From de4db62c5762e37e3d0d9aaf0bf921be80e65e58 Mon Sep 17 00:00:00 2001 From: Dominik Csapak Date: Tue, 26 May 2020 12:23:24 +0200 Subject: [PATCH] remotes: save passwords as base64 to avoid having arbitrary characters in the config (e.g. newlines) note that this breaks existings configs Signed-off-by: Dominik Csapak --- src/api2/config/remote.rs | 7 +++++-- src/config/remote.rs | 1 + 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/api2/config/remote.rs b/src/api2/config/remote.rs index 1a93c519..f30535a1 100644 --- a/src/api2/config/remote.rs +++ b/src/api2/config/remote.rs @@ -1,6 +1,7 @@ use anyhow::{bail, Error}; use serde_json::Value; use ::serde::{Deserialize, Serialize}; +use base64; use proxmox::api::{api, ApiMethod, Router, RpcEnvironment, Permission}; @@ -75,11 +76,13 @@ pub fn list_remotes( }, )] /// Create new remote. -pub fn create_remote(param: Value) -> Result<(), Error> { +pub fn create_remote(password: String, param: Value) -> Result<(), Error> { let _lock = crate::tools::open_file_locked(remote::REMOTE_CFG_LOCKFILE, std::time::Duration::new(10, 0))?; - let remote: remote::Remote = serde_json::from_value(param.clone())?; + let mut data = param.clone(); + data["password"] = Value::from(base64::encode(password.as_bytes())); + let remote: remote::Remote = serde_json::from_value(data)?; let (mut config, _digest) = remote::config()?; diff --git a/src/config/remote.rs b/src/config/remote.rs index 653904d1..82ac50ec 100644 --- a/src/config/remote.rs +++ b/src/config/remote.rs @@ -60,6 +60,7 @@ pub struct Remote { pub host: String, pub userid: String, #[serde(skip_serializing_if="String::is_empty")] + #[serde(with = "proxmox::tools::serde::string_as_base64")] pub password: String, #[serde(skip_serializing_if="Option::is_none")] pub fingerprint: Option,