cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Brian Epstein <bepstein AT ias.edu>
- To: cat-users AT geant.net
- Subject: Re: [cat-users] Linux installer woes with single quotes in password
- Date: Tue, 25 Nov 2014 17:57:37 -0500
- List-archive: <http://mail.geant.net/pipermail/cat-users/>
- List-id: "The mailing list for users of the eduroam Configuration Assistant Tool \(CAT\)" <cat-users.geant.net>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Thanks Tomasz, I tested every other special character on the
US/English keyboard I had, and only the single quote failed.
Here are the characters I tried.
`1234567890-=[]\;',./~!@#$%^&*()_+{}|:"<>?
Thanks,
ep
On 11/25/2014 04:18 PM, Tomasz Wolniewicz wrote:
> Thank you, some special characters can indeed be a problem, thank
> you for spotting this. The only other installer where we ask for
> the user's password is Windows but there we base64 encode it to
> avoid such problems. In Linux single quotes can of course be a
> problem, but possibly backslashes can too, to we need to do some
> more testing.
>
> Yours Tomasz
>
>
>
> W dniu 25.11.2014, 22:06, Brian Epstein pisze: All,
>
> We were having an issue with one particular user and the CAT
> installer for Linux. We suspect that they may have a single quote
> in their password.
>
> Our testing showed that passwords with single quotes would break
> the installer. I wrote a quick patch that modifies the PASSWORD
> variable just before it is used for the inline python script in
> the run_python_script function.
>
> It basically replaces any single quotes with an escaped single
> quote which Python accepts.
>
> PASSWORD=$( echo "$PASSWORD" | sed "s/'/\\\'/g" )
>
> I've tested this and it seems to work fine.
>
> I'm attaching the patch in case it helps you. Obviously,
> everyone's installer will apply the patch on a different line due
> to certificate size and customization, but you get the general idea
> of where it goes.
>
> Any idea if this affects other OS/installers?
>
> Thanks, ep
>
> -- Brian Epstein
> <bepstein AT ias.edu>
> +1
> 609-734-8179 Manager, Network and Security Institute for
> Advanced Study Key fingerprint = 128A 38F4 4CFA 5EDB 99CE 4734
> 6117 4C25 0371 C12A
>
- --
Brian Epstein
<bepstein AT ias.edu>
+1 609-734-8179
Manager, Network and Security Institute for Advanced Study
Key fingerprint = 128A 38F4 4CFA 5EDB 99CE 4734 6117 4C25 0371 C12A
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlR1CWEACgkQYRdMJQNxwSqMJQCeJoLM+wGlpyZrmrNkeImqp4QF
qooAoMlqN+44BKgV9k7tEDQlPHD8eKEz
=6u5M
-----END PGP SIGNATURE-----
- [cat-users] Linux installer woes with single quotes in password, Brian Epstein, 11/25/2014
- Re: [cat-users] Linux installer woes with single quotes in password, Tomasz Wolniewicz, 11/25/2014
- Re: [cat-users] Linux installer woes with single quotes in password, Brian Epstein, 11/25/2014
- Re: [cat-users] Linux installer woes with single quotes in password, Alan Buxey, 11/25/2014
- Re: [cat-users] Linux installer woes with single quotes in password, Tomasz Wolniewicz, 11/25/2014
Archive powered by MHonArc 2.6.19.