forked from TrueCloudLab/restic
Force restic to ask the password when adding a key.
As `restic key add` uses the same `ReadPasswordTwice()` as the rest of restic, it is sensitive to the environment variable RESTIC_PASSWORD or --password-file= override. When asking for the new key, temporary remove these 2 overrides, forcing the password to be asked.
This commit is contained in:
parent
608adf15a3
commit
d9b9bbd4a8
1 changed files with 11 additions and 1 deletions
|
@ -3,6 +3,7 @@ package main
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"os"
|
||||||
|
|
||||||
"github.com/restic/restic/internal/errors"
|
"github.com/restic/restic/internal/errors"
|
||||||
"github.com/restic/restic/internal/repository"
|
"github.com/restic/restic/internal/repository"
|
||||||
|
@ -59,7 +60,16 @@ func getNewPassword(gopts GlobalOptions) (string, error) {
|
||||||
return testKeyNewPassword, nil
|
return testKeyNewPassword, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
return ReadPasswordTwice(gopts,
|
// Since we already have an open repository, temporary remove the overrides
|
||||||
|
// to prompt the user for their passwd
|
||||||
|
oldPasswd := os.Getenv("RESTIC_PASSWORD")
|
||||||
|
defer func() { os.Setenv("RESTIC_PASSWORD", oldPasswd) }()
|
||||||
|
os.Unsetenv("RESTIC_PASSWORD")
|
||||||
|
newopts := gopts
|
||||||
|
newopts.password = ""
|
||||||
|
newopts.PasswordFile = ""
|
||||||
|
|
||||||
|
return ReadPasswordTwice(newopts,
|
||||||
"enter password for new key: ",
|
"enter password for new key: ",
|
||||||
"enter password again: ")
|
"enter password again: ")
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue