caddyauth: Fix hash-password broken terminal state on SIGINT

[francislavoie]

If you run caddy hash-password then hit ^C to interrupt, the terminal would get stuck in a broken state. Not good.

This fixes that by storing the state before starting to read passwords (which modifies the terminal state) and restores it if SIGINT is caught.

This also has the side-effect of avoiding the default cleanup handling from Caddy which prints out some log lines that aren't helpful in this situation, e.g.:

2020/05/15 14:52:47.348	INFO	shutting down	{"signal": "SIGINT"}
2020/05/15 14:52:47.349	ERROR	stopping admin endpoint	{"signal": "SIGINT", "error": "no admin server"}
2020/05/15 14:52:47.349	INFO	shutdown done	{"signal": "SIGINT"}

And also, I changed the prompts to be printed to STDERR instead of STDOUT, so now you can do caddy hash-password > hashed.txt and it works as expected.

/cc @0az FYI

[mholt]

Thanks for jumping on this!

The change to stderr is not necessary -- redirections should be with stdout by default, unless your terminal is messed up. Interactive prompts definitely need to be on stdout.

[francislavoie]

Big note: this PR now also moves the caddy.TrapSignals() call to inside the subcommands that it's relevant for instead of at the start of Main(). This could be a breaking change for plugins that add long-running commands.

/cc @lucaslorentz this is relevant to you. You'll need to add caddy.TrapSignals() at the top of your cmdFunc function for the docker-proxy subcommand once this PR is merged.

[mholt]

Thanks for reworking the TrapSignals calls.

The stderr thing is a bit weird but I'll let it slide since this is kind of a dusty corner of the code base that I don't expect will be used much anyway... and I guess it makes sense... sigh I hate shells.

[0az]

That's a python lib, it specifically recommends using stderr if the stdout output is useful, which is the case here. The stderr thing is a bit weird but I'll let it slide since this is kind of a dusty corner of the code base that I don't expect will be used much anyway... and I guess it makes sense... sigh I hate shells.

The getpass module is actually part of the Python stdlib: https://docs.python.org/3/library/getpass.html. The module docs say it defaults to /dev/tty, and falls back to stderr, so that's something that could get added in a following PR. This might be better than using stderr 100% of the time.

[francislavoie]

@0az if you want to make a PR for that, that'd be great. I feel out of my depth here, I just wanted to fix the terminal state getting clobbered.