Passwords cannot contain certain special characters
Bug #714694 reported by
Dale Neimeier
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| OpenSRF |
Won't Fix
|
Medium
|
Unassigned | ||
Bug Description
I set up OpenSRF, as per the wiki, and used the opensrf ejabber user on private.localhost and public.localhost witht he following passwords (respectively): 0P3N$RF, 0p3n$rf
When starting Opensrf (osrf_ctl.sh -l -a start_all), it failed on the perl module with an error saying that it could not connect to the ejabber service. I received a concatenation error in Client.pm on line 152.
The password special character (i.e. $) was not escaped.
Changing this to pure alphanumeric corrected the problem.
Maybe a password validation rule to escapes special charcaters? I have not tested to see if escaping a special character in the opensrf_core.xml file works. I will do this when I get my system operational...
Revision history for this message
| Dan Scott (denials) wrote | #1 |
| Changed in opensrf: | |
| importance: | Undecided → Medium |
| status: | New → Confirmed |
Revision history for this message
| Dan Scott (denials) wrote | #2 |
| Changed in opensrf: | |
| status: | Confirmed → Won't Fix |
To post a comment you must log in.
This appears to be a problem with ejabberdctl passing input on to erl; it is not escaping input correctly, so your passwords were likely created as "0P3N" and "0p3n".
I opened https:/
If you want to register a password using ejabberdctl with special shell characters until such time as that bug is resolved, the workaround is to specify a double-escaped character at the command line, e.g.
0P3N\\\\$RF