[pve-devel] [PATCH access-control 2/2] replace read_password with param_mapping

Dominik Csapak d.csapak at proxmox.com
Tue Jun 12 12:33:49 CEST 2018


during this change, replace Term::ReadLine with PVE::PTY
we use this to only ask for the password once on
'pveum ticket'

Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
 PVE/CLI/pveum.pm  | 30 ++++++++++++++++++++----------
 debian/control    |  1 -
 test/auth-test.pl | 12 ++----------
 3 files changed, 22 insertions(+), 21 deletions(-)

diff --git a/PVE/CLI/pveum.pm b/PVE/CLI/pveum.pm
index dbc3034..511cc83 100755
--- a/PVE/CLI/pveum.pm
+++ b/PVE/CLI/pveum.pm
@@ -8,7 +8,6 @@ use PVE::Cluster;
 use PVE::SafeSyslog;
 use PVE::AccessControl;
 use File::Path qw(make_path remove_tree);
-use Term::ReadLine;
 use PVE::INotify;
 use PVE::RPCEnvironment;
 use PVE::API2::User;
@@ -18,6 +17,7 @@ use PVE::API2::ACL;
 use PVE::API2::AccessControl;
 use PVE::JSONSchema qw(get_standard_option);
 use PVE::CLIHandler;
+use PVE::PTY;
 
 use base qw(PVE::CLIHandler);
 
@@ -25,16 +25,26 @@ sub setup_environment {
     PVE::RPCEnvironment->setup_default_cli_env();
 }
 
-sub read_password {
-    # return $ENV{PVE_PW_TICKET} if defined($ENV{PVE_PW_TICKET});
+sub param_mapping {
+    my ($name) = @_;
 
-    my $term = new Term::ReadLine ('pveum');
-    my $attribs = $term->Attribs;
-    $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
-    my $input = $term->readline('Enter new password: ');
-    my $conf = $term->readline('Retype new password: ');
-    die "Passwords do not match.\n" if ($input ne $conf);
-    return $input;
+    my $mapping = {
+	'change_password' => [
+	    ['password', sub {
+		my ($value) = @_;
+		return $value if $value;
+		return PVE::PTY::get_confirmed_password();
+	    }, '<password>', 1]
+	],
+	'create_ticket' => [
+	    ['password', sub {
+		# do not accept values given on cmdline
+		return PVE::PTY::read_password('Enter password: ');
+	    }, '<password>', 1]
+	]
+    };
+
+    return $mapping->{$name};
 }
 
 our $cmddef = {
diff --git a/debian/control b/debian/control
index 07243f7..0f4d49b 100644
--- a/debian/control
+++ b/debian/control
@@ -22,7 +22,6 @@ Depends: libauthen-pam-perl,
          libnet-ldap-perl,
          libnet-ssleay-perl,
          libpve-common-perl,
-         libterm-readline-gnu-perl,
          liburi-perl,
          libwww-perl,
          perl (>= 5.6.0-16),
diff --git a/test/auth-test.pl b/test/auth-test.pl
index 50a7f89..60429a9 100644
--- a/test/auth-test.pl
+++ b/test/auth-test.pl
@@ -1,21 +1,13 @@
 #!/usr/bin/perl -w
 
 use strict;
-use Term::ReadLine;
+use PVE::PTY;
 use PVE::AccessControl;
 
 my $username = shift;
 die "Username missing" if !$username;
-sub read_password {
 
-    my $term = new Term::ReadLine ('pveum');
-    my $attribs = $term->Attribs;
-    $attribs->{redisplay_function} = $attribs->{shadow_redisplay};
-    my $input = $term->readline('password: ');
-    return $input;
-}
-
-my $password = read_password();
+my $password = PVE::PTY::read_password('password: ');
 PVE::AccessControl::authenticate_user($username,$password);
 
 print "Authentication Successful!!\n";
-- 
2.11.0




More information about the pve-devel mailing list