I've been looking at Git and cURL and I found some references about .netrc, that may help on HTTP authentication. The problem is: .netrc is dumb, because it stores passwords in plain text format, which is a big security issue for the solution I'm developing.
Is there an alternative to the .netrc approach? Is it possible to develop an "authentication backend" to cURL?
Update April 2013, git 1.8.3:
A new read-only credential helper (in
contrib/) to interact with the.netrc/.authinfofiles has been added.
That script would allow you to use gpg-encrypted netrc files, avoiding the issue of having your credentials stored in a plain text file.
To enable this credential helper:
git config credential.helper '$shortname -f AUTHFILE1 -f AUTHFILE2'
(Note that Git will prepend "
git-credential-" to the helper name and look for it in the path.)
See a full example at "Is there a way to skip password typing when using https:// github"
Original answer (March 2011)
The only alternative (except not using it and going through ssh) would be to:
crypt')Note that on Unix, that file is normally in mode 600, only visible by you.
On Windows (_netrc), that file should be in your HOMEDIR, which shouldn't be accessible (through Windows ACL) to any other users.
But I still don't like a password in plain text...
This thread, for example, goes through the same process (on Unix for gpg, but it still illustrates the solution nicely):
Below I have included a sample script implementing the usage of '
gpg', which can be used to encrypt the contents of a file. It's in shell script, however I'm sure you can adapt the concept to your perl script.I think for your needs the basic idea is:
- create a plain-text file with your password (and other info)
- encrypt it using
gpgand store the encrypted file; dispose of the plain-text file- Within the perl script, decrypt the encrypted file into a plain-text file
- read contents of plain-text file during runtime of your script
- delete plain-text file as soon as possible.
Here's just an example of the workings of gpg:
#!/bin/sh
echo -n "Enter your password: "
read pass
FILE=~/mypassword
echo $pass > $FILE
gpg -c $FILE
rm -f $FILE
gpg $FILE.gpg
MYPASSWORD=`cat $FILE`
rm -f $FILE
echo $MYPASSWORD
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 贪生不怕死 的文章《_netrc/.netrc alternative to cURL》','https://www.manongdao.com/article-168877.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}