commit 0752d211de7001f4f1ee26979536ca469bca70ce Author: irregulator <irregulator@riseup.net> Date: Mon May 26 15:03:15 2014 +0300 Add --password-file for scramblesuit UniformDH password This argument permits to run obfsproxy in unmanaged mode and pass a file containing the scramblesuit password. That way password won't be visible in process list. --- obfsproxy/transports/scramblesuit/scramblesuit.py | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/obfsproxy/transports/scramblesuit/scramblesuit.py b/obfsproxy/transports/scramblesuit/scramblesuit.py index 43b52b5..725c253 100644 --- a/obfsproxy/transports/scramblesuit/scramblesuit.py +++ b/obfsproxy/transports/scramblesuit/scramblesuit.py @@ -14,6 +14,7 @@ import obfsproxy.common.log as logging import random import base64 import yaml +import argparse import probdist import mycrypto @@ -29,6 +30,11 @@ import fifobuf log = logging.get_obfslogger() +class ReadPassFile(argparse.Action): + def __call__(self, parser, namespace, values, option_string=None): + with open(values) as f: + setattr(namespace, self.dest, f.readline().strip()) + class ScrambleSuitTransport( base.BaseTransport ): @@ -542,12 +548,19 @@ class ScrambleSuitTransport( base.BaseTransport ): specify a ticket file and one to specify a UniformDH shared secret. """ - subparser.add_argument("--password", - required=True, + passArgs = subparser.add_mutually_exclusive_group(required=True) + + passArgs.add_argument("--password", type=str, help="Shared secret for UniformDH", dest="uniformDHSecret") + passArgs.add_argument("--password-file", + type=str, + help="File containing shared secret for UniformDH", + action=ReadPassFile, + dest="uniformDHSecret") + super(ScrambleSuitTransport, cls).register_external_mode_cli(subparser) @classmethod