mirror of
https://github.com/sigp/lighthouse.git
synced 2026-03-03 00:31:50 +00:00
Validator import password flag (#2228)
## Issue Addressed #2224 ## Proposed Changes Add a `--password-file` option to the `lighthouse account validator import` command. The flag requires `--reuse-password` and will copy the password over to the `validator_definitions.yml` file. I used #2070 as a guide for validating the password as UTF-8 and stripping newlines. ## Additional Info Co-authored-by: realbigsean <seananderson33@gmail.com>
This commit is contained in:
realbigsean
@@ -1,4 +1,4 @@
|
||||
use crate::wallet::create::STDIN_INPUTS_FLAG;
|
||||
use crate::wallet::create::{PASSWORD_FLAG, STDIN_INPUTS_FLAG};
|
||||
use account_utils::{
|
||||
eth2_keystore::Keystore,
|
||||
read_password_from_user,
|
||||
@@ -65,6 +65,19 @@ pub fn cli_app<'a, 'b>() -> App<'a, 'b> {
|
||||
.long(REUSE_PASSWORD_FLAG)
|
||||
.help("If present, the same password will be used for all imported keystores."),
|
||||
)
|
||||
.arg(
|
||||
Arg::with_name(PASSWORD_FLAG)
|
||||
.long(PASSWORD_FLAG)
|
||||
.value_name("KEYSTORE_PASSWORD_PATH")
|
||||
.requires(REUSE_PASSWORD_FLAG)
|
||||
.help(
|
||||
"The path to the file containing the password which will unlock all \
|
||||
keystores being imported. This flag must be used with `--reuse-password`. \
|
||||
The password will be copied to the `validator_definitions.yml` file, so after \
|
||||
import we strongly recommend you delete the file at KEYSTORE_PASSWORD_PATH.",
|
||||
)
|
||||
.takes_value(true),
|
||||
)
|
||||
}
|
||||
|
||||
pub fn cli_run(matches: &ArgMatches, validator_dir: PathBuf) -> Result<(), String> {
|
||||
@@ -72,6 +85,8 @@ pub fn cli_run(matches: &ArgMatches, validator_dir: PathBuf) -> Result<(), Strin
|
||||
let keystores_dir: Option<PathBuf> = clap_utils::parse_optional(matches, DIR_FLAG)?;
|
||||
let stdin_inputs = matches.is_present(STDIN_INPUTS_FLAG);
|
||||
let reuse_password = matches.is_present(REUSE_PASSWORD_FLAG);
|
||||
let keystore_password_path: Option<PathBuf> =
|
||||
clap_utils::parse_optional(matches, PASSWORD_FLAG)?;
|
||||
|
||||
let mut defs = ValidatorDefinitions::open_or_create(&validator_dir)
|
||||
.map_err(|e| format!("Unable to open {}: {:?}", CONFIG_FILENAME, e))?;
|
||||
@@ -131,6 +146,7 @@ pub fn cli_run(matches: &ArgMatches, validator_dir: PathBuf) -> Result<(), Strin
|
||||
// Reuses the same password for all keystores if the `REUSE_PASSWORD_FLAG` flag is set.
|
||||
let mut num_imported_keystores = 0;
|
||||
let mut previous_password: Option<ZeroizeString> = None;
|
||||
|
||||
for src_keystore in &keystore_paths {
|
||||
let keystore = Keystore::from_json_file(src_keystore)
|
||||
.map_err(|e| format!("Unable to read keystore JSON {:?}: {:?}", src_keystore, e))?;
|
||||
@@ -155,13 +171,23 @@ pub fn cli_run(matches: &ArgMatches, validator_dir: PathBuf) -> Result<(), Strin
|
||||
eprintln!();
|
||||
eprintln!("{}", PASSWORD_PROMPT);
|
||||
|
||||
let password = read_password_from_user(stdin_inputs)?;
|
||||
|
||||
if password.as_ref().is_empty() {
|
||||
eprintln!("Continuing without password.");
|
||||
sleep(Duration::from_secs(1)); // Provides nicer UX.
|
||||
break None;
|
||||
}
|
||||
let password = match keystore_password_path.as_ref() {
|
||||
Some(path) => {
|
||||
let password_from_file: ZeroizeString = fs::read_to_string(&path)
|
||||
.map_err(|e| format!("Unable to read {:?}: {:?}", path, e))?
|
||||
.into();
|
||||
password_from_file.without_newlines()
|
||||
}
|
||||
None => {
|
||||
let password_from_user = read_password_from_user(stdin_inputs)?;
|
||||
if password_from_user.as_ref().is_empty() {
|
||||
eprintln!("Continuing without password.");
|
||||
sleep(Duration::from_secs(1)); // Provides nicer UX.
|
||||
break None;
|
||||
}
|
||||
password_from_user
|
||||
}
|
||||
};
|
||||
|
||||
match keystore.decrypt_keypair(password.as_ref()) {
|
||||
Ok(_) => {
|
||||
|
||||
Reference in New Issue
Block a user