Browse Source
added support for N2N_PASSWORD environment variable (#818 )
pull/819/head
Logan oos Even
3 years ago
committed by
GitHub
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with
19 additions and
5 deletions
doc/Authentication.md
edge.8
src/edge.c
src/edge_utils.c
@ -87,7 +87,7 @@ Considering all this, our example expands to
[user@host n2n]$ sudo ./edge -l < supernode:port > -c netleo -I logan -J 007 -A5 -k mySecretKey -P opIyaWhWjKLJSNOHNpKnGmelhHWRqkmY5pAx7lbDHp4
```
You might want to consider the use of [`.conf` files ](https://github.com/ntop/n2n/blob/dev/doc/ConfigurationFiles.md ) to accomodate all the command line parameters more easily.
You might want to consider the use of [`.conf` files ](https://github.com/ntop/n2n/blob/dev/doc/ConfigurationFiles.md ) to accomodate all the command line parameters more easily. Alternatively, the `N2N_PASSWORD` environment variable can be used to set the password without having it show up as part of the command line.
#### How Does It Work?
@ -137,7 +137,7 @@ annotate the edge's description used for easier
identification in management port output or username
.TP
\fB \- J \fR <\fI password\fR >
password for user-password edge authentication
password for user-password edge authentication (see also N2N_PASSWORD in ENVIRONMENT)
.TP
\fB \- P \fR <\fI public key\fR >
federation public key for user-password authentication
@ -203,10 +203,13 @@ shows detailed parameter description
.SH ENVIRONMENT
.TP
.B N2N_KEY
set the encryption key so it is not visible on the command line
set the encryption key so it is not visible at the command line
.TP
.B N2N_COMMUNITY
set the community name so it is not visible on the command line
set the community name so it is not visible at the command line
.TP
.B N2N_PASSWORD
set the password for user-password authentication so it is not visible at the command line
.SH EXAMPLES
.TP
.B edge \- d n2n0 \- c mynetwork \- k encryptme \- u 99 \- g 99 \- m DE:AD:BE:EF:01:23 \- a 192 .168.254.7 \- p 50001 \- l 123 .121.120.119:7654
@ -215,6 +215,9 @@ static void help (int level) {
" N2N_KEY instead of [-k <key>] "
" \n variables "
" N2N_COMMUNITY instead of -c <community> "
" \n "
" N2N_PASSWORD instead of [-J <password>] "
" \n "
" \n meaning of the "
@ -328,6 +331,8 @@ static void help (int level) {
printf ( " --------------------- \n \n " ) ;
printf ( " N2N_KEY | encryption key (ASCII), not with '-k ...' \n " ) ;
printf ( " N2N_COMMUNITY | community name (ASCII), overwritten by '-c ...' \n " ) ;
printf ( " N2N_PASSWORD | password (ASCII) for user-password authentication, \n "
" | overwritten by '-J ...' \n " ) ;
# ifdef WIN32
printf ( " \n " ) ;
printf ( " AVAILABLE TAP ADAPTERS \n " ) ;
@ -561,6 +566,7 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
}
case ' J ' : /* password for user-password authentication */ {
if ( ! conf - > shared_secret ) /* we could already have it from environment variable, see edge_init_conf_defaults() */
conf - > shared_secret = calloc ( 1 , sizeof ( n2n_private_public_key_t ) ) ;
if ( conf - > shared_secret )
generate_private_key ( * ( conf - > shared_secret ) , optargument ) ;
@ -3684,6 +3684,11 @@ void edge_init_conf_defaults (n2n_edge_conf_t *conf) {
strncpy ( ( char * ) conf - > community_name , getenv ( " N2N_COMMUNITY " ) , N2N_COMMUNITY_SIZE ) ;
conf - > community_name [ N2N_COMMUNITY_SIZE - 1 ] = ' \0 ' ;
}
if ( getenv ( " N2N_PASSWORD " ) ) {
conf - > shared_secret = calloc ( 1 , sizeof ( n2n_private_public_key_t ) ) ;
if ( conf - > shared_secret )
generate_private_key ( * ( conf - > shared_secret ) , getenv ( " N2N_PASSWORD " ) ) ;
}
conf - > metric = 0 ;
}