From e78e7529ceb74bd82a7fb9692b7f9cb09902ac66 Mon Sep 17 00:00:00 2001 From: Sergio Arroutbi Date: Tue, 31 Jan 2023 16:09:43 +0100 Subject: [PATCH] Include --netrc-file option when calling curl Resolves: #401 Signed-off-by: Sergio Arroutbi --- src/pins/tang/clevis-decrypt-tang | 13 ++++++++++++- src/pins/tang/clevis-encrypt-tang | 12 +++++++++++- 2 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/pins/tang/clevis-decrypt-tang b/src/pins/tang/clevis-decrypt-tang index 72393b49..9fc8bf81 100755 --- a/src/pins/tang/clevis-decrypt-tang +++ b/src/pins/tang/clevis-decrypt-tang @@ -101,7 +101,18 @@ xfr="$(jose jwk exc -i '{"alg":"ECMR"}' -l- -r- <<< "$clt$eph")" rec_url="$url/rec/$kid" ct="Content-Type: application/jwk+json" -if ! rep="$(curl -sfg -X POST -H "$ct" --data-binary @- "$rec_url" <<< "$xfr")"; then + +# Check if netrc-file option exists +curl_net_rc_option="--netrc-file" +curl_net_rc_file="/etc/clevis/clevis_netrc.conf" +netrc="$(curl --help all | grep netrc-file)" || true +if [ -z "${netrc}" ]; +then + curl_net_rc_option="" + curl_net_rc_file="" +fi + +if ! rep="$(curl "${curl_net_rc_option}" "${curl_net_rc_file}" -sfg -X POST -H "$ct" --data-binary @- "$rec_url" <<< "$xfr")"; then echo "Error communicating with server $url" >&2 exit 1 fi diff --git a/src/pins/tang/clevis-encrypt-tang b/src/pins/tang/clevis-encrypt-tang index fddb7f32..1270a59f 100755 --- a/src/pins/tang/clevis-encrypt-tang +++ b/src/pins/tang/clevis-encrypt-tang @@ -75,6 +75,16 @@ if ! url="$(jose fmt -j- -Og url -u- <<< "$cfg")"; then exit 1 fi +# Check if netrc-file option exists +curl_net_rc_option="--netrc-file" +curl_net_rc_file="/etc/clevis/clevis_netrc.conf" +netrc="$(curl --help all | grep netrc-file)" || true +if [ -z "${netrc}" ]; +then + curl_net_rc_option="" + curl_net_rc_file="" +fi + thp="$(jose fmt -j- -Og thp -Su- <<< "$cfg")" || true ### Get the advertisement @@ -92,7 +102,7 @@ elif jws="$(jose fmt -j- -g adv -Su- <<< "$cfg")"; then fi thp="${thp:-any}" -elif ! jws="$(curl -sfg "$url/adv/$thp")"; then +elif ! jws="$(curl "${curl_net_rc_option}" "${curl_net_rc_file}" -sfg "$url/adv/$thp")"; then echo "Unable to fetch advertisement: '$url/adv/$thp'!" >&2 exit 1 fi