forked from TrueCloudLab/restic
Force restic to ask the password when adding a key.
As `restic key add` uses the same `ReadPasswordTwice()` as the rest of restic, it is sensitive to the environment variable RESTIC_PASSWORD or --password-file= override. When asking for the new key, temporary remove these 2 overrides, forcing the password to be asked.
This commit is contained in:
parent
608adf15a3
commit
d9b9bbd4a8
1 changed files with 11 additions and 1 deletions
|
@ -3,6 +3,7 @@ package main
|
|||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"os"
|
||||
|
||||
"github.com/restic/restic/internal/errors"
|
||||
"github.com/restic/restic/internal/repository"
|
||||
|
@ -59,7 +60,16 @@ func getNewPassword(gopts GlobalOptions) (string, error) {
|
|||
return testKeyNewPassword, nil
|
||||
}
|
||||
|
||||
return ReadPasswordTwice(gopts,
|
||||
// Since we already have an open repository, temporary remove the overrides
|
||||
// to prompt the user for their passwd
|
||||
oldPasswd := os.Getenv("RESTIC_PASSWORD")
|
||||
defer func() { os.Setenv("RESTIC_PASSWORD", oldPasswd) }()
|
||||
os.Unsetenv("RESTIC_PASSWORD")
|
||||
newopts := gopts
|
||||
newopts.password = ""
|
||||
newopts.PasswordFile = ""
|
||||
|
||||
return ReadPasswordTwice(newopts,
|
||||
"enter password for new key: ",
|
||||
"enter password again: ")
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue