From 51aedd51be086e333744b020e867c0348833a083 Mon Sep 17 00:00:00 2001 From: Enrico Marconi <31142849+UMR1352@users.noreply.github.com> Date: Tue, 30 Apr 2024 16:16:36 +0200 Subject: [PATCH] Use STRONGHOLD_PWD_FILE env variable to pass stronghold's password (#1363) --- bindings/grpc/src/main.rs | 22 +++++++++++++++++++--- 1 file changed, 19 insertions(+), 3 deletions(-) diff --git a/bindings/grpc/src/main.rs b/bindings/grpc/src/main.rs index 4e6e3e11fa..04927b1c9c 100644 --- a/bindings/grpc/src/main.rs +++ b/bindings/grpc/src/main.rs @@ -1,6 +1,7 @@ // Copyright 2020-2024 IOTA Stiftung // SPDX-License-Identifier: Apache-2.0 +use anyhow::Context; use identity_grpc::server::GRpcServer; use identity_stronghold::StrongholdStorage; use iota_sdk::client::stronghold::StrongholdAdapter; @@ -29,11 +30,18 @@ async fn main() -> anyhow::Result<()> { #[tracing::instrument] fn init_stronghold() -> anyhow::Result { - let stronghold_password = std::env::var("STRONGHOLD_PWD")?; - let snapshot_path = std::env::var("SNAPSHOT_PATH")?; + use std::env; + use std::fs; + let stronghold_password = env::var("STRONGHOLD_PWD_FILE") + .context("Unset \"STRONGHOLD_PWD_FILE\" env variable") + .and_then(|path| fs::read_to_string(&path).context(format!("{path} does not exists"))) + .map(sanitize_pwd) + .or(env::var("STRONGHOLD_PWD")) + .context("No password for stronghold was provided")?; + let snapshot_path = env::var("SNAPSHOT_PATH")?; // Check for snapshot file at specified path - let metadata = std::fs::metadata(&snapshot_path)?; + let metadata = fs::metadata(&snapshot_path)?; if !metadata.is_file() { return Err(anyhow::anyhow!("No snapshot at provided path \"{}\"", &snapshot_path)); } @@ -45,3 +53,11 @@ fn init_stronghold() -> anyhow::Result { .map(StrongholdStorage::new)?, ) } + +/// Remove any trailing whitespace in-place. +fn sanitize_pwd(mut pwd: String) -> String { + let trimmed = pwd.trim_end(); + pwd.truncate(trimmed.len()); + pwd.shrink_to_fit(); + pwd +}