Include --netrc-file option when calling curl

sarroutbi · sarroutbi · commit 43f5c8147f02 · 2023-05-09T12:15:26.000+02:00
Resolves: #401 Signed-off-by: Sergio Arroutbi <sarroutb@redhat.com>
diff --git a/src/pins/tang/clevis-decrypt-tang b/src/pins/tang/clevis-decrypt-tang
@@ -101,7 +101,18 @@ xfr="$(jose jwk exc -i '{"alg":"ECMR"}' -l- -r- <<< "$clt$eph")"
 
 rec_url="$url/rec/$kid"
 ct="Content-Type: application/jwk+json"
-if ! rep="$(curl -sfg -X POST -H "$ct" --data-binary @- "$rec_url" <<< "$xfr")"; then
+
+# Check if netrc-file option exists
+curl_net_rc_option="--netrc-file"
+curl_net_rc_file="/etc/clevis/clevis_netrc.conf"
+netrc="$(curl --help all | grep netrc-file)" || true
+if [ -z "${netrc}" ];
+then
+  curl_net_rc_option=""
+  curl_net_rc_file=""
+fi
+
+if ! rep="$(curl "${curl_net_rc_option}" "${curl_net_rc_file}" -sfg -X POST -H "$ct" --data-binary @- "$rec_url" <<< "$xfr")"; then
     echo "Error communicating with server $url" >&2
     exit 1
 fi
diff --git a/src/pins/tang/clevis-encrypt-tang b/src/pins/tang/clevis-encrypt-tang
@@ -75,6 +75,16 @@ if ! url="$(jose fmt -j- -Og url -u- <<< "$cfg")"; then
     exit 1
 fi
 
+# Check if netrc-file option exists
+curl_net_rc_option="--netrc-file"
+curl_net_rc_file="/etc/clevis/clevis_netrc.conf"
+netrc="$(curl --help all | grep netrc-file)" || true
+if [ -z "${netrc}" ];
+then
+  curl_net_rc_option=""
+  curl_net_rc_file=""
+fi
+
 thp="$(jose fmt -j- -Og thp -Su- <<< "$cfg")" || true
 
 ### Get the advertisement
@@ -92,7 +102,7 @@ elif jws="$(jose fmt -j- -g adv -Su- <<< "$cfg")"; then
     fi
 
     thp="${thp:-any}"
-elif ! jws="$(curl -sfg "$url/adv/$thp")"; then
+elif ! jws="$(curl "${curl_net_rc_option}" "${curl_net_rc_file}" -sfg "$url/adv/$thp")"; then
     echo "Unable to fetch advertisement: '$url/adv/$thp'!" >&2
     exit 1
 fi
