Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Password stdin #271

Merged
merged 1 commit into from
Jul 13, 2017
Merged

Password stdin #271

merged 1 commit into from
Jul 13, 2017

Conversation

tych0
Copy link
Contributor

@tych0 tych0 commented Jun 29, 2017

Add a --password-stdin argument to the login command, and update the warning message from #270 to tell people about it.

fmt.Fprintf(dockerCli.Err(), "Using --password via the CLI is insecure. Use --password-stdin\n")
if opts.passwordStdin {
return errors.Errorf("--password and --password-stdin are mutually exclusive")
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if it would make sense to use -p - to mean stdin. Usually - is only for files, but maybe it would be ok to use that convention here as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would break everyone whose password was "-", so it seems better not to.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hopefully - is not an acceptable password on any registries, and they all require at least a few more characters..

if opts.passwordStdin {
if opts.user == "" {
return errors.Errorf("Must provide --username with --password-stdin")
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This doesn't seem to be a requirement for --password, why is it necessary for password-stdin ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you don't supply a username via --username, it asks via stdin, which then may eat parts of your password, depending on what characters it has in it (e.g. \n). Seems better to just disallow it to prevent confusion to me.

@codecov-io
Copy link

codecov-io commented Jul 3, 2017

Codecov Report

Merging #271 into master will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #271   +/-   ##
=======================================
  Coverage   48.68%   48.68%           
=======================================
  Files         186      186           
  Lines       12416    12416           
=======================================
  Hits         6045     6045           
  Misses       5996     5996           
  Partials      375      375

return err
}

if contents[len(contents)-1] == '\n' {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should still check that contents != "" before doing that.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also on Windows we have CRLF so we should test "\r\n" when running on windows.

Do we have helper functions for this @thaJeztah @vdemeester ?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point. in fact, we should probably just use the stdlib to do all of this. Fixed, thanks!

}

if contents[len(contents)-1] == '\n' {
opts.password = string(contents[:len(contents)-1])
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here for the CRLF, make sure we don't include the '\r'

}

opts.password = strings.TrimSuffix(string(contents), "\n")
if runtime.GOOS == "windows" {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason to limit this to Windows? The password could end up with a CR if it's piped from a file with DOS line endings, or pasted from a weird source. I don't think it will matter much in practice, but applying the same trimming on both platforms would be a slight simplification.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done, thanks.

@tych0
Copy link
Contributor Author

tych0 commented Jul 11, 2017

Ping. Any movement on this?

@n4ss
Copy link
Contributor

n4ss commented Jul 11, 2017

LGTM!

@n4ss
Copy link
Contributor

n4ss commented Jul 11, 2017

/cc @vdemeester

Copy link
Collaborator

@vdemeester vdemeester left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Design LGTM 👼

@@ -47,6 +51,27 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error {
ctx := context.Background()
clnt := dockerCli.Client()

if opts.password != "" {
fmt.Fprintln(dockerCli.Err(), "WARNING! Using --password via the CLI is insecure. Use --password-stdin")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should there be a period at the end of this? If Using --password via the CLI is insecure is formatted as a sentence, I think Use --password-stdin should be as well.

if opts.password != "" {
fmt.Fprintln(dockerCli.Err(), "WARNING! Using --password via the CLI is insecure. Use --password-stdin")
if opts.passwordStdin {
return errors.Errorf("--password and --password-stdin are mutually exclusive")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

errors.New

And I'm wondering if there's a way to phrase this that's more friendly to people who don't speak english as a first language, but I don't have any good ideas right now.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, I've left it as is now and fixed everything else. If someone has a better idea, let me know and I'll change it.


if opts.passwordStdin {
if opts.user == "" {
return errors.Errorf("Must provide --username with --password-stdin")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

errors.New.

This:

* conflicts with --password (naturally)
* conflicts with the absence of --username (both can't be grabbed by the
  stdin)
* strips a trailing newline off the password if it exists

Signed-off-by: Tycho Andersen <[email protected]>
@aaronlehmann
Copy link
Contributor

LGTM

Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM --password-stdin is a bit verbose, but don't have a better solution (perhaps a -i shortcut)?

We probably want this in 17.07, so I'm ok merging as-is, but we also need;

@tych0
Copy link
Contributor Author

tych0 commented Jul 13, 2017

Sure, I can work up docs patches, feel free to merge.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants