Hello, I often use svn_load_dirs.pl in a script to load several huge third party libraries into our SVN repo. This repository uses LDAP authentication with https and I do not want my password popping up at times on the console executing the script (for several hours).
Hence my second patch, that hides the password printed to screen with stars (*). It does that by passing the array of arguments containing the password to a function sanitize_pwd before printing it. This function searches for '--password' and hides the following word. I digress a bit, but my scripts using svn_load_dirs.pl (themselves in a SVN repo) ask for username/password so that they do not expose sensitive information. Password is prompted either with `read -s` for the bash script, or with this SO answer for the batch version: http://stackoverflow.com/a/20343074/3628160 Please find my patch below. Besides defining sanitize_pwd and changing the print call sites the attached version of the patch also replaces the few tabs in source by spaces (as I realized gmail edits the tabs I omitted this part from the version below, which apart from that fulfils its duty). Best regards, Geoffrey --- contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in +++ contrib/client-side/svn_load_dirs/svn_load_dirs.pl.in @@ -1499,6 +1499,18 @@ sub file_info return '?'; } +# Copy arguments and replace what follows --password with '*'s. +sub sanitize_pwd +{ + my @str = @_ ; + my $hide_next = 0 ; + foreach(@str) { + $_ = '*' x length if ( $hide_next ) ; + $hide_next = ($_ eq '--password') ; + } + @str +} + # Start a child process safely without using /bin/sh. sub safe_read_from_pipe { @@ -1510,7 +1522,7 @@ sub safe_read_from_pipe my $openfork_available = "MSWin32" ne $OSNAME; if ($openfork_available) { - print "Running @_\n"; + print join(' ', &sanitize_pwd("Running", @_, "\n") ); my $pid = open(SAFE_READ, "-|"); unless (defined $pid) { @@ -1522,7 +1534,9 @@ sub safe_read_from_pipe open(STDERR, ">&STDOUT") or die "$0: cannot dup STDOUT: $!\n"; exec(@_) - or die "$0: cannot exec '@_': $!\n"; + or die "$0: cannot exec '" + . join(' ', &sanitize_pwd(@_) ) + . "': $!\n"; } } else @@ -1559,7 +1573,7 @@ sub safe_read_from_pipe } } - print "Running @commandline\n"; + print join(' ', &sanitize_pwd("Running", @commandline, "\n") ); if ( $comment ) { print $comment; } # Now do the pipe. @@ -1581,7 +1595,9 @@ sub safe_read_from_pipe my $cd = $result & 128 ? "with core dump" : ""; if ($signal or $cd) { - warn "$0: pipe from '@_' failed $cd: exit=$exit signal=$signal\n"; + warn "$0: pipe from '" + . join(' ', &sanitize_pwd(@_) ) + . "' failed $cd: exit=$exit signal=$signal\n"; } if (wantarray) { @@ -1604,8 +1620,9 @@ sub read_from_process my ($status, @output) = &safe_read_from_pipe(@_); if ($status) { - print STDERR "$0: @_ failed with this output:\n", join("\n", @output), - "\n"; + print STDERR + join(' ', &sanitize_pwd("$0:", @_, "failed with this output:\n") ), + join("\n", @output), "\n"; unless ($opt_no_user_input) { print STDERR
svn_load_dirs.pl-secfeat-hidepwd.patch
Description: Binary data
