[pve-devel] [PATCH access-control 2/2] replace read_password with param_mapping
Dominik Csapak
d.csapak at proxmox.com
Tue Jun 12 12:33:49 CEST 2018
during this change, replace Term::ReadLine with PVE::PTY
we use this to only ask for the password once on
'pveum ticket'
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
PVE/CLI/pveum.pm | 30 ++++++++++++++++++++----------
debian/control | 1 -
test/auth-test.pl | 12 ++----------
3 files changed, 22 insertions(+), 21 deletions(-)
diff --git a/PVE/CLI/pveum.pm b/PVE/CLI/pveum.pm
index dbc3034..511cc83 100755
--- a/PVE/CLI/pveum.pm
+++ b/PVE/CLI/pveum.pm
@@ -8,7 +8,6 @@ use PVE::Cluster;
use PVE::SafeSyslog;
use PVE::AccessControl;
use File::Path qw(make_path remove_tree);
-use Term::ReadLine;
use PVE::INotify;
use PVE::RPCEnvironment;
use PVE::API2::User;
@@ -18,6 +17,7 @@ use PVE::API2::ACL;
use PVE::API2::AccessControl;
use PVE::JSONSchema qw(get_standard_option);
use PVE::CLIHandler;
+use PVE::PTY;
use base qw(PVE::CLIHandler);
@@ -25,16 +25,26 @@ sub setup_environment {
PVE::RPCEnvironment->setup_default_cli_env();
}
-sub read_password {
- # return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});
+sub param_mapping {
+ my ($name) = @_;
- my $term = new Term::ReadLine ('pveum');
- my $attribs = $term->Attribs;
- $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
- my $input = $term->readline('Enter new password: ');
- my $conf = $term->readline('Retype new password: ');
- die "Passwords do not match.\n" if ($input ne $conf);
- return $input;
+ my $mapping = {
+ 'change_password' => [
+ ['password', sub {
+ my ($value) = @_;
+ return $value if $value;
+ return PVE::PTY::get_confirmed_password();
+ }, '<password>', 1]
+ ],
+ 'create_ticket' => [
+ ['password', sub {
+ # do not accept values given on cmdline
+ return PVE::PTY::read_password('Enter password: ');
+ }, '<password>', 1]
+ ]
+ };
+
+ return $mapping->{$name};
}
our $cmddef = {
diff --git a/debian/control b/debian/control
index 07243f7..0f4d49b 100644
--- a/debian/control
+++ b/debian/control
@@ -22,7 +22,6 @@ Depends: libauthen-pam-perl,
libnet-ldap-perl,
libnet-ssleay-perl,
libpve-common-perl,
- libterm-readline-gnu-perl,
liburi-perl,
libwww-perl,
perl (>= 5.6.0-16),
diff --git a/test/auth-test.pl b/test/auth-test.pl
index 50a7f89..60429a9 100644
--- a/test/auth-test.pl
+++ b/test/auth-test.pl
@@ -1,21 +1,13 @@
#!/usr/bin/perl -w
use strict;
-use Term::ReadLine;
+use PVE::PTY;
use PVE::AccessControl;
my $username = shift;
die "Username missing" if !$username;
-sub read_password {
- my $term = new Term::ReadLine ('pveum');
- my $attribs = $term->Attribs;
- $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
- my $input = $term->readline('password: ');
- return $input;
-}
-
-my $password = read_password();
+my $password = PVE::PTY::read_password('password: ');
PVE::AccessControl::authenticate_user($username,$password);
print "Authentication Successful!!\n";
--
2.11.0
More information about the pve-devel
mailing list