Bug #2503: one.user.passwd should not accept whitespaces as a new password - OpenNebula - OpenNebula Development pages

Bug #2503

one.user.passwd should not accept whitespaces as a new password

Added by Daniel Molina over 7 years ago. Updated over 7 years ago.

Status:

Closed

Start date:

11/27/2013

Priority:

Normal

Due date:

Assignee:

Carlos Martín

% Done:

Category:

Core & System

Target version:

Release 4.6

Resolution:

fixed

Pull request:

https://github.com/OpenNebula/one/pull/16

Affected Versions:

OpenNebula 4.4

0001-Bug-2503-Improve-setting-of-password-auth_driver.patch - patch (4.33 KB) Jens Hoffmann, 12/11/2013 11:02 PM

Associated revisions

Revision 0a3ba8ac
Added by Jens Hoffmann over 7 years ago

Bug #2503: Improve setting of password/auth_driver

UserChangePassword followed this strategy:
a1. Eventually encrypt user password if the users
auth_driver is CORE_AUTH
a2. Set (probably encrypted) password with
User::set_password
a3. User::set_password tries to validate (probably
encrypted) password instead of the raw password

UserChangeAuth did something similar:
b1. If password is given (not empty) do a1 through a3
b2. Set auth_driver

The change proposes the following: * In set_password:
1. Validate the raw password
2. Do encryption if needed * In UserChangePassword: simply call set_password * In UserChangeAuth: set auth_driver before calling
set_password, such that set_password does the right thing
if the auth_driver changes

Note: I needed to move the implementation of set_password
from User.h to User.cc since it seems impossible to access
UserPool::CORE_AUTH from within User.h.

Revision 2e8dc65f
Added by Carlos Martín over 7 years ago

Bug #2503: Add rollback in case of error