[Engine-patches] Change in ovirt-dwh[ovirt-3.3]: packaging: setup: Fail if db credentials contain quotes

Thu, 13 Feb 2014 08:36:50 -0800 

Yedidyah Bar David has uploaded a new change for review.

Change subject: packaging: setup: Fail if db credentials contain quotes
......................................................................

packaging: setup: Fail if db credentials contain quotes

Also prevent '\', '#', '$', and also prevent them in the dwh db user
password.

Bug-Url: https://bugzilla.redhat.com/1052202
Change-Id: Id385fd2dc8c84c165289835a2724988ea320aa19
Signed-off-by: Yedidyah Bar David <d...@redhat.com>
---
M packaging/ovirt-engine-dwh-setup.py
1 file changed, 21 insertions(+), 1 deletion(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-dwh refs/changes/64/24464/1

diff --git a/packaging/ovirt-engine-dwh-setup.py 
b/packaging/ovirt-engine-dwh-setup.py
index 690b3df..c792b4b 100755
--- a/packaging/ovirt-engine-dwh-setup.py
+++ b/packaging/ovirt-engine-dwh-setup.py
@@ -68,6 +68,8 @@
 OVIRT_UID = pwd.getpwnam('ovirt')[2]
 OVIRT_GID = grp.getgrnam('ovirt')[2]
 
+INVALID_PASSWORD_CHARS = '"\\$#'
+
 # DB messages
 DB_FILE = (
     "The DB was backed up as '{dbfile}'"
@@ -203,6 +205,11 @@
         print "Cannot accept an empty password"
         return getPassFromUser(prompt)
 
+    for c in INVALID_PASSWORD_CHARS:
+        if c in userInput:
+            print "Password must not contain [%s]" % c
+            return getPassFromUser(prompt)
+
     if validate:
         try:
             cracklib.FascistCheck(userInput)
@@ -272,7 +279,20 @@
             ):
                 s = handler.getParam(v)
                 if s is not None:
-                    db_dict[k] = s.strip('"')
+                    if s[0]=='"' and s[-1]=='"':
+                        s = s[1:-1]
+                    for c in INVALID_PASSWORD_CHARS:
+                        if c in s:
+                            logging.debug(
+                                'invalid chars: {file}:{param}'.format(
+                                    file=file,
+                                    param=v,
+                                )
+                            )
+                            msg = 'invalid character found in db credentials'
+                            print msg
+                            raise RuntimeError(msg)
+                    db_dict[k] = s
             handler.close()
 
     return db_dict


-- 
To view, visit http://gerrit.ovirt.org/24464
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Id385fd2dc8c84c165289835a2724988ea320aa19
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-dwh
Gerrit-Branch: ovirt-3.3
Gerrit-Owner: Yedidyah Bar David <d...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to