From: Philipp Gesang Date: Thu, 18 May 2017 11:44:07 +0000 (+0200) Subject: grab password from envp if not supplied on CLI X-Git-Tag: v2.2~7^2~109 X-Git-Url: http://developer.intra2net.com/git/?a=commitdiff_plain;h=ecb9676d0d0e29ae2888936a6a129f287c4ec123;p=python-delta-tar grab password from envp if not supplied on CLI In order to avoid the password showing up in full in the process table, pass it in the environment instead. Uses the environment variable PDTCRYPT_PASSWORD with both crypto.py and backup.py. --- diff --git a/backup.py b/backup.py index dc756fb..3ad0c88 100644 --- a/backup.py +++ b/backup.py @@ -85,8 +85,12 @@ if __name__ == "__main__": """) parser.add_argument("-t", "--targetpath", help="Target path directory.") parser.add_argument("-s", "--sourcepath", help="Source path directory.") - parser.add_argument("-p", "--password", default=None, - help="Password for symmetric encryption.") + epw = os.getenv ("PDTCRYPT_PASSWORD") + parser.add_argument("-p", "--password", + default=epw.strip () if epw is not None else None, + help="Password for symmetric encryption. " + "The environment variable PDTCRYPT_PASSWORD should " + "be preferred to this.") parser.add_argument("-v", "--volsize", default=None, help="Maximum volume size, in megabytes.") parser.add_argument("-r", "--restore", action='store_true', diff --git a/deltatar/crypto.py b/deltatar/crypto.py index f0af890..429cdbe 100755 --- a/deltatar/crypto.py +++ b/deltatar/crypto.py @@ -1590,6 +1590,13 @@ def parse_argv (argv): raise Unreachable if pw is None: + if PDTCRYPT_VERBOSE is True: + noise ("ERROR: no password specified, trying $PDTCRYPT_PASSWORD") + epw = os.getenv ("PDTCRYPT_PASSWORD") + if epw is not None: + pw = epw.strip () + + if pw is None: if subcommand == PDTCRYPT_SUB_SCRYPT: noise ("ERROR: scrypt hash mode requested but no password given") noise ("")