calcurse-caldav: Support PasswordCommand option

This commit adds a new `Auth/PasswordCommand` option
to support security best practices re: handling secrets
in CLI program configuration.

Prior to this commit, the two available options
for specifying a password were:

  1. via the `Auth/Password` config parameter, or
  2. via a `$CALCURSE_CALDAV_PASSWORD` environment variable.

The former is unsafe for obvious reasons;
the latter is unsafe because as long as the script is running,
its environment can be accessed via

    $ cat /proc/<pid>/environ

and is thus visible to anyone with access to the system.

This commit preserves preexisting behavior (for backward compatibility)
but removes all mention of option 2 from the README.
Since the README example for option 2 used a password command anyway,
there is little reason to continue its use,
and this commit recommends it be deprecated.

Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>

1 files changed, 5 insertions, 3 deletions

diff --git a/contrib/caldav/config.sample b/contrib/caldav/config.sample
index e2c6c2d..0ba8fa8 100644
--- a/contrib/caldav/config.sample
+++ b/contrib/caldav/config.sample
@@ -48,11 +48,13 @@ DryRun = Yes
 # Enable this if you want detailed logs written to stdout.
 Verbose = Yes
 
-# Credentials for HTTP Basic Authentication. Leave this commented out if you do
-# not want to use authentication.
+# Credentials for HTTP Basic Authentication (if required).
+# Set `Password` to your password in plaintext (unsafe),
+# or `PasswordCommand` to a shell command that retrieves it (recommended).
 #[Auth]
 #Username = user
-#Password = pass
+#Password = password
+#PasswordCommand = pass baikal
 
 # Optionally specify additional HTTP headers here.
 #[CustomHeaders]