read AWS secret key from stdin instead of command line

arqbackup · Feb 3, 2017 · 3bd7f24 · 3bd7f24
1 parent bda6923
commit 3bd7f24
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 9 deletions.
diff --git a/ArqRestoreCommand.m b/ArqRestoreCommand.m
@@ -139,7 +139,7 @@ - (BOOL)addTarget:(NSArray *)args error:(NSError **)error {
     NSString *oAuth2RedirectURI = nil;
 
     if ([targetType isEqualToString:@"aws"]) {
-        if ([args count] != 6) {
+        if ([args count] != 5) {
             SETNSERROR([self errorDomain], ERROR_USAGE, @"invalid arguments");
             return NO;
         }
@@ -149,7 +149,10 @@ - (BOOL)addTarget:(NSArray *)args error:(NSError **)error {
         NSString *urlString = [NSString stringWithFormat:@"https://%@@%@/any_bucket", accessKeyId, [[usEast1 s3EndpointWithSSL:NO] host]];
 
         endpoint = [NSURL URLWithString:urlString];
-        secret = [args objectAtIndex:5];
+        secret = [self readPasswordWithPrompt:@"enter AWS secret key:" error:error];
+        if (secret == nil) {
+            return NO;
+        }
 
     } else if ([targetType isEqualToString:@"local"]) {
         if ([args count] != 5) {
@@ -259,7 +262,7 @@ - (BOOL)listFolders:(NSArray *)args error:(NSError **)error {
     }
 
     NSString *theComputerUUID = [args objectAtIndex:3];
-    NSString *theEncryptionPassword = [self readEncryptionPassword:error];
+    NSString *theEncryptionPassword = [self readPasswordWithPrompt:@"enter encryption password:" error:error];
     if (theEncryptionPassword == nil) {
         return NO;
     }
@@ -301,7 +304,7 @@ - (BOOL)printPlist:(NSArray *)args error:(NSError **)error {
     NSString *theComputerUUID = [args objectAtIndex:3];
     NSString *theBucketUUID = [args objectAtIndex:4];
 
-    NSString *theEncryptionPassword = [self readEncryptionPassword:error];
+    NSString *theEncryptionPassword = [self readPasswordWithPrompt:@"enter encryption password:" error:error];
     if (theEncryptionPassword == nil) {
         return NO;
     }
@@ -353,7 +356,7 @@ - (BOOL)listTree:(NSArray *)args error:(NSError **)error {
     NSString *theComputerUUID = [args objectAtIndex:3];
     NSString *theBucketUUID = [args objectAtIndex:4];
 
-    NSString *theEncryptionPassword = [self readEncryptionPassword:error];
+    NSString *theEncryptionPassword = [self readPasswordWithPrompt:@"enter encryption password:" error:error];
     if (theEncryptionPassword == nil) {
         return NO;
     }
@@ -441,7 +444,7 @@ - (BOOL)restore:(NSArray *)args error:(NSError **)error {
     NSString *theComputerUUID = [args objectAtIndex:3];
     NSString *theBucketUUID = [args objectAtIndex:4];
 
-    NSString *theEncryptionPassword = [self readEncryptionPassword:error];
+    NSString *theEncryptionPassword = [self readPasswordWithPrompt:@"enter encryption password:" error:error];
     if (theEncryptionPassword == nil) {
         return NO;
     }
@@ -773,8 +776,8 @@ - (BOOL)glacierRestorerDidFail:(NSError *)error {
 
 
 #pragma mark internal
-- (NSString *)readEncryptionPassword:(NSError **)error {
-    printf("enter encryption password: ");
+- (NSString *)readPasswordWithPrompt:(NSString *)thePrompt error:(NSError **)error {
+    printf("%s ", [thePrompt UTF8String]);
     fflush(stdout);
 
     struct termios oldTermios;

diff --git a/arq_restore.m b/arq_restore.m
@@ -40,7 +40,7 @@
 static void printUsage(const char *exeName) {
 	fprintf(stderr, "Usage:\n");
     fprintf(stderr, "\t%s [-l loglevel] listtargets\n", exeName);
-    fprintf(stderr, "\t%s [-l loglevel] addtarget <nickname> aws <access_key> <secret_key> \n", exeName);
+    fprintf(stderr, "\t%s [-l loglevel] addtarget <nickname> aws <access_key>\n", exeName);
     fprintf(stderr, "\t%s [-l loglevel] addtarget <nickname> local <path>\n", exeName);
     fprintf(stderr, "\t%s [-l loglevel] deletetarget <nickname>\n", exeName);
     fprintf(stderr, "\n");