enoch/n2n
1
0
Fork 0
mirror of https://github.com/ntop/n2n.git synced 2024-09-20 00:51:10 +02:00
Code Issues Actions Packages Projects Releases 1 Wiki Activity

added support for N2N_PASSWORD environment variable (#818)

Browse Source
This commit is contained in:
Logan oos Even 2021-09-25 16:01:11 +05:45 committed by GitHub
parent 09fdfb0424
commit dfe15ad95d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 19 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/Authentication.md
View File

@ -87,7 +87,7 @@ Considering all this, our example expands to
[user@host n2n]$ sudo ./edge -l <supernode:port> -c netleo -I logan -J 007 -A5 -k mySecretKey -P opIyaWhWjKLJSNOHNpKnGmelhHWRqkmY5pAx7lbDHp4 [user@host n2n]$ sudo ./edge -l <supernode:port> -c netleo -I logan -J 007 -A5 -k mySecretKey -P opIyaWhWjKLJSNOHNpKnGmelhHWRqkmY5pAx7lbDHp4
``` ```
You might want to consider the use of [`.conf` files](https://github.com/ntop/n2n/blob/dev/doc/ConfigurationFiles.md) to accomodate all the command line parameters more easily. You might want to consider the use of [`.conf` files](https://github.com/ntop/n2n/blob/dev/doc/ConfigurationFiles.md) to accomodate all the command line parameters more easily. Alternatively, the `N2N_PASSWORD` environment variable can be used to set the password without having it show up as part of the command line.
#### How Does It Work? #### How Does It Work?

9
edge.8
View File

@ -137,7 +137,7 @@ annotate the edge's description used for easier
identification in management port output or username identification in management port output or username
.TP .TP
\fB\-J \fR<\fIpassword\fR> \fB\-J \fR<\fIpassword\fR>
password for user-password edge authentication password for user-password edge authentication (see also N2N_PASSWORD in ENVIRONMENT)
.TP .TP
\fB\-P \fR<\fIpublic key\fR> \fB\-P \fR<\fIpublic key\fR>
federation public key for user-password authentication federation public key for user-password authentication
@ -203,10 +203,13 @@ shows detailed parameter description
.SH ENVIRONMENT .SH ENVIRONMENT
.TP .TP
.B N2N_KEY .B N2N_KEY
set the encryption key so it is not visible on the command line set the encryption key so it is not visible at the command line
.TP .TP
.B N2N_COMMUNITY .B N2N_COMMUNITY
set the community name so it is not visible on the command line set the community name so it is not visible at the command line
.TP
.B N2N_PASSWORD
set the password for user-password authentication so it is not visible at the command line
.SH EXAMPLES .SH EXAMPLES
.TP .TP
.B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:23 \-a 192.168.254.7 \-p 50001 \-l 123.121.120.119:7654 .B edge \-d n2n0 \-c mynetwork \-k encryptme \-u 99 \-g 99 \-m DE:AD:BE:EF:01:23 \-a 192.168.254.7 \-p 50001 \-l 123.121.120.119:7654

8
src/edge.c
View File

@ -215,6 +215,9 @@ static void help (int level) {
"N2N_KEY instead of [-k <key>]" "N2N_KEY instead of [-k <key>]"
"\n variables " "\n variables "
"N2N_COMMUNITY instead of -c <community>" "N2N_COMMUNITY instead of -c <community>"
"\n "
"N2N_PASSWORD instead of [-J <password>]"
"\n " "\n "
"\n meaning of the " "\n meaning of the "
@ -328,6 +331,8 @@ static void help (int level) {
printf (" ---------------------\n\n"); printf (" ---------------------\n\n");
printf(" N2N_KEY | encryption key (ASCII), not with '-k ...'\n"); printf(" N2N_KEY | encryption key (ASCII), not with '-k ...'\n");
printf(" N2N_COMMUNITY | community name (ASCII), overwritten by '-c ...'\n"); printf(" N2N_COMMUNITY | community name (ASCII), overwritten by '-c ...'\n");
printf(" N2N_PASSWORD | password (ASCII) for user-password authentication,\n"
" | overwritten by '-J ...'\n");
#ifdef WIN32 #ifdef WIN32
printf ("\n"); printf ("\n");
printf (" AVAILABLE TAP ADAPTERS\n"); printf (" AVAILABLE TAP ADAPTERS\n");
@ -561,7 +566,8 @@ static int setOption (int optkey, char *optargument, n2n_tuntap_priv_config_t *e
} }
case 'J': /* password for user-password authentication */ { case 'J': /* password for user-password authentication */ {
conf->shared_secret = calloc(1, sizeof(n2n_private_public_key_t)); if(!conf->shared_secret) /* we could already have it from environment variable, see edge_init_conf_defaults() */
conf->shared_secret = calloc(1, sizeof(n2n_private_public_key_t));
if(conf->shared_secret) if(conf->shared_secret)
generate_private_key(*(conf->shared_secret), optargument); generate_private_key(*(conf->shared_secret), optargument);

5
src/edge_utils.c
View File

@ -3684,6 +3684,11 @@ void edge_init_conf_defaults (n2n_edge_conf_t *conf) {
strncpy((char*)conf->community_name, getenv("N2N_COMMUNITY"), N2N_COMMUNITY_SIZE); strncpy((char*)conf->community_name, getenv("N2N_COMMUNITY"), N2N_COMMUNITY_SIZE);
conf->community_name[N2N_COMMUNITY_SIZE - 1] = '\0'; conf->community_name[N2N_COMMUNITY_SIZE - 1] = '\0';
} }
if(getenv("N2N_PASSWORD")) {
conf->shared_secret = calloc(1, sizeof(n2n_private_public_key_t));
if(conf->shared_secret)
generate_private_key(*(conf->shared_secret), getenv("N2N_PASSWORD"));
}
conf->metric = 0; conf->metric = 0;
} }