create a record for the successful password (#1919)

* create a record for the successful password

* make get_all_passwords not return all, expand nzo.correct_password to directunpacker

sabnzbd/assembler.py

@@ -355,9 +355,8 @@ def check_encrypted_and_unwanted_files(nzo: NzbObject, filepath: str) -> Tuple[b
 
                         # Did any work?
                         if password_hit:
-                            # We always trust the user's input
-                            if not nzo.password:
-                                nzo.password = password_hit
+                            # Record the successful password
+                            nzo.correct_password = password_hit
                             # Don't check other files
                             logging.info('Password "%s" matches for job "%s"', password_hit, nzo.final_name)
                             nzo.encrypted = -1

sabnzbd/database.py

@@ -504,7 +504,7 @@ def build_history_info(nzo, workdir_complete="", postproc_time=0, script_output=
         nzo.bytes_downloaded,
         series,
         nzo.md5sum,
-        nzo.password,
+        nzo.correct_password,
     )
 
 

sabnzbd/directunpacker.py

@@ -224,10 +224,14 @@ class DirectUnpacker(threading.Thread):
                     self.unpack_time += time.time() - start_time
                     ACTIVE_UNPACKERS.remove(self)
 
+                    # Take note of the correct password
+                    if self.nzo.password and not self.nzo.correct_password:
+                        self.nzo.correct_password = self.nzo.password
+
                     # Add to success
                     rarfile_path = os.path.join(self.nzo.download_path, self.rarfile_nzf.filename)
                     self.success_sets[self.cur_setname] = (
-                        rar_volumelist(rarfile_path, self.nzo.password, rarfiles),
+                        rar_volumelist(rarfile_path, self.nzo.correct_password, rarfiles),
                         extracted,
                     )
                     logging.info("DirectUnpack completed for %s", self.cur_setname)
@@ -364,7 +368,9 @@ class DirectUnpacker(threading.Thread):
         extraction_path, _, _, one_folder, _ = self.unpack_dir_info
 
         # Set options
-        if self.nzo.password:
+        if self.nzo.correct_password:
+            password_command = "-p%s" % self.nzo.correct_password
+        elif self.nzo.password:
             password_command = "-p%s" % self.nzo.password
         else:
             password_command = "-p-"

sabnzbd/misc.py

@@ -750,8 +750,12 @@ def create_https_certificates(ssl_cert, ssl_key):
     return True
 
 
-def get_all_passwords(nzo):
-    """Get all passwords, from the NZB, meta and password file"""
+def get_all_passwords(nzo) -> List[str]:
+    """Get all passwords, from the NZB, meta and password file. In case the correct password is
+    already known, only that password is returned."""
+    if nzo.correct_password:
+        return [nzo.correct_password]
+
     if nzo.password:
         logging.info("Found a password that was set by the user: %s", nzo.password)
         passwords = [nzo.password.strip()]

sabnzbd/newsunpack.py

@@ -148,6 +148,7 @@ ENV_NZO_FIELDS = [
     "bytes_downloaded",
     "bytes_tried",
     "cat",
+    "correct_password",
     "duplicate",
     "encrypted",
     "fail_msg",

sabnzbd/nzbstuff.py

@@ -864,6 +864,10 @@ class NzbObject(TryList):
         else:
             accept = 1
 
+        # Create a bookkeeping record for the correct password after running the pre-queue script,
+        # to prevent it from showing up as a useless environment variable there.
+        self.correct_password = None
+
         # Pause if requested by the NZB-adding or the pre-queue script
         if self.priority == PAUSED_PRIORITY:
             self.pause()

tests/testhelper.py

@@ -193,6 +193,7 @@ class FakeHistoryDB(db.HistoryDB):
             distro_choice = choice(self.distro_names)
             distro_random = random_name()
             nzo.password = choice(["secret", ""])
+            nzo.correct_password = "secret"
             nzo.final_name = "%s.%s.Linux.ISO-Usenet" % (distro_choice, distro_random)
             nzo.filename = "%s.%s.Linux-Usenet%s.nzb" % (
                 (distro_choice, distro_random, "{{" + nzo.password + "}}")