save QGIS_AUTH_PASSWORD_FILE before FCGI_Accept() destroys it

2025-10-16 00:05:45 -04:00 · 2024-11-27 00:03:20 +01:00 · 2024-11-27 00:03:20 +01:00 · 6302af30a3
commit 6302af30a3
parent ff6e7551f2
1 changed files with 20 additions and 10 deletions
--- a/src/core/auth/qgsauthmanager.cpp
+++ b/src/core/auth/qgsauthmanager.cpp
@ -200,6 +200,8 @@ bool QgsAuthManager::ensureInitialized() const
  return mLazyInitResult;
 }

+static char *sPassFileEnv = nullptr;
+
 bool QgsAuthManager::initPrivate( const QString &pluginPath )
 {
  if ( mAuthInit )
@ -314,17 +316,11 @@ bool QgsAuthManager::initPrivate( const QString &pluginPath )
  initSslCaches();
 #endif
  // set the master password from first line of file defined by QGIS_AUTH_PASSWORD_FILE env variable
-  const char *passenv = "QGIS_AUTH_PASSWORD_FILE";
-  if ( getenv( passenv ) && masterPasswordHashInDatabase() )
+  if ( sPassFileEnv && masterPasswordHashInDatabase() )
  {
-    QString passpath( getenv( passenv ) );
-    // clear the env variable, so it can not be accessed from plugins, etc.
-    // (note: stored QgsApplication::systemEnvVars() skips this env variable as well)
-#ifdef Q_OS_WIN
-    putenv( passenv );
-#else
-    unsetenv( passenv );
-#endif
+    QString passpath( sPassFileEnv );
+    free( sPassFileEnv );
+    sPassFileEnv = nullptr;

    QString masterpass;
    QFile passfile( passpath );
@ -368,6 +364,20 @@ void QgsAuthManager::setup( const QString &pluginPath, const QString &authDataba
 {
  mPluginPath = pluginPath;
  mAuthDatabaseConnectionUri = authDatabasePath;
+
+  const char *p = getenv( "QGIS_AUTH_PASSWORD_FILE" );
+  if ( p )
+  {
+    sPassFileEnv = qstrdup( p );
+
+    // clear the env variable, so it can not be accessed from plugins, etc.
+    // (note: stored QgsApplication::systemEnvVars() skips this env variable as well)
+#ifdef Q_OS_WIN
+    putenv( "QGIS_AUTH_PASSWORD_FILE" );
+#else
+    unsetenv( "QGIS_AUTH_PASSWORD_FILE" );
+#endif
+  }
 }

 bool QgsAuthManager::isDisabled() const