Open jmoalves opened 7 months ago
please try this patch:
diff --git a/src/conf.c b/src/conf.c
index 4b5f33a..07d6225 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -449,7 +449,10 @@ static int load_config_file (const char *config_fname, struct config_s *conf)
FILE *config_file;
int ret = -1;
- config_file = fopen (config_fname, "r");
+ if (config_fname[0] == '-' && !config_fname[1])
+ config_file = stdin;
+ else
+ config_file = fopen (config_fname, "r");
if (!config_file) {
fprintf (stderr,
"%s: Could not open config file \"%s\".\n",
@@ -466,7 +469,7 @@ static int load_config_file (const char *config_fname, struct config_s *conf)
ret = 0;
done:
- if (config_file)
+ if (config_file && config_file != stdin)
fclose (config_file);
return ret;
note that using stdin, the config reload option of tp via SIGUSR1 won't work.
I need to configure my Upstream proxy with authentication.
Is it possible to obfuscate the password?
Sugestions: a) Ask for the key during startup and using it to decript the password b) Allowing the config file to be read from stdin and we could use
openssl
to decrypt it.Encryption / decryption example with config from stdin
tinyproxy.conf - initial plain text config
Encrypt
openssl enc -in tinyproxy.conf -e -aes256 -pbkdf2 > tinyproxy.conf.enc
rm tinyproxy.conf
Run tinyproxy
openssl enc -in tinyproxy.conf.enc -d -aes256 -pbkdf2 | tinyproxy -d -c-
In this scenario,
-c-
would allow config to be read from stdin.