X Tutup
The Wayback Machine - https://web.archive.org/web/20201208023441/https://github.com/rclone/rclone/issues/4839
Skip to content

/ rclone

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent default credentials from being generated when using htpasswd #4839

Open
Addvilz opened this issue Dec 4, 2020 · 4 comments
Open

Prevent default credentials from being generated when using htpasswd #4839

Addvilz opened this issue Dec 4, 2020 · 4 comments
Labels
API / rc Web GUI enhancement good first issue

Comments

@Addvilz
Copy link

@Addvilz Addvilz commented Dec 4, 2020
edited

What is your current rclone version (output from rclone version)?

1.53.3

What problem are you are trying to solve?

Trying to prevent default password from being generated and added when htpasswd option is used. Since htpasswd is present, there generally should be no need for credentials besides those in htpasswd.

How do you think rclone should be changed to solve that?

There should either be flag or the default should be changed to when --rc-htpasswd is provided, default user/pass should not be generated and output to stdout.
@ncw
Copy link
Member

@ncw ncw commented Dec 6, 2020

Can you give an example command line which demonstrates the problem? Thanks
@Addvilz
Copy link
Author

@Addvilz Addvilz commented Dec 6, 2020

For example,
rclone rcd --rc-web-gui --rc-web-gui-no-open-browser --rc-addr :8443 --rc-htpasswd /etc/htpasswd --rc-cert XXX --rc-key XXX
@ncw
Copy link
Member

@ncw ncw commented Dec 7, 2020

Ah I see.

It is the --rc-web-gui flag which is generating the password.

$ rclone rcd --rc-web-gui --rc-web-gui-no-open-browser
2020/12/07 11:54:04 ERROR : Error reading tag file at /home/ncw/.cache/rclone/webgui/tag 
2020/12/07 11:54:04 NOTICE: A new release for gui (v2.0.3) is present at https://github.com/rclone/rclone-webui-react/releases/download/v2.0.3/currentbuild.zip
2020/12/07 11:54:04 NOTICE: Downloading webgui binary. Please wait. [Size: 4750769, Path :  /home/ncw/.cache/rclone/webgui/v2.0.3.zip]
2020/12/07 11:54:07 NOTICE: Unzipping webgui binary
2020/12/07 11:54:07 NOTICE: Serving Web GUI
2020/12/07 11:54:07 NOTICE: Serving remote control on http://127.0.0.1:5572/
2020/12/07 11:54:07 NOTICE: Web GUI is not automatically opening browser. Navigate to http://gui:vL2WUclJ89upzeYRdQihKg@127.0.0.1:5572/?login_token=Z3VpOnZMMldVY2xKODl1cHplWVJkUWloS2c%3D to use.

So what we want is to not generate the password if a htpassword file has been supplied.

This would be quite a simple change if you want to have a go

These lines need to be run only if opt.HTTPOptions.HtPasswd == ""

rclone/fs/rc/rcserver/rcserver.go

Lines 96 to 107 in 1efb8ea

if opt.HTTPOptions.BasicUser == "" {
opt.HTTPOptions.BasicUser = "gui"
fs.Infof(nil, "No username specified. Using default username: %s \n", rcflags.Opt.HTTPOptions.BasicUser)
}
if opt.HTTPOptions.BasicPass == "" {
randomPass, err := random.Password(128)
if err != nil {
log.Fatalf("Failed to make password: %v", err)
}
opt.HTTPOptions.BasicPass = randomPass
fs.Infof(nil, "No password specified. Using random password: %s \n", randomPass)
}

@ncw ncw added the good first issue label Dec 7, 2020
@Addvilz
Copy link
Author

@Addvilz Addvilz commented Dec 7, 2020

I suspect there might be also a change needed related to opening browser automatically, and printing the URL to CLI, last line of your log output. I suspect it will fail if randomPass is not set.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
API / rc Web GUI enhancement good first issue
Projects
None yet
Milestone
No milestone
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
@ncw @Addvilz @ivandeex
You can’t perform that action at this time.
X Tutup