<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<br>
On Wed, Apr 21, 2021 at 5:06 PM Chris Johns <chrisj@rtems.org> wrote:<br>
><br>
> Hi Alex,<br>
><br>
<div>> Is there a chance the password can end up in a log file?<br>
</div>
<div><br>
</div>
<div>I did not see the command line options in the email when I sent it to myself so it wasn't on my radar, but it could have ended up in a log file, yes.</div>
<div><br>
</div>
<div>I should do the same thing to this that I did in rtems-tools here: <a href="https://git.rtems.org/rtems-tools/commit/?id=92f7f67297b9053e6846760e6c8059be0fa1c86c" id="LPlnk891176">https://git.rtems.org/rtems-tools/commit/?id=92f7f67297b9053e6846760e6c8059be0fa1c86c</a></div>
<div><br>
</div>
<div>Would that change to remove sensitive command line options make this patch acceptable?</div>
<div><br>
</div>
<div>Thanks,</div>
<div><br>
</div>
<div>Alex</div>
<div><br>
</div>
><br>
> See...<br>
> https://git.rtems.org/rtems-source-builder/tree/source-builder/sb/options.py#n584<br>
><br>
> Chris<br>
><br>
> On 22/4/21 8:00 am, Alex White wrote:<br>
> > This adds the improved mailer.py script from rtems-tools.<br>
> ><br>
> > Closes #4388<br>
> > ---<br>
> > source-builder/sb/mailer.py | 192 ++++++++++++++++++++++++++------<br>
> > source-builder/sb/options.py | 9 ++<br>
> > source-builder/sb/setbuilder.py | 2 +<br>
> > 3 files changed, 171 insertions(+), 32 deletions(-)<br>
> ><br>
> > diff --git a/source-builder/sb/mailer.py b/source-builder/sb/mailer.py<br>
> > index ff25df5..ee5bf07 100644<br>
> > --- a/source-builder/sb/mailer.py<br>
> > +++ b/source-builder/sb/mailer.py<br>
> > @@ -1,21 +1,32 @@<br>
> > #<br>
> > # RTEMS Tools Project (http://www.rtems.org/)<br>
> > -# Copyright 2013 Chris Johns (chrisj@rtems.org)<br>
> > +# Copyright 2013-2016 Chris Johns (chrisj@rtems.org)<br>
> > # All rights reserved.<br>
> > #<br>
> > # This file is part of the RTEMS Tools package in 'rtems-tools'.<br>
> > #<br>
> > -# Permission to use, copy, modify, and/or distribute this software for any<br>
> > -# purpose with or without fee is hereby granted, provided that the above<br>
> > -# copyright notice and this permission notice appear in all copies.<br>
> > +# Redistribution and use in source and binary forms, with or without<br>
> > +# modification, are permitted provided that the following conditions are met:<br>
> > +#<br>
> > +# 1. Redistributions of source code must retain the above copyright notice,<br>
> > +# this list of conditions and the following disclaimer.<br>
> > +#<br>
> > +# 2. Redistributions in binary form must reproduce the above copyright notice,<br>
> > +# this list of conditions and the following disclaimer in the documentation<br>
> > +# and/or other materials provided with the distribution.<br>
> > +#<br>
> > +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"<br>
> > +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE<br>
> > +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE<br>
> > +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE<br>
> > +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR<br>
> > +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF<br>
> > +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS<br>
> > +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN<br>
> > +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)<br>
> > +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE<br>
> > +# POSSIBILITY OF SUCH DAMAGE.<br>
> > #<br>
> > -# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES<br>
> > -# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF<br>
> > -# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR<br>
> > -# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES<br>
> > -# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN<br>
> > -# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF<br>
> > -# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.<br>
> > <br>
> > #<br>
> > # Manage emailing results or reports.<br>
> > @@ -28,18 +39,71 @@ import smtplib<br>
> > import socket<br>
> > <br>
> > from . import error<br>
> > +from . import execute<br>
> > from . import options<br>
> > from . import path<br>
> > <br>
> > +_options = {<br>
> > + '--mail' : 'Send email report or results.',<br>
> > + '--use-gitconfig': 'Use mail configuration from git config.',<br>
> > + '--mail-to' : 'Email address to send the email to.',<br>
> > + '--mail-from' : 'Email address the report is from.',<br>
> > + '--smtp-host' : 'SMTP host to send via.',<br>
> > + '--smtp-port' : 'SMTP port to send via.',<br>
> > + '--smtp-user' : 'User for SMTP authentication.',<br>
> > + '--smtp-password': 'Password for SMTP authentication.'<br>
> > +}<br>
> > +<br>
> > def append_options(opts):<br>
> > - opts['--mail'] = 'Send email report or results.'<br>
> > - opts['--smtp-host'] = 'SMTP host to send via.'<br>
> > - opts['--mail-to'] = 'Email address to send the email too.'<br>
> > - opts['--mail-from'] = 'Email address the report is from.'<br>
> > + for o in _options:<br>
> > + opts[o] = _options[o]<br>
> > +<br>
> > +def add_arguments(argsp):<br>
> > + argsp.add_argument('--mail', help = _options['--mail'], action = 'store_true')<br>
> > + argsp.add_argument('--use-gitconfig', help = _options['--use-gitconfig'], action = 'store_true')<br>
> > + for o in list(_options)[1:]:<br>
> > + argsp.add_argument(o, help = _options[o], type = str)<br>
> > <br>
> > class mail:<br>
> > def __init__(self, opts):<br>
> > self.opts = opts<br>
> > + self.gitconfig_lines = None<br>
> > + if opts.find_arg('--use-gitconfig') is not None:<br>
> > + # Read the output of `git config --list` instead of reading the<br>
> > + # .gitconfig file directly because Python 2 ConfigParser does not<br>
> > + # accept tabs at the beginning of lines.<br>
> > + e = execute.capture_execution()<br>
> > + exit_code, proc, output = e.open('git config --list', shell=True)<br>
> > + if exit_code == 0:<br>
> > + self.gitconfig_lines = output.split(os.linesep)<br>
> > +<br>
> > + def _args_are_macros(self):<br>
> > + return isinstance(self.opts, options.command_line)<br>
> > +<br>
> > + def _get_arg(self, arg):<br>
> > + if self._args_are_macros():<br>
> > + value = self.opts.find_arg(arg)<br>
> > + if value is not None:<br>
> > + value = self.opts.find_arg(arg)[1]<br>
> > + else:<br>
> > + if arg.startswith('--'):<br>
> > + arg = arg[2:]<br>
> > + arg = arg.replace('-', '_')<br>
> > + if arg in vars(self.opts):<br>
> > + value = vars(self.opts)[arg]<br>
> > + else:<br>
> > + value = None<br>
> > + return value<br>
> > +<br>
> > + def _get_from_gitconfig(self, variable_name):<br>
> > + if self.gitconfig_lines is None:<br>
> > + return None<br>
> > +<br>
> > + for line in self.gitconfig_lines:<br>
> > + if line.startswith(variable_name):<br>
> > + ls = line.split('=')<br>
> > + if len(ls) >= 2:<br>
> > + return ls[1]<br>
> > <br>
> > def from_address(self):<br>
> > <br>
> > @@ -52,9 +116,15 @@ class mail:<br>
> > l = l[:l.index('\n')]<br>
> > return l.strip()<br>
> > <br>
> > - addr = self.opts.get_arg('--mail-from')<br>
> > + addr = self._get_arg('--mail-from')<br>
> > if addr is not None:<br>
> > - return addr[1]<br>
> > + return addr<br>
> > + addr = self._get_from_gitconfig('user.email')<br>
> > + if addr is not None:<br>
> > + name = self._get_from_gitconfig('user.name')<br>
> > + if name is not None:<br>
> > + addr = '%s <%s>' % (name, addr)<br>
> > + return addr<br>
> > mailrc = None<br>
> > if 'MAILRC' in os.environ:<br>
> > mailrc = os.environ['MAILRC']<br>
> > @@ -63,9 +133,8 @@ class mail:<br>
> > if mailrc is not None and path.exists(mailrc):<br>
> > # set from="Joe Blow <joe@blow.org>"<br>
> > try:<br>
> > - mrc = open(mailrc, 'r')<br>
> > - lines = mrc.readlines()<br>
> > - mrc.close()<br>
> > + with open(mailrc, 'r') as mrc:<br>
> > + lines = mrc.readlines()<br>
> > except IOError as err:<br>
> > raise error.general('error reading: %s' % (mailrc))<br>
> > for l in lines:<br>
> > @@ -76,40 +145,99 @@ class mail:<br>
> > addr = fa[fa.index('=') + 1:].replace('"', ' ').strip()<br>
> > if addr is not None:<br>
> > return addr<br>
> > - addr = self.opts.defaults.get_value('%{_sbgit_mail}')<br>
> > + if self._args_are_macros():<br>
> > + addr = self.opts.defaults.get_value('%{_sbgit_mail}')<br>
> > + else:<br>
> > + raise error.general('no valid from address for mail')<br>
> > return addr<br>
> > <br>
> > def smtp_host(self):<br>
> > - host = self.opts.get_arg('--smtp-host')<br>
> > + host = self._get_arg('--smtp-host')<br>
> > if host is not None:<br>
> > - return host[1]<br>
> > - host = self.opts.defaults.get_value('%{_mail_smtp_host}')<br>
> > + return host<br>
> > + host = self._get_from_gitconfig('sendemail.smtpserver')<br>
> > + if host is not None:<br>
> > + return host<br>
> > + if self._args_are_macros():<br>
> > + host = self.opts.defaults.get_value('%{_mail_smtp_host}')<br>
> > if host is not None:<br>
> > return host<br>
> > return 'localhost'<br>
> > <br>
> > + def smtp_port(self):<br>
> > + port = self._get_arg('--smtp-port')<br>
> > + if port is not None:<br>
> > + return port<br>
> > + port = self._get_from_gitconfig('sendemail.smtpserverport')<br>
> > + if port is not None:<br>
> > + return port<br>
> > + if self._args_are_macros():<br>
> > + port = self.opts.defaults.get_value('%{_mail_smtp_port}')<br>
> > + return port<br>
> > +<br>
> > + def smtp_user(self):<br>
> > + user = self._get_arg('--smtp-user')<br>
> > + if user is not None:<br>
> > + return user<br>
> > + user = self._get_from_gitconfig('sendemail.smtpuser')<br>
> > + return user<br>
> > +<br>
> > + def smtp_password(self):<br>
> > + password = self._get_arg('--smtp-password')<br>
> > + if password is not None:<br>
> > + return password<br>
> > + password = self._get_from_gitconfig('sendemail.smtppass')<br>
> > + return password<br>
> > +<br>
> > def send(self, to_addr, subject, body):<br>
> > from_addr = self.from_address()<br>
> > msg = "From: %s\r\nTo: %s\r\nSubject: %s\r\n\r\n" % \<br>
> > (from_addr, to_addr, subject) + body<br>
> > - if type(to_addr) is str:<br>
> > - to_addr = to_addr.split(',')<br>
> > - if type(to_addr) is not list:<br>
> > - raise error.general('invalid to_addr type')<br>
> > + port = self.smtp_port()<br>
> > +<br>
> > try:<br>
> > - s = smtplib.SMTP(self.smtp_host())<br>
> > - s.sendmail(from_addr, to_addr, msg)<br>
> > + s = smtplib.SMTP(self.smtp_host(), port, timeout=10)<br>
> > +<br>
> > + password = self.smtp_password()<br>
> > + # If a password is provided, assume that authentication is required.<br>
> > + if password is not None:<br>
> > + user = self.smtp_user()<br>
> > + if user is None:<br>
> > + user = from_addr<br>
> > + s.starttls()<br>
> > + s.login(user, password)<br>
> > +<br>
> > + s.sendmail(from_addr, [to_addr], msg)<br>
> > except smtplib.SMTPException as se:<br>
> > raise error.general('sending mail: %s' % (str(se)))<br>
> > except socket.error as se:<br>
> > raise error.general('sending mail: %s' % (str(se)))<br>
> > <br>
> > + def send_file_as_body(self, to_addr, subject, name, intro = None):<br>
> > + try:<br>
> > + with open(name, 'r') as f:<br>
> > + body = f.readlines()<br>
> > + except IOError as err:<br>
> > + raise error.general('error reading mail body: %s' % (name))<br>
> > + if intro is not None:<br>
> > + body = intro + body<br>
> > + self.send(to_addr, from_addr, body)<br>
> > +<br>
> > if __name__ == '__main__':<br>
> > import sys<br>
> > + from . import macros<br>
> > optargs = {}<br>
> > + rtdir = 'source-builder'<br>
> > + defaults = '%s/defaults.mc' % (rtdir)<br>
> > append_options(optargs)<br>
> > - opts = options.load(sys.argv, optargs = optargs, defaults = 'defaults.mc')<br>
> > + opts = options.command_line(base_path = '.',<br>
> > + argv = sys.argv,<br>
> > + optargs = optargs,<br>
> > + defaults = macros.macros(name = defaults, rtdir = rtdir),<br>
> > + command_path = '.')<br>
> > + options.load(opts)<br>
> > m = mail(opts)<br>
> > print('From: %s' % (m.from_address()))<br>
> > print('SMTP Host: %s' % (m.smtp_host()))<br>
> > - m.send(m.from_address(), 'Test mailer.py', 'This is a test')<br>
> > + if '--mail' in sys.argv:<br>
> > + m.send(m.from_address(), 'Test mailer.py', 'This is a test')<br>
> > diff --git a/source-builder/sb/options.py b/source-builder/sb/options.py<br>
> > index d6bffd0..a74db6b 100644<br>
> > --- a/source-builder/sb/options.py<br>
> > +++ b/source-builder/sb/options.py<br>
> > @@ -517,6 +517,15 @@ class command_line:<br>
> > return None<br>
> > return self.parse_args(arg)<br>
> > <br>
> > + def find_arg(self, arg):<br>
> > + if self.optargs is None or arg not in self.optargs:<br>
> > + raise error.internal('bad arg: %s' % (arg))<br>
> > + for a in self.args:<br>
> > + sa = a.split('=')<br>
> > + if sa[0].startswith(arg):<br>
> > + return sa<br>
> > + return None<br>
> > +<br>
> > def with_arg(self, label, default = 'not-found'):<br>
> > # the default if there is no option for without.<br>
> > result = default<br>
> > diff --git a/source-builder/sb/setbuilder.py b/source-builder/sb/setbuilder.py<br>
> > index b0e2b23..c8c8fee 100644<br>
> > --- a/source-builder/sb/setbuilder.py<br>
> > +++ b/source-builder/sb/setbuilder.py<br>
> > @@ -695,6 +695,8 @@ def run():<br>
> > 'log' : '',<br>
> > 'reports': [],<br>
> > 'failure': None }<br>
> > + # Request this now to generate any errors.<br>
> > + smtp_host = mail['mail'].smtp_host()<br>
> > to_addr = opts.get_arg('--mail-to')<br>
> > if to_addr is not None:<br>
> > mail['to'] = to_addr[1]<br>
> ><br>
> _______________________________________________<br>
> devel mailing list<br>
> devel@rtems.org<br>
> <a href="http://lists.rtems.org/mailman/listinfo/devel" id="LPlnk645196">http://lists.rtems.org/mailman/listinfo/devel</a>
</body>
</html>