Passwords cannot contain certain special characters
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenSRF |
Won't Fix
|
Medium
|
Unassigned |
Bug Description
I set up OpenSRF, as per the wiki, and used the opensrf ejabber user on private.localhost and public.localhost witht he following passwords (respectively): 0P3N$RF, 0p3n$rf
When starting Opensrf (osrf_ctl.sh -l -a start_all), it failed on the perl module with an error saying that it could not connect to the ejabber service. I received a concatenation error in Client.pm on line 152.
The password special character (i.e. $) was not escaped.
Changing this to pure alphanumeric corrected the problem.
Maybe a password validation rule to escapes special charcaters? I have not tested to see if escaping a special character in the opensrf_core.xml file works. I will do this when I get my system operational...
This appears to be a problem with ejabberdctl passing input on to erl; it is not escaping input correctly, so your passwords were likely created as "0P3N" and "0p3n".
I opened https:/ /support. process- one.net/ browse/ EJAB-1399 against ejabberd accordingly.
If you want to register a password using ejabberdctl with special shell characters until such time as that bug is resolved, the workaround is to specify a double-escaped character at the command line, e.g.
0P3N\\\\$RF