diff --git a/sabnzbd/assembler.py b/sabnzbd/assembler.py index 2e8b7f7..552faf9 100644 --- a/sabnzbd/assembler.py +++ b/sabnzbd/assembler.py @@ -355,9 +355,8 @@ def check_encrypted_and_unwanted_files(nzo: NzbObject, filepath: str) -> Tuple[b # Did any work? if password_hit: - # We always trust the user's input - if not nzo.password: - nzo.password = password_hit + # Record the successful password + nzo.correct_password = password_hit # Don't check other files logging.info('Password "%s" matches for job "%s"', password_hit, nzo.final_name) nzo.encrypted = -1 diff --git a/sabnzbd/database.py b/sabnzbd/database.py index 813c9d5..2273df3 100644 --- a/sabnzbd/database.py +++ b/sabnzbd/database.py @@ -504,7 +504,7 @@ def build_history_info(nzo, workdir_complete="", postproc_time=0, script_output= nzo.bytes_downloaded, series, nzo.md5sum, - nzo.password, + nzo.correct_password, ) diff --git a/sabnzbd/directunpacker.py b/sabnzbd/directunpacker.py index 7764f7d..7381b48 100644 --- a/sabnzbd/directunpacker.py +++ b/sabnzbd/directunpacker.py @@ -224,10 +224,14 @@ class DirectUnpacker(threading.Thread): self.unpack_time += time.time() - start_time ACTIVE_UNPACKERS.remove(self) + # Take note of the correct password + if self.nzo.password and not self.nzo.correct_password: + self.nzo.correct_password = self.nzo.password + # Add to success rarfile_path = os.path.join(self.nzo.download_path, self.rarfile_nzf.filename) self.success_sets[self.cur_setname] = ( - rar_volumelist(rarfile_path, self.nzo.password, rarfiles), + rar_volumelist(rarfile_path, self.nzo.correct_password, rarfiles), extracted, ) logging.info("DirectUnpack completed for %s", self.cur_setname) @@ -364,7 +368,9 @@ class DirectUnpacker(threading.Thread): extraction_path, _, _, one_folder, _ = self.unpack_dir_info # Set options - if self.nzo.password: + if self.nzo.correct_password: + password_command = "-p%s" % self.nzo.correct_password + elif self.nzo.password: password_command = "-p%s" % self.nzo.password else: password_command = "-p-" diff --git a/sabnzbd/misc.py b/sabnzbd/misc.py index 699b496..5d24b03 100644 --- a/sabnzbd/misc.py +++ b/sabnzbd/misc.py @@ -750,8 +750,12 @@ def create_https_certificates(ssl_cert, ssl_key): return True -def get_all_passwords(nzo): - """Get all passwords, from the NZB, meta and password file""" +def get_all_passwords(nzo) -> List[str]: + """Get all passwords, from the NZB, meta and password file. In case the correct password is + already known, only that password is returned.""" + if nzo.correct_password: + return [nzo.correct_password] + if nzo.password: logging.info("Found a password that was set by the user: %s", nzo.password) passwords = [nzo.password.strip()] diff --git a/sabnzbd/newsunpack.py b/sabnzbd/newsunpack.py index 437a26e..f111372 100644 --- a/sabnzbd/newsunpack.py +++ b/sabnzbd/newsunpack.py @@ -148,6 +148,7 @@ ENV_NZO_FIELDS = [ "bytes_downloaded", "bytes_tried", "cat", + "correct_password", "duplicate", "encrypted", "fail_msg", diff --git a/sabnzbd/nzbstuff.py b/sabnzbd/nzbstuff.py index 0569984..54f1710 100644 --- a/sabnzbd/nzbstuff.py +++ b/sabnzbd/nzbstuff.py @@ -864,6 +864,10 @@ class NzbObject(TryList): else: accept = 1 + # Create a bookkeeping record for the correct password after running the pre-queue script, + # to prevent it from showing up as a useless environment variable there. + self.correct_password = None + # Pause if requested by the NZB-adding or the pre-queue script if self.priority == PAUSED_PRIORITY: self.pause() diff --git a/tests/testhelper.py b/tests/testhelper.py index 5ba59f3..f4851d5 100644 --- a/tests/testhelper.py +++ b/tests/testhelper.py @@ -193,6 +193,7 @@ class FakeHistoryDB(db.HistoryDB): distro_choice = choice(self.distro_names) distro_random = random_name() nzo.password = choice(["secret", ""]) + nzo.correct_password = "secret" nzo.final_name = "%s.%s.Linux.ISO-Usenet" % (distro_choice, distro_random) nzo.filename = "%s.%s.Linux-Usenet%s.nzb" % ( (distro_choice, distro_random, "{{" + nzo.password + "}}")