Blob Blame History Raw
From 5b7d6f911920043671ef8aa0a9e559bfb6f3a3c8 Mon Sep 17 00:00:00 2001
From: Jakub Filak <jfilak@redhat.com>
Date: Tue, 30 Sep 2014 01:46:07 +0200
Subject: [LIBREPORT PATCH 90/93] upload: read credentials from environment
 variables

We use environment variables for the per-user-configuration.

Adding new configuration options to the configuration file for
credentials doesn't make sense because the credentials can be part of
the URL (everything is plain text in the configuration file). But it
does make sense to add a support for environment variables which are
used to propagate the configuration from the GUI where the URL field is
plain text but the password field cannot be read.

Related to rhbz#1066486

Signed-off-by: Jakub Filak <jfilak@redhat.com>

Conflicts:
	doc/reporter-upload.txt
---
 doc/reporter-upload.txt            |  5 +++++
 src/plugins/report_Uploader.xml.in | 10 ++++++++++
 src/plugins/reporter-upload.c      | 24 +++++++++++++++++++++++-
 3 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/doc/reporter-upload.txt b/doc/reporter-upload.txt
index 8df7ea2..e813c58 100644
--- a/doc/reporter-upload.txt
+++ b/doc/reporter-upload.txt
@@ -68,6 +68,11 @@ the configuration file.
 'Upload_URL'::
    The URL where should be the tarball uploaded.
 
+'Upload_Username'::
+   User name for the upload URL
+
+'Upload_Password'::
+   Password for the upload URL
 
 SEE ALSO
 --------
diff --git a/src/plugins/report_Uploader.xml.in b/src/plugins/report_Uploader.xml.in
index df01e21..a136aad 100644
--- a/src/plugins/report_Uploader.xml.in
+++ b/src/plugins/report_Uploader.xml.in
@@ -19,6 +19,16 @@
             <_note-html>Examples:&#xA;ftp://[user[:pass]@]host/dir/[file.tar.gz]&#xA;scp://[user[:pass]@]host/dir/[file.tar.gz]&#xA;file:///dir/[file.tar.gz]</_note-html>
             <default-value></default-value>
         </option>
+        <option type="text" name="Upload_Username">
+            <_label>User name</_label>
+            <allow-empty>no</allow-empty>
+            <_description>Use this field if you do not want to have user name in URL</_description>
+        </option>
+        <option type="password" name="Upload_Password">
+            <_label>Password</_label>
+            <allow-empty>no</allow-empty>
+            <_description>Use this field if you do not want to have password in URL</_description>
+        </option>
         <advanced-options>
             <option type="text" name="http_proxy">
                 <_label>HTTP Proxy</_label>
diff --git a/src/plugins/reporter-upload.c b/src/plugins/reporter-upload.c
index 7783557..f934953 100644
--- a/src/plugins/reporter-upload.c
+++ b/src/plugins/reporter-upload.c
@@ -148,9 +148,31 @@ static int create_and_upload_archive(
     /* Upload from /tmp to /tmp + deletion -> BAD, exclude this possibility */
     if (url && url[0] && strcmp(url, "file://"LARGE_DATA_TMP_DIR"/") != 0)
     {
-        char *remote_name = upload_file(url, tempfile);
+        post_state_t *state = new_post_state(POST_WANT_ERROR_MSG);
+        state->username = getenv("Upload_Username");
+        char *password_inp = NULL;
+        if (state->username != NULL && state->username[0] != '\0')
+        {
+            /* Load Password only if Username is configured, it doesn't make */
+            /* much sense to load Password without Username. */
+            state->password = getenv("Upload_Password");
+            if (state->password == NULL && state->password[0] == '\0')
+            {
+                /* Be permissive and nice, ask only once and don't check */
+                /* the result. User can dismiss this prompt but the upload */
+                /* may work somehow??? */
+                char *msg = xasprintf(_("Please enter password for uploading:"), state->username);
+                state->password = password_inp = ask_password(msg);
+                free(msg);
+            }
+        }
+
+        char *remote_name = upload_file_ext(state, url, tempfile, UPLOAD_FILE_HANDLE_ACCESS_DENIALS);
+
         result = (remote_name == NULL); /* error if NULL */
         free(remote_name);
+        free(password_inp);
+        free_post_state(state);
         /* cleanup code will delete tempfile */
     }
     else
-- 
1.8.3.1