Password stdin #271
Password stdin #271
Conversation
cli/command/registry/login.go
Outdated
| fmt.Fprintf(dockerCli.Err(), "Using --password via the CLI is insecure. Use --password-stdin\n") | ||
| if opts.passwordStdin { | ||
| return errors.Errorf("--password and --password-stdin are mutually exclusive") | ||
| } |
There was a problem hiding this comment.
I wonder if it would make sense to use -p - to mean stdin. Usually - is only for files, but maybe it would be ok to use that convention here as well.
There was a problem hiding this comment.
It would break everyone whose password was "-", so it seems better not to.
There was a problem hiding this comment.
Hopefully - is not an acceptable password on any registries, and they all require at least a few more characters..
cli/command/registry/login.go
Outdated
| if opts.passwordStdin { | ||
| if opts.user == "" { | ||
| return errors.Errorf("Must provide --username with --password-stdin") | ||
| } |
There was a problem hiding this comment.
This doesn't seem to be a requirement for --password, why is it necessary for password-stdin ?
There was a problem hiding this comment.
If you don't supply a username via --username, it asks via stdin, which then may eat parts of your password, depending on what characters it has in it (e.g. \n). Seems better to just disallow it to prevent confusion to me.
Codecov Report
@@ Coverage Diff @@
## master #271 +/- ##
=======================================
Coverage 48.68% 48.68%
=======================================
Files 186 186
Lines 12416 12416
=======================================
Hits 6045 6045
Misses 5996 5996
Partials 375 375 |
cli/command/registry/login.go
Outdated
| return err | ||
| } | ||
|
|
||
| if contents[len(contents)-1] == '\n' { |
There was a problem hiding this comment.
We should still check that contents != "" before doing that.
There was a problem hiding this comment.
Also on Windows we have CRLF so we should test "\r\n" when running on windows.
Do we have helper functions for this @thaJeztah @vdemeester ?
There was a problem hiding this comment.
Good point. in fact, we should probably just use the stdlib to do all of this. Fixed, thanks!
cli/command/registry/login.go
Outdated
| } | ||
|
|
||
| if contents[len(contents)-1] == '\n' { | ||
| opts.password = string(contents[:len(contents)-1]) |
There was a problem hiding this comment.
same here for the CRLF, make sure we don't include the '\r'
cli/command/registry/login.go
Outdated
| } | ||
|
|
||
| opts.password = strings.TrimSuffix(string(contents), "\n") | ||
| if runtime.GOOS == "windows" { |
There was a problem hiding this comment.
Any reason to limit this to Windows? The password could end up with a CR if it's piped from a file with DOS line endings, or pasted from a weird source. I don't think it will matter much in practice, but applying the same trimming on both platforms would be a slight simplification.
|
Ping. Any movement on this? |
|
LGTM! |
|
/cc @vdemeester |
cli/command/registry/login.go
Outdated
| @@ -47,6 +51,27 @@ func runLogin(dockerCli command.Cli, opts loginOptions) error { | |||
| ctx := context.Background() | |||
| clnt := dockerCli.Client() | |||
|
|
|||
| if opts.password != "" { | |||
| fmt.Fprintln(dockerCli.Err(), "WARNING! Using --password via the CLI is insecure. Use --password-stdin") | |||
There was a problem hiding this comment.
Should there be a period at the end of this? If Using --password via the CLI is insecure is formatted as a sentence, I think Use --password-stdin should be as well.
cli/command/registry/login.go
Outdated
| if opts.password != "" { | ||
| fmt.Fprintln(dockerCli.Err(), "WARNING! Using --password via the CLI is insecure. Use --password-stdin") | ||
| if opts.passwordStdin { | ||
| return errors.Errorf("--password and --password-stdin are mutually exclusive") |
There was a problem hiding this comment.
errors.New
And I'm wondering if there's a way to phrase this that's more friendly to people who don't speak english as a first language, but I don't have any good ideas right now.
There was a problem hiding this comment.
Sure, I've left it as is now and fixed everything else. If someone has a better idea, let me know and I'll change it.
cli/command/registry/login.go
Outdated
|
|
||
| if opts.passwordStdin { | ||
| if opts.user == "" { | ||
| return errors.Errorf("Must provide --username with --password-stdin") |
This: * conflicts with --password (naturally) * conflicts with the absence of --username (both can't be grabbed by the stdin) * strips a trailing newline off the password if it exists Signed-off-by: Tycho Andersen <tycho@tycho.ws>
|
LGTM |
There was a problem hiding this comment.
LGTM --password-stdin is a bit verbose, but don't have a better solution (perhaps a -i shortcut)?
We probably want this in 17.07, so I'm ok merging as-is, but we also need;
- changes to the completion scripts https://github.com/docker/cli/tree/master/contrib/completion
- update to the documentation (https://github.com/docker/cli/blob/master/docs/reference/commandline/login.md)
- update to the man-page (https://github.com/docker/cli/blob/master/man/src/login.md)
|
Sure, I can work up docs patches, feel free to merge. |
Add a --password-stdin argument to the login command, and update the warning message from #270 to tell people about it.