From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 5F3B566265 for ; Thu, 5 Nov 2020 12:13:16 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 54210173C4 for ; Thu, 5 Nov 2020 12:12:46 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [212.186.127.180]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS id A63BB173BA for ; Thu, 5 Nov 2020 12:12:45 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 6E8A045A58 for ; Thu, 5 Nov 2020 12:12:45 +0100 (CET) From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= To: pbs-devel@lists.proxmox.com Date: Thu, 5 Nov 2020 12:12:26 +0100 Message-Id: <20201105111226.4105475-6-f.gruenbichler@proxmox.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20201105111226.4105475-1-f.gruenbichler@proxmox.com> References: <20201105111226.4105475-1-f.gruenbichler@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.024 Adjusted score from AWL reputation of From: address KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_DNSWL_MED -2.3 Sender listed at https://www.dnswl.org/, medium trust SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [data.host, remote.rs] Subject: [pbs-devel] [RFC v2 proxmox-backup 5/5] remote.cfg: rename password to secret X-BeenThere: pbs-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox Backup Server development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Nov 2020 11:13:16 -0000 to make it a bit less confusing Signed-off-by: Fabian Grünbichler --- or split it into two entirely? not sure.. debian/postinst | 1 + src/api2/config/remote.rs | 22 +++++++++++----------- src/config/remote.rs | 8 ++++---- www/window/RemoteEdit.js | 8 ++++---- 4 files changed, 20 insertions(+), 19 deletions(-) diff --git a/debian/postinst b/debian/postinst index 6a0cf9fd..030b4021 100644 --- a/debian/postinst +++ b/debian/postinst @@ -34,6 +34,7 @@ case "$1" in flock -w 30 /etc/proxmox-backup/.remote.lck \ sed -i \ -e 's/^\s\+userid /\tauth-id /g' \ + -e 's/^\s\+password /\tsecret /g' \ /etc/proxmox-backup/remote.cfg || true fi fi diff --git a/src/api2/config/remote.rs b/src/api2/config/remote.rs index 29b14472..3b9c1427 100644 --- a/src/api2/config/remote.rs +++ b/src/api2/config/remote.rs @@ -43,7 +43,7 @@ pub fn list_remotes( let mut list: Vec = config.convert_to_typed_array("remote")?; // don't return password in api for remote in &mut list { - remote.password = "".to_string(); + remote.secret = "".to_string(); } let list = list @@ -81,8 +81,8 @@ pub fn list_remotes( "auth-id": { type: Authid, }, - password: { - schema: remote::REMOTE_PASSWORD_SCHEMA, + secret: { + schema: remote::REMOTE_SECRET_SCHEMA, }, fingerprint: { optional: true, @@ -95,12 +95,12 @@ pub fn list_remotes( }, )] /// Create new remote. -pub fn create_remote(password: String, param: Value) -> Result<(), Error> { +pub fn create_remote(secret: String, param: Value) -> Result<(), Error> { let _lock = open_file_locked(remote::REMOTE_CFG_LOCKFILE, std::time::Duration::new(10, 0), true)?; let mut data = param.clone(); - data["password"] = Value::from(base64::encode(password.as_bytes())); + data["secret"] = Value::from(base64::encode(secret.as_bytes())); let remote: remote::Remote = serde_json::from_value(data)?; let (mut config, _digest) = remote::config()?; @@ -140,7 +140,7 @@ pub fn read_remote( ) -> Result { let (config, digest) = remote::config()?; let mut data: remote::Remote = config.lookup("remote", &name)?; - data.password = "".to_string(); // do not return password in api + data.secret = "".to_string(); // do not return password in api rpcenv["digest"] = proxmox::tools::digest_to_hex(&digest).into(); Ok(data) } @@ -182,9 +182,9 @@ pub enum DeletableProperty { optional: true, type: Authid, }, - password: { + secret: { optional: true, - schema: remote::REMOTE_PASSWORD_SCHEMA, + schema: remote::REMOTE_SECRET_SCHEMA, }, fingerprint: { optional: true, @@ -215,7 +215,7 @@ pub fn update_remote( host: Option, port: Option, auth_id: Option, - password: Option, + secret: Option, fingerprint: Option, delete: Option>, digest: Option, @@ -253,7 +253,7 @@ pub fn update_remote( if let Some(host) = host { data.host = host; } if port.is_some() { data.port = port; } if let Some(auth_id) = auth_id { data.auth_id = auth_id; } - if let Some(password) = password { data.password = password; } + if let Some(secret) = secret { data.secret = secret; } if let Some(fingerprint) = fingerprint { data.fingerprint = Some(fingerprint); } @@ -306,7 +306,7 @@ pub fn delete_remote(name: String, digest: Option) -> Result<(), Error> /// Helper to get client for remote.cfg entry pub async fn remote_client(remote: remote::Remote) -> Result { let options = HttpClientOptions::new() - .password(Some(remote.password.clone())) + .password(Some(remote.secret.clone())) .fingerprint(remote.fingerprint.clone()); let client = HttpClient::new( diff --git a/src/config/remote.rs b/src/config/remote.rs index 20fd39d4..ee537c9a 100644 --- a/src/config/remote.rs +++ b/src/config/remote.rs @@ -21,7 +21,7 @@ lazy_static! { static ref CONFIG: SectionConfig = init(); } -pub const REMOTE_PASSWORD_SCHEMA: Schema = StringSchema::new("Password or auth token for remote host.") +pub const REMOTE_SECRET_SCHEMA: Schema = StringSchema::new("Password or auth token for remote host.") .format(&PASSWORD_FORMAT) .min_length(1) .max_length(1024) @@ -47,8 +47,8 @@ pub const REMOTE_PASSWORD_SCHEMA: Schema = StringSchema::new("Password or auth t "auth-id": { type: Authid, }, - password: { - schema: REMOTE_PASSWORD_SCHEMA, + secret: { + schema: REMOTE_SECRET_SCHEMA, }, fingerprint: { optional: true, @@ -69,7 +69,7 @@ pub struct Remote { pub auth_id: Authid, #[serde(skip_serializing_if="String::is_empty")] #[serde(with = "proxmox::tools::serde::string_as_base64")] - pub password: String, + pub secret: String, #[serde(skip_serializing_if="Option::is_none")] pub fingerprint: Option, } diff --git a/www/window/RemoteEdit.js b/www/window/RemoteEdit.js index 4a4d8114..b65f2da6 100644 --- a/www/window/RemoteEdit.js +++ b/www/window/RemoteEdit.js @@ -22,7 +22,7 @@ Ext.define('PBS.window.RemoteEdit', { me.method = name ? 'PUT' : 'POST'; me.autoLoad = !!name; return { - passwordEmptyText: me.isCreate ? '' : gettext('Unchanged'), + secretEmptyText: me.isCreate ? '' : gettext('Unchanged'), }; }, @@ -97,10 +97,10 @@ Ext.define('PBS.window.RemoteEdit', { { xtype: 'textfield', inputType: 'password', - fieldLabel: gettext('Password'), - name: 'password', + fieldLabel: gettext('Password')+'/'+gettext('Secret'), + name: 'secret', cbind: { - emptyText: '{passwordEmptyText}', + emptyText: '{secretEmptyText}', allowBlank: '{!isCreate}', }, }, -- 2.20.1