Call GetPassphraseFromSource only once

When GetPassphraseFromSource is used with stdin, it exhausts the stdin
so a second call to it returns an empty string.
pull/1100/head
Eugene Kim 5 years ago
parent 276bc2582b
commit 2db6d7dd02
  1. 56
      cmd/harmony/main.go
  2. 6
      internal/utils/passphrase.go

@ -102,6 +102,7 @@ var (
enableGC = flag.Bool("enableGC", true, "Enable calling garbage collector manually .") enableGC = flag.Bool("enableGC", true, "Enable calling garbage collector manually .")
blsKeyFile = flag.String("blskey_file", "", "The encrypted file of bls serialized private key by passphrase.") blsKeyFile = flag.String("blskey_file", "", "The encrypted file of bls serialized private key by passphrase.")
blsPass = flag.String("blspass", "", "The file containing passphrase to decrypt the encrypted bls file.") blsPass = flag.String("blspass", "", "The file containing passphrase to decrypt the encrypted bls file.")
blsPassphrase string
// logConn logs incoming/outgoing connections // logConn logs incoming/outgoing connections
logConn = flag.Bool("log_conn", false, "log incoming/outgoing connections") logConn = flag.Bool("log_conn", false, "log incoming/outgoing connections")
@ -182,35 +183,24 @@ func initSetup() {
} }
func setUpConsensusKeyAndReturnIndex(nodeConfig *nodeconfig.ConfigType) (int, *genesis.DeployAccount) { func setUpConsensusKeyAndReturnIndex(nodeConfig *nodeconfig.ConfigType) (int, *genesis.DeployAccount) {
// If FN node running, they should either specify blsPrivateKey or the file with passphrase consensusPriKey, err := blsgen.LoadBlsKeyWithPassPhrase(*blsKeyFile, blsPassphrase)
if *blsKeyFile != "" && *blsPass != "" { if err != nil {
passPhrase, err := utils.GetPassphraseFromSource(*blsPass) fmt.Printf("error when loading bls key, err :%v\n", err)
if err != nil { os.Exit(100)
fmt.Printf("error when reading passphrase file: %v\n", err) }
os.Exit(100) index, acc := genesis.IsBlsPublicKeyIndex(consensusPriKey.GetPublicKey().SerializeToHexStr())
} if index < 0 {
consensusPriKey, err := blsgen.LoadBlsKeyWithPassPhrase(*blsKeyFile, passPhrase) fmt.Println("Can not found your bls key.")
if err != nil { os.Exit(100)
fmt.Printf("error when loading bls key, err :%v\n", err) }
os.Exit(100)
}
index, acc := genesis.IsBlsPublicKeyIndex(consensusPriKey.GetPublicKey().SerializeToHexStr())
if index < 0 {
fmt.Println("Can not found your bls key.")
os.Exit(100)
}
// Consensus keys are the BLS12-381 keys used to sign consensus messages // Consensus keys are the BLS12-381 keys used to sign consensus messages
nodeConfig.ConsensusPriKey, nodeConfig.ConsensusPubKey = consensusPriKey, consensusPriKey.GetPublicKey() nodeConfig.ConsensusPriKey, nodeConfig.ConsensusPubKey = consensusPriKey, consensusPriKey.GetPublicKey()
if nodeConfig.ConsensusPriKey == nil || nodeConfig.ConsensusPubKey == nil { if nodeConfig.ConsensusPriKey == nil || nodeConfig.ConsensusPubKey == nil {
fmt.Println("error to get consensus keys.") fmt.Println("error to get consensus keys.")
os.Exit(100) os.Exit(100)
}
return index, acc
} }
fmt.Println("Internal nodes need to have pass to decrypt blskey") return index, acc
os.Exit(101)
return -1, nil
} }
func createGlobalConfig() *nodeconfig.ConfigType { func createGlobalConfig() *nodeconfig.ConfigType {
@ -393,6 +383,18 @@ func main() {
flag.Var(&utils.BootNodes, "bootnodes", "a list of bootnode multiaddress (delimited by ,)") flag.Var(&utils.BootNodes, "bootnodes", "a list of bootnode multiaddress (delimited by ,)")
flag.Parse() flag.Parse()
// If FN node running, they should either specify blsPrivateKey or the file with passphrase
if *blsKeyFile == "" || *blsPass == "" {
fmt.Println("Internal nodes need to have pass to decrypt blskey")
os.Exit(101)
}
passphrase, err := utils.GetPassphraseFromSource(*blsPass)
if err != nil {
fmt.Printf("error when reading passphrase file: %v\n", err)
os.Exit(100)
}
blsPassphrase = passphrase
// Configure log parameters // Configure log parameters
utils.SetLogContext(*port, *ip) utils.SetLogContext(*port, *ip)
utils.SetLogVerbosity(log.Lvl(*verbosity)) utils.SetLogVerbosity(log.Lvl(*verbosity))

@ -37,6 +37,12 @@ func readAllAsString(r io.Reader) (data string, err error) {
// //
// The source can be "pass:password", "env:var", "file:pathname", "fd:number", // The source can be "pass:password", "env:var", "file:pathname", "fd:number",
// or "stdin". See “PASS PHRASE ARGUMENTS” section of openssl(1) for details. // or "stdin". See “PASS PHRASE ARGUMENTS” section of openssl(1) for details.
//
// When "stdin" or "fd:" is used,
// the standard input or the given file descriptor is exhausted.
// Therefore, this function should be called at most once per program
// invocation; the second call, if any, may return an empty string if "stdin"
// or "fd" is used.
func GetPassphraseFromSource(src string) (pass string, err error) { func GetPassphraseFromSource(src string) (pass string, err error) {
switch src { switch src {
case "stdin": case "stdin":

Loading…
Cancel
Save