From 5f0ed9ddce267501d64b22adc5db1cc413d243aa Mon Sep 17 00:00:00 2001
From: keorn <pczaban@gmail.com>
Date: Fri, 7 Oct 2016 08:39:16 +0100
Subject: [PATCH] Trim password from file (#2503)

* trim password

* indicate trimming in doc
---
 parity/cli/usage.txt |  3 ++-
 parity/helpers.rs    | 20 ++++++++++++++++----
 2 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/parity/cli/usage.txt b/parity/cli/usage.txt
index 861b7dafc..6ad0cec21 100644
--- a/parity/cli/usage.txt
+++ b/parity/cli/usage.txt
@@ -44,7 +44,8 @@ Account Options:
                            ACCOUNTS is a comma-delimited list of addresses.
                            Implies --no-signer. (default: {flag_unlock:?})
   --password FILE          Provide a file containing a password for unlocking
-                           an account. (default: {flag_password:?})
+                           an account. Leading and trailing whitespace is trimmed.
+                           (default: {flag_password:?})
   --keys-iterations NUM    Specify the number of iterations to use when
                            deriving key from the password (bigger is more
                            secure) (default: {flag_keys_iterations}).
diff --git a/parity/helpers.rs b/parity/helpers.rs
index abdd5daa5..cdee9ede0 100644
--- a/parity/helpers.rs
+++ b/parity/helpers.rs
@@ -273,9 +273,10 @@ pub fn password_prompt() -> Result<String, String> {
 pub fn password_from_file<P>(path: P) -> Result<String, String> where P: AsRef<Path> {
 	let mut file = try!(File::open(path).map_err(|_| "Unable to open password file."));
 	let mut file_content = String::new();
-	try!(file.read_to_string(&mut file_content).map_err(|_| "Unable to read password file."));
-	// remove eof
-	Ok((&file_content[..file_content.len() - 1]).to_owned())
+	match file.read_to_string(&mut file_content) {
+		Ok(_) => Ok(file_content.trim().into()),
+		Err(_) => Err("Unable to read password file.".into()),
+	}
 }
 
 /// Reads passwords from files. Treats each line as a separate password.
@@ -294,10 +295,13 @@ pub fn passwords_from_files(files: Vec<String>) -> Result<Vec<String>, String> {
 #[cfg(test)]
 mod tests {
 	use std::time::Duration;
+	use std::fs::File;
+	use std::io::Write;
+	use devtools::RandomTempPath;
 	use util::{U256};
 	use ethcore::client::{Mode, BlockID};
 	use ethcore::miner::PendingSet;
-	use super::{to_duration, to_mode, to_block_id, to_u256, to_pending_set, to_address, to_addresses, to_price, geth_ipc_path, to_bootnodes};
+	use super::{to_duration, to_mode, to_block_id, to_u256, to_pending_set, to_address, to_addresses, to_price, geth_ipc_path, to_bootnodes, password_from_file};
 
 	#[test]
 	fn test_to_duration() {
@@ -380,6 +384,14 @@ mod tests {
 		);
 	}
 
+	#[test]
+	fn test_password() {
+		let path = RandomTempPath::new();
+		let mut file = File::create(path.as_path()).unwrap();
+		file.write_all(b"a bc ").unwrap();
+		assert_eq!(password_from_file(path).unwrap().as_bytes(), b"a bc");
+	}
+
 	#[test]
 	#[cfg_attr(feature = "dev", allow(float_cmp))]
 	fn test_to_price() {