Blame SOURCES/0008-v2v-nbdkit-Don-t-use-password-parameter-RHBZ-1842440.patch

7ed5e3
From 89ab50eb404664ac3522294f2f46a1c904a28abd Mon Sep 17 00:00:00 2001
7ed5e3
From: "Richard W.M. Jones" <rjones@redhat.com>
7ed5e3
Date: Mon, 1 Jun 2020 17:35:58 +0100
7ed5e3
Subject: [PATCH] v2v: nbdkit: Don't use password=- parameter (RHBZ#1842440).
7ed5e3
7ed5e3
This was broken with all nbdkit plugins, some in more ways than others.
7ed5e3
7ed5e3
Because we start nbdkit in the background and wait 30 seconds for it
7ed5e3
to start running, the user had only 30 seconds to type in a password
7ed5e3
before we timed out the process.  In addition with the VDDK plugin
7ed5e3
password=- had been broken ever since we changed the plugin to use a
7ed5e3
reexec
7ed5e3
(https://www.redhat.com/archives/libguestfs/2020-June/msg00012.html).
7ed5e3
7ed5e3
The solution is to read the password ourselves and pass it to nbdkit
7ed5e3
as a private file.
7ed5e3
7ed5e3
(cherry picked from commit 16b551c77c88219a2f68e2fc37daf2dc4d88e4ed)
7ed5e3
---
7ed5e3
 v2v/nbdkit_sources.ml | 21 ++++++++++++++++++++-
7ed5e3
 1 file changed, 20 insertions(+), 1 deletion(-)
7ed5e3
7ed5e3
diff --git a/v2v/nbdkit_sources.ml b/v2v/nbdkit_sources.ml
7ed5e3
index 47832011..f5e91911 100644
7ed5e3
--- a/v2v/nbdkit_sources.ml
7ed5e3
+++ b/v2v/nbdkit_sources.ml
7ed5e3
@@ -142,7 +142,26 @@ let common_create ?bandwidth ?extra_debug ?extra_env password
7ed5e3
     match password with
7ed5e3
     | NoPassword -> cmd
7ed5e3
     | AskForPassword ->
7ed5e3
-       Nbdkit.add_arg cmd "password" "-"
7ed5e3
+       (* Because we will start nbdkit in the background and then wait
7ed5e3
+        * for 30 seconds for it to start up, we cannot use the
7ed5e3
+        * password=- feature of nbdkit to read the password
7ed5e3
+        * interactively (since in the words of the movie the user has
7ed5e3
+        * only "30 seconds to comply").  In any case this feature broke
7ed5e3
+        * in the VDDK plugin in nbdkit 1.18 and 1.20.  So in the
7ed5e3
+        * AskForPassword case we read the password here.
7ed5e3
+        *)
7ed5e3
+       printf "password: ";
7ed5e3
+       let open Unix in
7ed5e3
+       let orig = tcgetattr stdin in
7ed5e3
+       let tios = { orig with c_echo = false } in
7ed5e3
+       tcsetattr stdin TCSAFLUSH tios; (* Disable echo. *)
7ed5e3
+       let password = read_line () in
7ed5e3
+       tcsetattr stdin TCSAFLUSH orig; (* Restore echo. *)
7ed5e3
+       printf "\n";
7ed5e3
+       let password_file = Filename.temp_file "v2vnbdkit" ".txt" in
7ed5e3
+       unlink_on_exit password_file;
7ed5e3
+       with_open_out password_file (fun chan -> output_string chan password);
7ed5e3
+       Nbdkit.add_arg cmd "password" ("+" ^ password_file)
7ed5e3
     | PasswordFile password_file ->
7ed5e3
        Nbdkit.add_arg cmd "password" ("+" ^ password_file) in
7ed5e3
 
7ed5e3
-- 
e21fe6
2.31.1
7ed5e3