diff --git a/src/bin/proxmox-backup-client.rs b/src/bin/proxmox-backup-client.rs index aa08ff06..5c234985 100644 --- a/src/bin/proxmox-backup-client.rs +++ b/src/bin/proxmox-backup-client.rs @@ -167,6 +167,7 @@ fn connect(server: &str, userid: &str) -> Result { let options = HttpClientOptions::new() .prefix(Some("proxmox-backup".to_string())) + .password_env(Some("PBS_PASSWORD".to_string())) .interactive(true) .fingerprint_cache(true) .ticket_cache(true); @@ -1476,6 +1477,7 @@ async fn try_get(repo: &BackupRepository, url: &str) -> Value { let options = HttpClientOptions::new() .prefix(Some("proxmox-backup".to_string())) + .password_env(Some("PBS_PASSWORD".to_string())) .interactive(false) .fingerprint_cache(true) .ticket_cache(true); diff --git a/src/client/http_client.rs b/src/client/http_client.rs index af14d41f..7472330c 100644 --- a/src/client/http_client.rs +++ b/src/client/http_client.rs @@ -33,6 +33,7 @@ pub struct AuthInfo { pub struct HttpClientOptions { prefix: Option, password: Option, + password_env: Option, fingerprint: Option, interactive: bool, ticket_cache: bool, @@ -46,6 +47,7 @@ impl HttpClientOptions { Self { prefix: None, password: None, + password_env: None, fingerprint: None, interactive: false, ticket_cache: false, @@ -64,6 +66,11 @@ impl HttpClientOptions { self } + pub fn password_env(mut self, password_env: Option) -> Self { + self.password_env = password_env; + self + } + pub fn fingerprint(mut self, fingerprint: Option) -> Self { self.fingerprint = fingerprint; self @@ -303,7 +310,7 @@ impl HttpClient { if let Some((ticket, _token)) = ticket_info { ticket } else { - Self::get_password(&username, options.interactive)? + Self::get_password(&username, options.interactive, options.password_env.clone())? } }; @@ -347,19 +354,22 @@ impl HttpClient { (*self.fingerprint.lock().unwrap()).clone() } - fn get_password(_username: &str, interactive: bool) -> Result { - use std::env::VarError::*; - match std::env::var("PBS_PASSWORD") { - Ok(p) => return Ok(p), - Err(NotUnicode(_)) => bail!("PBS_PASSWORD contains bad characters"), - Err(NotPresent) => { - // Try another method + fn get_password(username: &str, interactive: bool, password_env: Option) -> Result { + if let Some(password_env) = password_env { + use std::env::VarError::*; + match std::env::var(&password_env) { + Ok(p) => return Ok(p), + Err(NotUnicode(_)) => bail!(format!("{} contains bad characters", password_env)), + Err(NotPresent) => { + // Try another method + } } } // If we're on a TTY, query the user for a password if interactive && tty::stdin_isatty() { - return Ok(String::from_utf8(tty::read_password("Password: ")?)?); + let msg = format!("Password for \"{}\": ", username); + return Ok(String::from_utf8(tty::read_password(&msg)?)?); } bail!("no password input mechanism available");