From a9544e05ff175201187ff1530364dd4d77ee0d3d Mon Sep 17 00:00:00 2001
From: Irmen de Jong <irmen@razorvine.net>
Date: Tue, 3 Apr 2018 02:36:50 +0200
Subject: [PATCH] making -k option obsolete due to security issue, replace by
 PYRO_HMAC_KEY env var. Fixes #199

---
 src/Pyro4/naming.py            |  5 +++++
 src/Pyro4/nsc.py               |  5 +++++
 src/Pyro4/test/echoserver.py   |  5 +++++
 src/Pyro4/utils/flameserver.py |  6 ++++++
 src/Pyro4/utils/httpgateway.py | 10 ++++++++++
 5 files changed, 31 insertions(+)

diff --git a/src/Pyro4/naming.py b/src/Pyro4/naming.py
index 3ab9d489..c325ea45 100644
--- a/src/Pyro4/naming.py
+++ b/src/Pyro4/naming.py
@@ -10,6 +10,7 @@
 import logging
 import socket
 import sys
+import os
 import time
 import threading
 from Pyro4.errors import NamingError, PyroError, ProtocolError
@@ -552,6 +553,10 @@ def main(args=None):
     if options.key:
         warnings.warn("using -k to supply HMAC key on the command line is a security problem "
                       "and is deprecated since Pyro 4.72. See the documentation for an alternative.")
+    if "PYRO_HMAC_KEY" in os.environ:
+        if options.key:
+            raise SystemExit("error: don't use -k and PYRO_HMAC_KEY at the same time")
+        options.key = os.environ["PYRO_HMAC_KEY"]
     startNSloop(options.host, options.port, enableBroadcast=options.enablebc,
                 bchost=options.bchost, bcport=options.bcport, unixsocket=options.unixsocket,
                 nathost=options.nathost, natport=options.natport, storage=options.storage,
diff --git a/src/Pyro4/nsc.py b/src/Pyro4/nsc.py
index 987368df..09d8c4bc 100644
--- a/src/Pyro4/nsc.py
+++ b/src/Pyro4/nsc.py
@@ -6,6 +6,7 @@
 
 from __future__ import print_function
 import sys
+import os
 import warnings
 from Pyro4 import errors, naming
 
@@ -123,6 +124,10 @@ def main(args=None):
     if options.key:
         warnings.warn("using -k to supply HMAC key on the command line is a security problem "
                       "and is deprecated since Pyro 4.72. See the documentation for an alternative.")
+    if "PYRO_HMAC_KEY" in os.environ:
+        if options.key:
+            raise SystemExit("error: don't use -k and PYRO_HMAC_KEY at the same time")
+        options.key = os.environ["PYRO_HMAC_KEY"]
     if not args or args[0] not in ("register", "remove", "removematching", "list", "listmatching", "lookup",
                                    "listmeta_all", "listmeta_any", "setmeta", "ping"):
         parser.error("invalid or missing command")
diff --git a/src/Pyro4/test/echoserver.py b/src/Pyro4/test/echoserver.py
index 405fd880..bccbc411 100644
--- a/src/Pyro4/test/echoserver.py
+++ b/src/Pyro4/test/echoserver.py
@@ -14,6 +14,7 @@
 
 from __future__ import print_function
 import sys
+import os
 import time
 import warnings
 import threading
@@ -157,6 +158,10 @@ def main(args=None, returnWithoutLooping=False):
     if options.key:
         warnings.warn("using -k to supply HMAC key on the command line is a security problem "
                       "and is deprecated since Pyro 4.72. See the documentation for an alternative.")
+    if "PYRO_HMAC_KEY" in os.environ:
+        if options.key:
+            raise SystemExit("error: don't use -k and PYRO_HMAC_KEY at the same time")
+        options.key = os.environ["PYRO_HMAC_KEY"]
 
     if options.verbose:
         options.quiet = False
diff --git a/src/Pyro4/utils/flameserver.py b/src/Pyro4/utils/flameserver.py
index d0cce0a6..8d278f20 100644
--- a/src/Pyro4/utils/flameserver.py
+++ b/src/Pyro4/utils/flameserver.py
@@ -16,6 +16,7 @@
 
 from __future__ import print_function
 import sys
+import os
 import warnings
 from Pyro4.configuration import config
 from Pyro4 import core
@@ -37,6 +38,11 @@ def main(args=None, returnWithoutLooping=False):
         warnings.warn("using -k to supply HMAC key on the command line is a security problem "
                       "and is deprecated since Pyro 4.72. See the documentation for an alternative.")
 
+    if "PYRO_HMAC_KEY" in os.environ:
+        if options.key:
+            raise SystemExit("error: don't use -k and PYRO_HMAC_KEY at the same time")
+        options.key = os.environ["PYRO_HMAC_KEY"]
+
     if not options.quiet:
         print("Starting Pyro Flame server.")
 
diff --git a/src/Pyro4/utils/httpgateway.py b/src/Pyro4/utils/httpgateway.py
index 5666426c..55b83c43 100644
--- a/src/Pyro4/utils/httpgateway.py
+++ b/src/Pyro4/utils/httpgateway.py
@@ -26,6 +26,7 @@
 import sys
 import re
 import cgi
+import os
 import uuid
 import warnings
 from wsgiref.simple_server import make_server
@@ -320,6 +321,15 @@ def main(args=None):
     if options.pyrokey or options.gatewaykey:
         warnings.warn("using -k and/or -g to supply keys on the command line is a security problem "
                       "and is deprecated since Pyro 4.72. See the documentation for an alternative.")
+    if "PYRO_HMAC_KEY" in os.environ:
+        if options.pyrokey:
+            raise SystemExit("error: don't use -k and PYRO_HMAC_KEY at the same time")
+        options.pyrokey = os.environ["PYRO_HMAC_KEY"]
+    if "PYRO_HTTPGATEWAY_KEY" in os.environ:
+        if options.gatewaykey:
+            raise SystemExit("error: don't use -g and PYRO_HTTPGATEWAY_KEY at the same time")
+        options.gatewaykey = os.environ["PYRO_HTTPGATEWAY_KEY"]
+
     pyro_app.hmac_key = (options.pyrokey or "").encode("utf-8")
     pyro_app.gateway_key = (options.gatewaykey or "").encode("utf-8")
     pyro_app.ns_regex = options.expose