Bug #3249

Backup data fails if CIFS password contains pipe character

Added by Giacomo Sanchietti almost 6 years ago. Updated almost 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-backup-data
Target version:v6.6
Security class: Resolution:
Affected version:v6.6-final NEEDINFO:No

Description

If the user wants to configure a data backup using a CIFS share, he/she can't use a pipe character inside the password field.
The backup will fail and the key backup-data inside the configuration backup will be broken, if the password contains a pipe.

Steps to reproduce
  • Install nethserver-backup-data
  • Configure the backup using a CIFS/SMB share
  • Set a password containing a pipe chapter
    Or use this command:
    config setprop backup-data SMBPassword 'mybad|pass'
    

Expected behavior
The backup should not fail.

Associated revisions

Revision 5f04a3a3
Added by Giacomo Sanchietti almost 6 years ago

Web UI: disallow pipe char in SMB password field. Refs #3249

History

#1 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from NEW to TRIAGED
  • Target version set to v6.6
  • % Done changed from 0 to 20
  • Affected version set to v6.6-final

Since there is no escape technique for the e-smith db (see https://github.com/NethServer/nethserver-lib/blob/master/lib/perl/esmith/DB/db/Record.pm), we should add a new validator inside the web interface.
The validator must NOT allow the use of the pipe character.

#2 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Giacomo Sanchietti
  • % Done changed from 20 to 30

#3 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

#4 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-backup-data-1.1.5-1.1.g5f04a3a.ns6.noarch.rpm
Test case
  • Try to configure a backup using a CIFS mount as destination
  • Set a password containing a pipe character
  • The web interface must raise a validation error

#5 Updated by dz0 0te almost 6 years ago

  • Assignee set to dz0 0te

#6 Updated by dz0 0te almost 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (dz0 0te)
  • % Done changed from 70 to 90

System and Package Version installed
VM KVM - Clean install of Nethserver 6.6 fully updated
Package Installed: nethserver-backup-data-1.1.5-1.ns6.noarch
Other Package installed: Backup,File server,Web server

Test Original Problem

Set a password containing a pipe chapter via webUI save as password only the chars before the pipe
Set a password containing a pipe chapter (via config setprop)
in both cases a
#config setprop backup-data SMBPassword
doesn't show the correct password with pipe, and force a backup via "backup-data":
Odd number of elements in hash assignment at /usr/share/perl5/vendor_perl/esmith/db.pm line 273.
Odd number of elements in hash assignment at /usr/share/perl5/vendor_perl/esmith/db.pm line 273.
the results is backup-data failed

Install Updated Package

yum --enablerepo=nethserver-testing update nethserver-backup-data-1.1.5-1.1.g5f04a3a.ns6

Test Results after install
Test case:
set a password without pipe
update
try to set a password with pipe in webUI

Password
The field can't contain a pipe "|" character

Verified or Reopen
Verified

Note
also if i had some problem replicating the original problem, installing new package gave me the correct results. So i've set it as Verified

#7 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-updates:
  • nethserver-backup-data-1.1.6-1.ns6.noarch.rpm

Also available in: Atom PDF