-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow empty password #4698
Allow empty password #4698
Conversation
Subcommands `init` and `key add|passwd` now support the flag `--insecure-password` which disables the check for an empty password. `restic` warns about it, though. Support for `RESTIC_PASSWORD_FILE` and coresponding CLI option has been added as well. You may user either an empty file or just `/dev/null`. Basic support for Bash completion is there. But I am unsure if I got the semantic right. Haven't done something like this before. It lacks support for other shells. Internal the empty password is represented by an arbitrary, non-valid UTF-8 byte sequence (`0xff`) to allow to distinguish between not yet loaded and empty password. See https://stackoverflow.com/a/30741287. This is just a PoC, I haven't ever written a single Go line before.
Let's first discuss in #4326 what the expected behavior is before starting to implement it.
|
Yes,
Its not bad to have something to feel/show imho. |
Support to use an empty password if really desired Subcommands `init` and `key add|passwd` now support the flag `--allow-empty-password` which disables the check for an empty password. `restic` warns about it, though. Support for `RESTIC_PASSWORD_FILE` and coresponding CLI option has been added as well. You may user either an empty file or just `/dev/null`. Basic support for Bash completion is there. But I am unsure if I got the semantic right. Haven't done something like this before. It lacks support for other shells. Internal the empty password is represented by an arbitrary, non-valid UTF-8 byte sequence (`0xff`) to allow to distinguish between not yet loaded and empty password. See https://stackoverflow.com/a/30741287. This is just a PoC, I haven't ever written a single Go line before.
Since I already had a look into the code, I will do. I will kindly ask you to refine it afterwards, though: I have not written any Go expect this few lines. |
Sure, thanks for helping with this feature :-) |
Replaced by #4808 |
What does this PR change? What problem does it solve?
It adds basic support for empty passwords and may be a solution for #4326.
This is just a PoC, I haven't ever written a single Go line before.
Subcommands
init
andkey add|passwd
now support the flag--insecure-password
which disables the check for an empty password.restic
warns about it, though.Support for
RESTIC_PASSWORD_FILE
and coresponding CLI option has been added as well. You may user either an empty file or just/dev/null
.Was the change previously discussed in an issue or on the forum?
Not sure if it really fulfils (all of) the aims of #4326, but it may be a starting point.
Checklist
Nothing relevant is checked yet. This is just a prof of concept (for now). If there is a future for this, I am happy to do it right.
It have been tested only manually. Works on my machine™. ;)
changelog/unreleased/
that describes the changes for our users (see template).gofmt
on the code in all commits.