I keep getting Segmentation fault: 11
when i run lpass login
- clone repo to local
- run this command in terminal to get the new key and add it to the pins.h file with the rest of them
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
brew install cmake
brew install pkg-config
- from the repo directory run
make
- from the repo directory run
sudo DESTDIR=~/Downloads/lastpass-cli/ make install
sudo mv ~/Downloads/lastpass-cli/usr/bin/lpass /usr/local/bin/lpass
For anyone who needs to script this patch (for example, if you have a docker container which builds lastpass cli, like my team does), here is a single line sed
command to append the change in a file:
export LASTPASS_SSH_REMOTE=`(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1`;sed -i "/\};/i \"$LASTPASS_SSH_REMOTE\"," /etc/lastpass-cli/pins.h
In our case the path we extract the source to is /etc/lastpass-cli
.
Steps to build, Fedora Linux:
git clone https://github.com/lastpass/lastpass-cli.git
cd lastpass-cli
# Copy the string that is outputted by this
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
# Paste the above string into pins.h into the "current lastpass.com primary (Thawte)" section, replacing the old one
vi pins.h
# Build, with appropriate flag
export CFLAGS="-fcommon"
make clean
make
# Test binary. Copy to where your old lpass binary lives if your login works.
./build/lpass login i-love-updating-certs@without-a-new-client-release.com
sudo cp build/lpass $(which lpass)
Steps to build, Fedora Linux:
git clone https://github.com/lastpass/lastpass-cli.git cd lastpass-cli # Copy the string that is outputted by this (echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1 # Paste the above string into pins.h into the "current lastpass.com primary (Thawte)" section, replacing the old one vi pins.h # Build, with appropriate flag export CFLAGS="-fcommon" make clean make # Test binary. Copy to where your old lpass binary lives if your login works. ./build/lpass login i-love-updating-certs@without-a-new-client-release.com sudo cp build/lpass $(which lpass)
This is a very nice solution and also working on macOS... However It looks to me as your are trusting/importing the public key of the new lastpass.com server certificate and not the new CA root certificate?
I think you should import the public key of the new GlobalSign ECC R5 CA root instead or else we will have the same issue next year when they renew the server certificate for lastpass.com again.
I've just tried to add the hash for the GlobalSign ECC R5 CA root to pins.h instead and it it working for me.
Regards, Jake
Please also open tickets via support so they are aware of the issue and this gets fixed.
I just got off the phone with support, extremely unhelpful they simply said "We don't support this" no explanation as to why or any other information.
I want to keep trusting them after the recent security breach, but breaking my workflows and refusing to have that fixed would be the final nail in the coffin. I'll wait the response for my ticket, but if I get the same one I'll be migrating to an alternative.
My organization has already moved to 1password. Regarding lastpass' supposed lack of support, they certainly have a lot of information on their support site about this unsupported utility.
Thanks to you smarter-than-me folks! Back to functioning.
@gavinkingston tried your solution and I keep getting
Segmentation fault: 11
when i runlpass login
- clone repo to local
- run this command in terminal to get the new key and add it to the pins.h file with the rest of them
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
brew install cmake
brew install pkg-config
- from the repo directory run
make
- from the repo directory run
sudo DESTDIR=~/Downloads/lastpass-cli/ make install
sudo mv ~/Downloads/lastpass-cli/usr/bin/lpass /usr/local/bin/lpass
I also got a segmentation fault (on an M1 mac). This comment fixed it for me: segfault on macOS Catalina
I opened a support case with LastPass as well.
v1.3.5 should be released soon with the certificate change. The change has been merged and there's PR recently merged named "Prepare for 1.3.5" which contains only this fix.
I've notified the Arch Linux package maintainer to ready to create a new release for that distribution once 1.3.5 is out.
@markstos Any insight into how HomeBrew will pick up the new release once it's made?
build instructions on a mac, you may need to run
brew install cmake
git clone https://github.com/lastpass/lastpass-cli.git cd lastpass-cli (echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1 # edit pins.h, prepend the results of the command above make mv build/lpass /usr/local/bin/lpass
For some reason I ran your command, but did not append it to pins.h
and it still worked...
For some reason I ran your command, but did not append it to
pins.h
and it still worked...
Source code has been updated, but a new release has not been published. Building from HEAD source is sufficient.
For macOS/homebrew users, until a new release is brewed, you can just
brew unlink lastpass-cli
brew install --head lastpass-cli
If anyone in Arch Linux is having this issue I thought I would leave these build instructions here to help.
sudo pacman -S base-devel
git clone https://github.com/lastpass/lastpass-cli.git
cd lastpass-cli
(echo | openssl s_client -servername lastpass.com -connect lastpass.com:443| openssl x509 -pubkey -noout | openssl pkey -pubin -outform der | openssl dgst -sha256 -binary | openssl enc -base64) 2>&1 | tail -1
# edit pins.h, prepend the results of the command above
export CFLAGS="-fcommon"
make
sudo make install
anyone know how to build this for linux (ubuntu 22.04) I am running into the following error.
[ 85%] Building C object CMakeFiles/lpass.dir/process.c.o
[ 88%] Building C object CMakeFiles/lpass.dir/session.c.o
[ 90%] Building C object CMakeFiles/lpass.dir/terminal.c.o
[ 92%] Building C object CMakeFiles/lpass.dir/upload-queue.c.o
[ 95%] Building C object CMakeFiles/lpass.dir/util.c.o
[ 97%] Building C object CMakeFiles/lpass.dir/xml.c.o
[100%] Linking C executable lpass
/usr/bin/ld: CMakeFiles/lpass.dir/cmd-login.c.o:(.bss+0x0): multiple definition of ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here /usr/bin/ld: CMakeFiles/lpass.dir/cmd-login.c.o:(.bss+0x8): multiple definition of
ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/cmd-share.c.o:(.bss+0x0): multiple definition of ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here /usr/bin/ld: CMakeFiles/lpass.dir/cmd-share.c.o:(.bss+0x8): multiple definition of
ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/cmd.c.o:(.bss+0x0): multiple definition of ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here /usr/bin/ld: CMakeFiles/lpass.dir/cmd.c.o:(.bss+0x8): multiple definition of
ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/lpass.c.o:(.bss+0x0): multiple definition of ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here /usr/bin/ld: CMakeFiles/lpass.dir/lpass.c.o:(.bss+0x8): multiple definition of
ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/process.c.o:(.bss+0x0): multiple definition of ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here /usr/bin/ld: CMakeFiles/lpass.dir/process.c.o:(.bss+0x8): multiple definition of
ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/upload-queue.c.o:(.bss+0x0): multiple definition of ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here /usr/bin/ld: CMakeFiles/lpass.dir/upload-queue.c.o:(.bss+0x8): multiple definition of
ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
/usr/bin/ld: CMakeFiles/lpass.dir/util.c.o:(.bss+0x0): multiple definition of ARGC'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x0): first defined here /usr/bin/ld: CMakeFiles/lpass.dir/util.c.o:(.bss+0x8): multiple definition of
ARGV'; CMakeFiles/lpass.dir/agent.c.o:(.bss+0x8): first defined here
collect2: error: ld returned 1 exit status
make[3]: *** [CMakeFiles/lpass.dir/build.make:741: lpass] Error 1
On ubuntu apt-get install pkg-config apt-get install libcurl4-openssl-dev apt-get install libxml2-dev make install
An updated build is pending on conda-forge
via https://github.com/conda-forge/staged-recipes/pull/23843
Once merged, the conda-forge
lastpass-cli builds for 1.3.3 will include the updated cert pin.
I created a simple python script to patch the current Ubuntu 22 version (and maybe others).
Save to a patch.py
python file, and run python3 patch.py $(which lpass)
to patch.
The script verifies the current version before patching.
import sys
import os
import hashlib
hashfile = lambda data: hashlib.sha1(data).hexdigest()
VERSIONS = [
# (name, input_sha1, output_sha1)
("1.3.3-4build1 (Ubuntu 22)", "b7a18df897cff95d52f6d3ec279c7b1d2caf798b", "e6cb221fca7f511eb91b1bb2fa6ea86347bf1fce"),
]
PATCHES = [
# current lastpass.com primary (leaf)
(b"0hkr5YW/WE6Nq5hNTcApxpuaiwlwy5HUFiOt3Qd9VBc=", b"YDjIAXSYj+mh+25FGifAiKN4oNOAj+as6gQv4naQG0M="),
# current lastpass.eu primary (leaf)
(b"8CzY4qWQKZjFDwHXTOIpsVfWkiVnrhQOJEM4Q2b2Ar4=", b"SjMnNhjAyVM5Yv6O5JaQgNygBTU0wdb8Jz3mfQfTc28="),
# GlobalSign ECC OV SSL CA 2018 intermediate CA
(b"SQAWwwYXoceSd8VNbiyxspGXEjFndkklEO2XzLMts10=", b"OD/WDbD3VsfMwwNzzy9MWd9JXppKB77Vb3ST2wn9meg="),
]
def main(filename):
orig_bin = open(filename, "rb").read()
current_hash = hashfile(orig_bin)
print("Detecting lpass version...")
expected_output_hash = None
for name, input_hash, output_hash in VERSIONS:
if input_hash == current_hash:
print("Detected version %s, with hash %s" % (name, input_hash,))
expected_output_hash = output_hash
break
else:
print("Unknown version with hash %s" % (current_hash,))
sys.exit(1)
print("Backing up original binary...")
open(filename + ".original.bak", "wb").write(orig_bin)
print("Creating patch...")
new_bin = orig_bin
for old_pk, new_pk in PATCHES:
new_bin = new_bin.replace(old_pk, new_pk)
print("Verifying patch...")
assert hashfile(new_bin) == expected_output_hash, \
"Patch verification failed, not patching"
open(filename + ".patched.bak", "wb").write(orig_bin)
print("Writing patch...")
open(filename, "wb").write(new_bin)
os.system("chmod +x %s" % (filename,))
print("Done!\n\n")
os.system("ls -l /usr/bin/lpass*")
os.system("sha1sum /usr/bin/lpass*")
if len(sys.argv) != 2:
print("Usage: patch.py LastPassBinaryPath")
sys.exit(1)
main(sys.argv[1])
@gavinkingston
anyone know how to build this for linux (ubuntu 22.04) I am running into the following error.
https://github.com/lastpass/lastpass-cli/issues/653#issuecomment-1697963674
@whatsupdox https://github.com/lastpass/lastpass-cli/issues/653#issuecomment-1700620331 I'm running 22.04 and this worked perfectly. Thanks @avshalomt2 made my day!
@nowakca See https://docs.brew.sh/How-To-Open-a-Homebrew-Pull-Request for how to open a pull request to notify the brew maintainers that their is a new release and for the formula should be updated.
v1.3.5 has been released by LastPass now. At this point, it's up OS packagers to package the new version.
https://github.com/lastpass/lastpass-cli/releases/tag/v1.3.5
Looks like the homebrew push went... Across my various test Macs which were in various phases of workarounds, the following was able to get them working again
brew update
brew unlink lastpass-cli
brew uninstall -f lastpass-cli
brew install lastpass-cli
I was able to login and access my vault.
Weirdly, even though homebrew's output showed 1.3.5, lpass --version
continues to show 1.3.4.GIT, even though it functions.
I haven't looked at what specfically the homebrew bit linked to, but something seems off. Though it still functioned. (just makes it hard to detect versions for update scripts)
I've opened a bug report for Fedora to bump their lastpass-cli
package 1.3.4 → 1.3.5.
Tracked for Ubuntu for a 1.3.5 bump at: https://bugs.launchpad.net/ubuntu/+source/lastpass-cli/+bug/2033664
Until the Arch Linux package is updated to 1.3.5, you can use the following steps to produce the same result on that OS.
cd
into that directory.makepkg --syncdeps
makepkg install
The result should be identical to what the official release would do once it is out.
pkgname=lastpass-cli
pkgver=1.3.5
pkgrel=1
pkgdesc="LastPass command line interface tool"
arch=('x86_64')
url="https://lastpass.com/"
license=('GPL2')
depends=('openssl' 'curl' 'libxml2')
makedepends=('asciidoc' 'cmake' 'bash-completion')
optdepends=('xclip: clipboard support'
'pinentry: securely read passwords')
source=("https://github.com/lastpass/lastpass-cli/archive/v$pkgver/$pkgname-$pkgver.tar.gz")
sha256sums=('2681d6305b39f610aa4e93017e43b78a5a2a9408b0c9798a9ea7ee8f2e2878c4')
build() {
cd "$srcdir"/$pkgname-$pkgver
CFLAGS+=' -fcommon' # https://wiki.gentoo.org/wiki/Gcc_10_porting_notes/fno_common
cmake . -DCMAKE_INSTALL_PREFIX="/usr"
make
}
package() {
cd "$srcdir"/$pkgname-$pkgver
make DESTDIR="$pkgdir" install install-doc
install -Dm0644 contrib/lpass_zsh_completion "$pkgdir"/usr/share/zsh/site-functions/_lpass
install -Dm0644 contrib/completions-lpass.fish "$pkgdir"/usr/share/fish/vendor_completions.d/lpass.fish
}
# vim:set ts=2 sw=2 et:
When running
lpass login john@doe.com
, I get Error: SSL peer certificate or SSH remote key was not OK.It appears the SSL certificate was updated earlier today, could this be related?