Store passwords in file

Other users can see the full command lines of the launched programs
so passwords will be compromised on a multi-user system

diff --git a/gocheese.go b/gocheese.go
index 0942d3f133d5b3db9536bc21edd1b91773e775c6..8188671af5bf5c18f80689039083738ac9a7afea 100644 (file)
--- a/gocheese.go
+++ b/gocheese.go
@@ -63,7 +63,7 @@ var (
        norefreshURLPath = flag.String("norefresh", "/norefresh/", "Non-refreshing URL path")
        refreshURLPath   = flag.String("refresh", "/simple/", "Auto-refreshing URL path")
        pypiURL          = flag.String("pypi", "https://pypi.org/simple/", "Upstream PyPI URL")
-       auth             = flag.String("auth", "spam:foo", "login:password,...")
+       auth             = flag.String("auth", "passwd", "Path to file with login:passwd")
        fsck             = flag.Bool("fsck", false, "Check integrity of all packages")
        version          = flag.Bool("version", false, "Print version information")
        warranty         = flag.Bool("warranty", false, "Print warranty information")
@@ -425,7 +425,11 @@ func main() {
                }
                return
        }
-       for _, credentials := range strings.Split(*auth, ",") {
+       auth, err := ioutil.ReadFile(*auth)
+       if err != nil {
+               log.Fatal(err)
+       }
+       for _, credentials := range strings.Split(strings.TrimRight(string(auth), "\n"), "\n") {
                splitted := strings.Split(credentials, ":")
                if len(splitted) != 2 {
                        log.Fatal("Wrong auth format")