Blob Blame History Raw
From 89ab50eb404664ac3522294f2f46a1c904a28abd Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones@redhat.com>
Date: Mon, 1 Jun 2020 17:35:58 +0100
Subject: [PATCH] v2v: nbdkit: Don't use password=- parameter (RHBZ#1842440).

This was broken with all nbdkit plugins, some in more ways than others.

Because we start nbdkit in the background and wait 30 seconds for it
to start running, the user had only 30 seconds to type in a password
before we timed out the process.  In addition with the VDDK plugin
password=- had been broken ever since we changed the plugin to use a
reexec
(https://www.redhat.com/archives/libguestfs/2020-June/msg00012.html).

The solution is to read the password ourselves and pass it to nbdkit
as a private file.

(cherry picked from commit 16b551c77c88219a2f68e2fc37daf2dc4d88e4ed)
---
 v2v/nbdkit_sources.ml | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/v2v/nbdkit_sources.ml b/v2v/nbdkit_sources.ml
index 47832011..f5e91911 100644
--- a/v2v/nbdkit_sources.ml
+++ b/v2v/nbdkit_sources.ml
@@ -142,7 +142,26 @@ let common_create ?bandwidth ?extra_debug ?extra_env password
     match password with
     | NoPassword -> cmd
     | AskForPassword ->
-       Nbdkit.add_arg cmd "password" "-"
+       (* Because we will start nbdkit in the background and then wait
+        * for 30 seconds for it to start up, we cannot use the
+        * password=- feature of nbdkit to read the password
+        * interactively (since in the words of the movie the user has
+        * only "30 seconds to comply").  In any case this feature broke
+        * in the VDDK plugin in nbdkit 1.18 and 1.20.  So in the
+        * AskForPassword case we read the password here.
+        *)
+       printf "password: ";
+       let open Unix in
+       let orig = tcgetattr stdin in
+       let tios = { orig with c_echo = false } in
+       tcsetattr stdin TCSAFLUSH tios; (* Disable echo. *)
+       let password = read_line () in
+       tcsetattr stdin TCSAFLUSH orig; (* Restore echo. *)
+       printf "\n";
+       let password_file = Filename.temp_file "v2vnbdkit" ".txt" in
+       unlink_on_exit password_file;
+       with_open_out password_file (fun chan -> output_string chan password);
+       Nbdkit.add_arg cmd "password" ("+" ^ password_file)
     | PasswordFile password_file ->
        Nbdkit.add_arg cmd "password" ("+" ^ password_file) in
 
-- 
2.18.4