From 4b7ec853b176b0e3b82c2ffdd781a87c6734c102 Mon Sep 17 00:00:00 2001 From: "D. Scott Boggs" Date: Thu, 8 May 2025 08:49:02 -0400 Subject: [PATCH] Password files must be trimmed of newlines --- api/adaptors/sql/src/lib.rs | 11 +++++++---- api/src/routes/tasks.rs | 2 +- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/api/adaptors/sql/src/lib.rs b/api/adaptors/sql/src/lib.rs index 0f2ecab..83e0c8b 100644 --- a/api/adaptors/sql/src/lib.rs +++ b/api/adaptors/sql/src/lib.rs @@ -188,11 +188,14 @@ fn get_connection_string() -> String { if let Some(password_file_location) = env::var_os("DATABASE_PASSWORD_FILE") { // The password can be left out of the URL, we add it from the specified // file (presumably under /run/secrets/) - let password = fs::read(&password_file_location).unwrap_or_else(|err| { - panic!("could not read database password from {password_file_location:?}\n\t{err:?}") - }); + let password = fs::read(&password_file_location) + .unwrap_or_else(|err| { + panic!("could not read database password from {password_file_location:?}\n\t{err:?}") + }); + let password = String::from(String::from_utf8_lossy(password.as_slice())); + let password = password.trim_end(); let mut url = Url::parse(&connection_string).expect("invalid connection string"); - url.set_password(Some(String::from_utf8_lossy(password.as_slice()).as_ref())) + url.set_password(Some(password)) .unwrap_or_else(|_| panic!("invalid database URL: {connection_string:?}")); url.to_string() } else { diff --git a/api/src/routes/tasks.rs b/api/src/routes/tasks.rs index 3f7e44e..943df38 100644 --- a/api/src/routes/tasks.rs +++ b/api/src/routes/tasks.rs @@ -35,7 +35,7 @@ pub async fn cleanup( println!("Error reading CRON_KEY_FILE at {path:?}"); return Err(ApiError::NotAuthorized); }; - String::from_utf8_lossy(key.as_slice()).into() + String::from_utf8_lossy(key.as_slice()).to_owned().trim_end().to_string() } else { Default::default() };