Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RFE] ~/.netrc support #9

Open
gandrille opened this issue Feb 21, 2016 · 6 comments
Open

[RFE] ~/.netrc support #9

gandrille opened this issue Feb 21, 2016 · 6 comments

Comments

@gandrille
Copy link

For authentication, would it be possible to add ~/.netrc support for providing credentials? This feature is used a lot by FTP command line tools.
PS: thanks so much davix (I use it for WebDAV access)!
@gandrille
Copy link
Author

For the command line tools, of course.

@gbitzes
Copy link
Contributor

gbitzes commented Feb 22, 2016

Hi,

I had a look at .netrc, it seems you can only specify a username and password in there. It would not be appropriate for davix, as it supports more authentication methods apart from simple username/password: x509 certificates, S3, Azure..

I think I will add ~/.davixrc, similar to .netrc in syntax but with support for the additional authentication methods. What do you think?

@adevress
Copy link
Contributor

Hi georgios,

If my opinion matter, It would be awesome to have both I think. netrc for compat and something like davixrc for exotic auth method.

Nowadays, a lot of service can now generate temporary service password which are safe to store in ~/.netrc.
I dont like clear text password more than you ~/.netrc is supported by almost all network tools including curl, wget, git and cadaver, that would be nice is davix support it too. :)

Cheers,
Adrien

@gbitzes
Copy link
Contributor

gbitzes commented Feb 22, 2016

Sure, we could first check ~/.davixrc, and if no hosts in there match, then check ~/.netrc. Since the file format will be the same in both, no need to write two different parsers.

Some people have started using gpg-encrypted .netrc files.. :-)

@gandrille
Copy link
Author

Hi All,
I fully agree with all of your comments.
Thanks a lot for listening to rfe!
Kind regards,
Etienne

gbitzes added a commit that referenced this issue Apr 1, 2016
@gbitzes
DMC-816 #9 Implement .davixrc/.netrc parsing
c7c81e1
@gbitzes
Copy link
Contributor

gbitzes commented Apr 1, 2016

Hi,

The feature has been implemented and can be found in the devel branch. Please test, and try to break my terrible parser. :) Let me know especially in case it misbehaves with existing .netrc files. It always gives priority to .davixrc over .netrc.

  • It supports quoting of parameters, for example this will work: password "evil password with spaces"
  • You can escape quotes inside quotes, for example: password "super evil password with " quote"
  • Single quotes as well as double quotes are suppoted, you only need to escape the type of quote you're using, like in python. "valid' ", ' examples' ', 'of"', "quoted strings""
  • You can specify machine-specific as well as path-specific options, like git's implementation of netrc does. Example: settings under "machine host path /atlas" will apply only if your url's path starts with "/atlas". So you could specify per-VO certificates.
  • It understands the following directives: machine, default, path, login, password, cert, key, capath, s3accesskey, s3secretkey, s3region, s3alternate, s3token, azurekey. Did I forget anything?
  • macdef blocks are ignored.

Even though I usually prefer strict error checking, in this case any directives not understood are deliberately ignored, to minimize the risk of creating incompatibilities with other tools using their own custom directives.

Cheers

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gandrille @adevress @gbitzes