[bitbake-devel] [PATCH] fetch2/wget: add Basic Auth from netrc to checkstatus()
Mark Hatle
mark.hatle at windriver.com
Fri Dec 16 16:59:53 UTC 2016
There was a recent change to wget that allows it to do an 'ASKPASS' when it
needs credentials.
This is how we handle that at Wind River. We define a WGET_ASKPASS program that
knows how to answer the credential questions [or prompt the user outside of the
build system, i.e. via gnome].
(Passing anything on the command line, or even via .netrc is really dangerous.
The command line due to 'ps' leakage on a multi-user system, and .netrc as the
credentials are stored in plain text.)
Anyway, something to consider.
--Mark
On 12/16/16 3:32 AM, Matthew McClintock wrote:
> fetch2/wget uses urllib to check the status of the mirrors, wget will
> use netrc to pass login and password information however checkstatus
> will skip that.
>
> This adds netrc login and password to checkstatus so both will work the
> same.
>
> Signed-off-by: Matthew McClintock <msm-oss at mcclintock.net>
> ---
> lib/bb/fetch2/wget.py | 16 ++++++++++++++--
> 1 file changed, 14 insertions(+), 2 deletions(-)
>
> diff --git a/lib/bb/fetch2/wget.py b/lib/bb/fetch2/wget.py
> index 6dfb27b..88349c9 100644
> --- a/lib/bb/fetch2/wget.py
> +++ b/lib/bb/fetch2/wget.py
> @@ -305,12 +305,24 @@ class Wget(FetchMethod):
> r = urllib.request.Request(uri)
> r.get_method = lambda: "HEAD"
>
> - if ud.user:
> + def add_basic_auth(login_str, request):
> + '''Adds Basic auth to http request, pass in login:password as string'''
> import base64
> - encodeuser = base64.b64encode(ud.user.encode('utf-8')).decode("utf-8")
> + encodeuser = base64.b64encode(login_str.encode('utf-8')).decode("utf-8")
> authheader = "Basic %s" % encodeuser
> r.add_header("Authorization", authheader)
>
> + if ud.user:
> + add_basic_auth(ud.user, r)
> +
> + try:
> + import netrc, urllib.parse
> + n = netrc.netrc()
> + login, unused, password = n.authenticators(urllib.parse.urlparse(uri).hostname)
> + add_basic_auth("%s:%s" % (login, password), r)
> + except (ImportError, IOError, netrc.NetrcParseError):
> + pass
> +
> opener.open(r)
> except urllib.error.URLError as e:
> if try_again:
>
More information about the bitbake-devel
mailing list