Properly quote RHN passwords

some characters were causing probems e.g. | and '
https://bugzilla.redhat.com/show_bug.cgi?id=903502

Change-Id: I092725f4022f61941257118eb06a6fa898797094

packstack/installer/common_utils.py

@@ -171,6 +171,9 @@ def _maskString(string, maskList=[]):
     for maskItem in maskList:
         if not maskItem: continue
         maskedStr = maskedStr.replace(maskItem, "*"*8)
+        # if looking at stderr of a script, single quotes have been converted
+        # to '\''
+        maskedStr = maskedStr.replace(maskItem.replace("'","'\\''"), "*"*8)
 
     return maskedStr
 

packstack/plugins/serverprep_901.py

@@ -128,12 +128,13 @@ def serverprep():
 
         # Subscribe to Red Hat Repositories if configured
         RH_USERNAME = controller.CONF["CONFIG_RH_USERNAME"].strip()
+        RH_PASSWORD = controller.CONF["CONFIG_RH_PASSWORD"].strip()
         if RH_USERNAME:
-            server.append("subscription-manager register --username=%s --password=%s --autosubscribe || true" % (RH_USERNAME, controller.CONF["CONFIG_RH_PASSWORD"].strip()))
+            server.append("subscription-manager register --username=\"%s\" --password=\"%s\" --autosubscribe || true" % (RH_USERNAME, RH_PASSWORD.replace('"','\\"')))
             server.append("subscription-manager list --consumed | grep -i openstack || "
                           "subscription-manager subscribe --pool $(subscription-manager list --available | grep -e 'Red Hat OpenStack' -m 1 -A 2 | grep 'Pool Id' | awk '{print $3}')")
             server.append("yum clean all")
             server.append("yum-config-manager --enable rhel-server-ost-6-folsom-rpms")
 
         server.append("yum clean metadata")
-        server.execute(maskList=[controller.CONF["CONFIG_RH_PASSWORD"].strip()])
+        server.execute(maskList=[controller.CONF["CONFIG_RH_PASSWORD"]])

tests/test.py

@@ -17,14 +17,36 @@
 import shutil
 import tempfile
 
+import subprocess
 from unittest import TestCase
 
 
+class fakePopen(object):
+    def __init__(self, returncode=0):
+        self.returncode = returncode
+        self.stdout = self.stderr = self.data = ""
+
+    def __call__(self, *args, **kwargs):
+        self.args = args
+        self.kwargs = kwargs
+        return self
+
+    def communicate(self, data):
+        self.data += data
+        return self.stdout, self.stderr
+
+
 class TestCase(TestCase):
     def setUp(self):
         # Creating a temp directory that can be used by tests
         self.tempdir = tempfile.mkdtemp()
 
+        # some plugins call popen, we're replacing it for tests
+        self._Popen = subprocess.Popen
+        self.fakePopen = subprocess.Popen = fakePopen()
+
     def tearDown(self):
         # remove the temp directory
         shutil.rmtree(self.tempdir)
+
+        subprocess.Popen = self._Popen

tests/test_plugin_serverprep.py

@@ -0,0 +1,41 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+import os
+from test import TestCase
+
+from packstack.plugins import serverprep_901
+from packstack.installer.setup_controller import Controller
+
+serverprep_901.controller = Controller()
+
+
+class OSPluginUtilsTestCase(TestCase):
+    def test_rhn_creds_quoted(self):
+        """Make sure RHN password is quoted"""
+
+        password = "dasd|'asda%><?"
+        serverprep_901.controller.CONF["CONFIG_KEYSTONE_HOST"] = "1.2.3.4"
+        serverprep_901.controller.CONF["CONFIG_USE_EPEL"] = "n"
+        serverprep_901.controller.CONF["CONFIG_REPO"] = ""
+        serverprep_901.controller.CONF["CONFIG_RH_USERNAME"] = "testuser"
+        serverprep_901.controller.CONF["CONFIG_RH_PASSWORD"] = password
+
+        serverprep_901.serverprep()
+
+        self.assertNotEqual(
+            self.fakePopen.data.find('--password="%s"' % password), -1
+        )