Bug #999
Some allowed characters for usernames and passwords break the core-auth mad protocol
Status: | Closed | Start date: | 11/22/2011 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Carlos Martín | % Done: | 0% | |
Category: | Drivers - Auth | |||
Target version: | Release 3.2 - Beta1 | |||
Resolution: | fixed | Pull request: | ||
Affected Versions: | OpenNebula 3.2 |
Description
For instance, for user with name "ab|c" OpenNebula will call the authentication driver with this command:
/var/lib/one/remotes/auth/x509/authenticate ab|c /C=ES/ST=MAD/O=ONE/OU=DEV/CN=Test:with:quotes: ckp1e[...]tLQo= ERROR MESSAGE --8<------ undefined method `unpack' for nil:NilClass ERROR MESSAGE ------>8-- c: command not found
If the name is quoted, it works:
$ /var/lib/one/remotes/auth/x509/authenticate "ab|c" /C=ES/ST=MAD/O=ONE/OU=DEV/CN=Test:with:quotes: ckp1e[...]tLQo= $ echo $? 0
The pipe character is used in the password filed of users with x509 authentication to separate several DNs.
Associated revisions
Bug #999: Enclose auth driver scripts paramenters in single quotes. Quotes inside the parameters are escaped
Bug #999: Enclose auth driver scripts paramenters in single quotes. Quotes inside the parameters are escaped
(cherry picked from commit 2e508eb3396898a3b679e5f652c4cf4894cd085c)
Conflicts:
src/authm_mad/one_auth_mad.rb
History
#1 Updated by Ruben S. Montero over 9 years ago
- Target version changed from Release 3.4 to Release 3.2 - Beta1
#2 Updated by Ruben S. Montero over 9 years ago
- Status changed from New to Closed
- Assignee set to Carlos Martín
- Resolution set to fixed