Added support for entering passwords interactively.

2025-12-22 05:40:11 +01:00 · 2021-12-07 11:38:14 +01:00 · 2021-12-07 11:38:14 +01:00 · 19b4f1dfb2
commit 19b4f1dfb2
parent 9fb23892b6
3 changed files with 56 additions and 19 deletions
--- a/cmd/csaf_uploader/main.go
+++ b/cmd/csaf_uploader/main.go
@ -1,20 +1,24 @@
 package main

 import (
+	"fmt"
 	"log"
 	"os"

 	"github.com/jessevdk/go-flags"
 	"github.com/mitchellh/go-homedir"
+	"golang.org/x/crypto/ssh/terminal"
 )

 type options struct {
 	URL                   string  `short:"u" long:"url" description:"URL of the CSAF provider" default:"https://localhost/cgi-bin/csaf_provider.go" value-name:"URL"`
-	Password   *string `short:"P" long:"password" description:"Authentication password for accessing the CSAF provider" value-name:"PASSWORD"`
+	Password              *string `short:"p" long:"password" description:"Authentication password for accessing the CSAF provider" value-name:"PASSWORD"`
 	Key                   *string `short:"k" long:"key" description:"OpenPGP key to sign the CSAF files" value-name:"KEY-FILE"`
-	Passphrase *string `short:"p" long:"passphrase" description:"Passphrase to unlock the OpenPGP key" value-name:"PASSPHRASE"`
+	Passphrase            *string `short:"P" long:"passphrase" description:"Passphrase to unlock the OpenPGP key" value-name:"PASSPHRASE"`
 	Action                string  `short:"a" long:"action" choice:"upload" choice:"create" default:"upload" description:"Action to perform"`
 	Config                *string `short:"c" long:"config" description:"Path to config ini file" value-name:"INI-FILE"`
+	PasswordInteractive   bool    `short:"i" long:"password-interactive" description:"Enter password interactively" no-ini:"true"`
+	PassphraseInteractive bool    `short:"I" long:"passphrase-interacive" description:"Enter passphrase interactively" no-ini:"true"`
 }

 var iniPaths = []string{
@ -37,35 +41,50 @@ func findIniFile() string {
 	return ""
 }

-func main() {
-	var opts options
+func readInteractive(prompt string, pw **string) error {
+	fmt.Print(prompt)
+	p, err := terminal.ReadPassword(int(os.Stdin.Fd()))
+	if err != nil {
+		return err
+	}
+	ps := string(p)
+	*pw = &ps
+	return nil
+}

-	parser := flags.NewParser(&opts, flags.Default)
+func check(err error) {
+	if err != nil {
+		log.Fatalf("error: %v\n", err)
+	}
+}

-	args, err := parser.Parse()
+func checkParser(err error) {
 	if err != nil {
 		if e, ok := err.(*flags.Error); ok && e.Type == flags.ErrHelp {
 			os.Exit(0)
 		}
 		os.Exit(1)
 	}
+}
+
+func main() {
+	var opts options
+
+	parser := flags.NewParser(&opts, flags.Default)
+
+	args, err := parser.Parse()
+	checkParser(err)

 	if opts.Config != nil {
 		iniParser := flags.NewIniParser(parser)
 		iniParser.ParseAsDefaults = true
 		name, err := homedir.Expand(*opts.Config)
-		if err != nil {
-			log.Fatalf("error: %v\n", err)
-		}
-		if err := iniParser.ParseFile(name); err != nil {
-			os.Exit(1)
-		}
+		check(err)
+		checkParser(iniParser.ParseFile(name))
 	} else if iniFile := findIniFile(); iniFile != "" {
 		iniParser := flags.NewIniParser(parser)
 		iniParser.ParseAsDefaults = true
-		if err := iniParser.ParseFile(iniFile); err != nil {
-			os.Exit(1)
-		}
+		checkParser(iniParser.ParseFile(iniFile))
 	}

 	if opts.Key != nil {
@ -75,6 +94,22 @@ func main() {
 	log.Printf("url: %s\n", opts.URL)
 	log.Printf("action: %s\n", opts.Action)

+	if opts.PasswordInteractive {
+		check(readInteractive("Enter auth password: ", &opts.Password))
+	}
+
+	if opts.PassphraseInteractive {
+		check(readInteractive("Enter OpenPGP passphrase: ", &opts.Passphrase))
+	}
+
+	if opts.Password != nil {
+		log.Printf("password: '%s'\n", *opts.Password)
+	}
+
+	if opts.Passphrase != nil {
+		log.Printf("passphrase: '%s'\n", *opts.Passphrase)
+	}
+
 	for _, arg := range args {
 		log.Printf("arg: %s\n", arg)
 	}
--- a/go.mod
+++ b/go.mod
@ -20,5 +20,6 @@ require (
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/sirupsen/logrus v1.4.2 // indirect
 	golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect
+	golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 // indirect
 	golang.org/x/text v0.3.6 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -63,6 +63,7 @@ golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 h1:SrN+KX8Art/Sf4HNj6Zcz06G7VEz+7w9tdXTPOZ7+l4=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=