From cd7186c5a6caa94d43903341398edd26e33250af Mon Sep 17 00:00:00 2001 From: Duncan Mac-Vicar P Date: Thu, 15 Oct 2009 16:52:01 +0200 Subject: [PATCH] - pass http/ftp/proxy credentials in a temporary file instead of the command line, which is logged. --- zypp/media/MediaAria2c.cc | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-) diff --git a/zypp/media/MediaAria2c.cc b/zypp/media/MediaAria2c.cc index 0118cca..7a6b150 100644 --- a/zypp/media/MediaAria2c.cc +++ b/zypp/media/MediaAria2c.cc @@ -13,7 +13,7 @@ #include #include #include - +#include #include #include "zypp/base/Logger.h" @@ -30,6 +30,8 @@ #include "zypp/ZYppFactory.h" #include "zypp/ZConfig.h" +#include "zypp/TmpPath.h" + #include "zypp/media/MediaAria2c.h" #include "zypp/media/proxyinfo/ProxyInfos.h" #include "zypp/media/ProxyInfo.h" @@ -84,10 +86,17 @@ MediaAria2c::existsAria2cmd() */ void fillAriaCmdLine( const string &ariaver, const TransferSettings &s, + filesystem::TmpPath &credentials, const Url &url, const Pathname &destination, ExternalProgram::Arguments &args ) { + + // options that are not passed in the command line + // like credentials, every string is in the + // opt=val format + list file_options; + args.push_back(ARIA_BINARY); args.push_back(str::form("--user-agent=%s", s.userAgentString().c_str())); args.push_back("--summary-interval=1"); @@ -148,18 +157,18 @@ void fillAriaCmdLine( const string &ariaver, else { if ( url.getScheme() == "ftp" ) - args.push_back(str::form("--ftp-user=%s", s.username().c_str() )); + file_options.push_back(str::form("ftp-user=%s", s.username().c_str() )); else if ( url.getScheme() == "http" || url.getScheme() == "https" ) - args.push_back(str::form("--http-user=%s", s.username().c_str() )); + file_options.push_back(str::form("http-user=%s", s.username().c_str() )); if ( s.password().size() ) { if ( url.getScheme() == "ftp" ) - args.push_back(str::form("--ftp-passwd=%s", s.password().c_str() )); + file_options.push_back(str::form("ftp-passwd=%s", s.password().c_str() )); else if ( url.getScheme() == "http" || url.getScheme() == "https" ) - args.push_back(str::form("--http-passwd=%s", s.password().c_str() )); + file_options.push_back(str::form("http-passwd=%s", s.password().c_str() )); } } @@ -168,15 +177,28 @@ void fillAriaCmdLine( const string &ariaver, args.push_back(str::form("--http-proxy=%s", s.proxy().c_str() )); if ( ! s.proxyUsername().empty() ) { - args.push_back(str::form("--http-proxy-user=%s", s.proxyUsername().c_str() )); + file_options.push_back(str::form("http-proxy-user=%s", s.proxyUsername().c_str() )); if ( ! s.proxyPassword().empty() ) - args.push_back(str::form("--http-proxy-passwd=%s", s.proxyPassword().c_str() )); + file_options.push_back(str::form("http-proxy-passwd=%s", s.proxyPassword().c_str() )); } } if ( ! destination.empty() ) args.push_back(str::form("--dir=%s", destination.c_str())); + // now append the file if there are hidden options + if ( ! file_options.empty() ) + { + filesystem::TmpFile tmp; + ofstream outs( tmp.path().c_str() ); + for_( it, file_options.begin(), file_options.end() ) + outs << *it << endl; + outs.close(); + + credentials = tmp; + args.push_back(str::form("--conf-path=%s", credentials.path().c_str())); + } + args.push_back(url.asString().c_str()); } @@ -277,7 +299,8 @@ void MediaAria2c::getFileCopy( const Pathname & filename , const Pathname & targ ExternalProgram::Arguments args; - fillAriaCmdLine(_aria2cVersion, _settings, fileurl, target.dirname(), args); + filesystem::TmpPath credentials; + fillAriaCmdLine(_aria2cVersion, _settings, credentials, fileurl, target.dirname(), args); do { -- 2.7.4