x/packstack
Code Issues Proposed changes

Properly quote RHN passwords

Browse Source 
some characters were causing probems e.g. | and '
https://bugzilla.redhat.com/show_bug.cgi?id=903502

Change-Id: I092725f4022f61941257118eb06a6fa898797094
This commit is contained in:
Derek Higgins
2013-01-28 12:37:43 -05:00
parent 70e197a22e
commit 6ee75cf809
4 changed files with 69 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
packstack/installer/common_utils.py
View File

@@ -171,6 +171,9 @@ def _maskString(string, maskList=[]):
for maskItem in maskList: for maskItem in maskList:
if not maskItem: continue if not maskItem: continue
maskedStr = maskedStr.replace(maskItem, "*"*8) maskedStr = maskedStr.replace(maskItem, "*"*8)
# if looking at stderr of a script, single quotes have been converted
# to '\''
maskedStr = maskedStr.replace(maskItem.replace("'","'\\''"), "*"*8)
return maskedStr return maskedStr

5
packstack/plugins/serverprep_901.py
View File

@@ -128,12 +128,13 @@ def serverprep():
# Subscribe to Red Hat Repositories if configured # Subscribe to Red Hat Repositories if configured
RH_USERNAME = controller.CONF["CONFIG_RH_USERNAME"].strip() RH_USERNAME = controller.CONF["CONFIG_RH_USERNAME"].strip()
RH_PASSWORD = controller.CONF["CONFIG_RH_PASSWORD"].strip()
if RH_USERNAME: if RH_USERNAME:
server.append("subscription-manager register --username=%s --password=%s --autosubscribe || true" % (RH_USERNAME, controller.CONF["CONFIG_RH_PASSWORD"].strip())) server.append("subscription-manager register --username=\"%s\" --password=\"%s\" --autosubscribe || true" % (RH_USERNAME, RH_PASSWORD.replace('"','\\"')))
server.append("subscription-manager list --consumed | grep -i openstack || " server.append("subscription-manager list --consumed | grep -i openstack || "
"subscription-manager subscribe --pool $(subscription-manager list --available | grep -e 'Red Hat OpenStack' -m 1 -A 2 | grep 'Pool Id' | awk '{print $3}')") "subscription-manager subscribe --pool $(subscription-manager list --available | grep -e 'Red Hat OpenStack' -m 1 -A 2 | grep 'Pool Id' | awk '{print $3}')")
server.append("yum clean all") server.append("yum clean all")
server.append("yum-config-manager --enable rhel-server-ost-6-folsom-rpms") server.append("yum-config-manager --enable rhel-server-ost-6-folsom-rpms")
server.append("yum clean metadata") server.append("yum clean metadata")
server.execute(maskList=[controller.CONF["CONFIG_RH_PASSWORD"].strip()]) server.execute(maskList=[controller.CONF["CONFIG_RH_PASSWORD"]])

22
tests/test.py
View File

@@ -17,14 +17,36 @@
import shutil import shutil
import tempfile import tempfile
import subprocess
from unittest import TestCase from unittest import TestCase
class fakePopen(object):
def __init__(self, returncode=0):
self.returncode = returncode
self.stdout = self.stderr = self.data = ""
def __call__(self, *args, **kwargs):
self.args = args
self.kwargs = kwargs
return self
def communicate(self, data):
self.data += data
return self.stdout, self.stderr
class TestCase(TestCase): class TestCase(TestCase):
def setUp(self): def setUp(self):
# Creating a temp directory that can be used by tests # Creating a temp directory that can be used by tests
self.tempdir = tempfile.mkdtemp() self.tempdir = tempfile.mkdtemp()
# some plugins call popen, we're replacing it for tests
self._Popen = subprocess.Popen
self.fakePopen = subprocess.Popen = fakePopen()
def tearDown(self): def tearDown(self):
# remove the temp directory # remove the temp directory
shutil.rmtree(self.tempdir) shutil.rmtree(self.tempdir)
subprocess.Popen = self._Popen

41
tests/test_plugin_serverprep.py Normal file
View File

@@ -0,0 +1,41 @@
# vim: tabstop=4 shiftwidth=4 softtabstop=4
# Copyright 2013, Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
from test import TestCase
from packstack.plugins import serverprep_901
from packstack.installer.setup_controller import Controller
serverprep_901.controller = Controller()
class OSPluginUtilsTestCase(TestCase):
def test_rhn_creds_quoted(self):
"""Make sure RHN password is quoted"""
password = "dasd|'asda%><?"
serverprep_901.controller.CONF["CONFIG_KEYSTONE_HOST"] = "1.2.3.4"
serverprep_901.controller.CONF["CONFIG_USE_EPEL"] = "n"
serverprep_901.controller.CONF["CONFIG_REPO"] = ""
serverprep_901.controller.CONF["CONFIG_RH_USERNAME"] = "testuser"
serverprep_901.controller.CONF["CONFIG_RH_PASSWORD"] = password
serverprep_901.serverprep()
self.assertNotEqual(
self.fakePopen.data.find('--password="%s"' % password), -1
)