lncli: allow unlock with password from stdin

This commit is contained in:
Oliver Gugger 2020-03-10 14:19:42 +01:00
parent 3dda93e30d
commit ed8924c6c5
No known key found for this signature in database
GPG Key ID: 8E4256593F177720

@ -1767,6 +1767,16 @@ var unlockCommand = cli.Command{
"maximum number of consecutive, unused " + "maximum number of consecutive, unused " +
"addresses ever generated by the wallet.", "addresses ever generated by the wallet.",
}, },
cli.BoolFlag{
Name: "stdin",
Usage: "read password from standard input instead of " +
"prompting for it. THIS IS CONSIDERED TO " +
"BE DANGEROUS if the password is located in " +
"a file that can be read by another user. " +
"This flag should only be used in " +
"combination with some sort of password " +
"manager or secrets vault.",
},
}, },
Action: actionDecorator(unlock), Action: actionDecorator(unlock),
} }
@ -1776,12 +1786,33 @@ func unlock(ctx *cli.Context) error {
client, cleanUp := getWalletUnlockerClient(ctx) client, cleanUp := getWalletUnlockerClient(ctx)
defer cleanUp() defer cleanUp()
fmt.Printf("Input wallet password: ") var (
pw, err := terminal.ReadPassword(int(syscall.Stdin)) pw []byte
err error
)
switch {
// Read the password from standard in as if it were a file. This should
// only be used if the password is piped into lncli from some sort of
// password manager. If the user types the password instead, it will be
// echoed in the console.
case ctx.IsSet("stdin"):
reader := bufio.NewReader(os.Stdin)
pw, err = reader.ReadBytes('\n')
// Remove carriage return and newline characters.
pw = bytes.Trim(pw, "\r\n")
// Read the password from a terminal by default. This requires the
// terminal to be a real tty and will fail if a string is piped into
// lncli.
default:
fmt.Printf("Input wallet password: ")
pw, err = terminal.ReadPassword(syscall.Stdin)
fmt.Println()
}
if err != nil { if err != nil {
return err return err
} }
fmt.Println()
args := ctx.Args() args := ctx.Args()