Fixing #1920 - user passwords no longer allow ':'

I wanted to include a snide remark in the error, but... Now you just get an exception when creating the user if the password includes this character. Signed-off-by: Luke Kanies <luke@madstop.com>
author: Luke Kanies <luke@madstop.com> 2009-02-10 14:25:22 -0600
committer: James Turnbull <james@lovedthanlost.net> 2009-02-11 08:35:11 +1100
commit: db05c00af042cce1f09640071706efbc82742a01 (patch)
tree: 06f517aa5348537c368ebb770a5c45801167292b
parent: aa219e76b15a543c0091b83efbb13a711d657287 (diff)
download: puppet-db05c00af042cce1f09640071706efbc82742a01.tar.gz
puppet-db05c00af042cce1f09640071706efbc82742a01.tar.xz
puppet-db05c00af042cce1f09640071706efbc82742a01.zip
3 files changed, 17 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 55915c243..438d97ef5 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,8 +1,16 @@
-0.25.x
+0.24.8
+    Added README.rst file
+
+    Enhancements to Stored Configuration performance
+
+    Added Reductive Labs build library to tasks directory
+
     Fixed #1852 - Correct behaviour when no SELinux bindings
  
     Updated Red Hat spec file 0.24.7
 
+    Fixed #1920 - Shadow password corruption 
+
 0.24.7
     Fixed #1804 - Added VDev and MultiVDev properties to the ZPool type
 
diff --git a/lib/puppet/type/user.rb b/lib/puppet/type/user.rb
index 9e32c89ae..e6b16a9ac 100755
--- a/lib/puppet/type/user.rb
+++ b/lib/puppet/type/user.rb
@@ -142,6 +142,10 @@ module Puppet
         newproperty(:password, :required_features => :manages_passwords) do
             desc "The user's password, in whatever encrypted format the local machine requires. Be sure to enclose any value that includes a dollar sign ($) in single quotes (\')."
 
+            validate do |value|
+                raise ArgumentError, "Passwords cannot include ':'" if value.include?(":")
+            end
+
             def change_to_s(currentvalue, newvalue)
                 if currentvalue == :absent
                   return "created password"
diff --git a/spec/unit/type/user.rb b/spec/unit/type/user.rb
index de04371ed..0b1f5f9f7 100755
--- a/spec/unit/type/user.rb
+++ b/spec/unit/type/user.rb
@@ -40,6 +40,10 @@ describe user do
         it "should have a valid provider" do
             user.create(:name => "foo").provider.class.ancestors.should be_include(Puppet::Provider)
         end
+
+        it "should fail if a ':' is included in the password" do
+            lambda { user.create(:name => "foo", :password => 'some:thing') }.should raise_error(Puppet::Error)
+        end
     end
 
     properties = [:ensure, :uid, :gid, :home, :comment, :shell, :password, :groups, :roles, :auths, :profiles, :project, :keys]
author	Luke Kanies <luke@madstop.com>	2009-02-10 14:25:22 -0600
committer	James Turnbull <james@lovedthanlost.net>	2009-02-11 08:35:11 +1100
commit	db05c00af042cce1f09640071706efbc82742a01 (patch)
tree	06f517aa5348537c368ebb770a5c45801167292b
parent	aa219e76b15a543c0091b83efbb13a711d657287 (diff)
download	puppet-db05c00af042cce1f09640071706efbc82742a01.tar.gz puppet-db05c00af042cce1f09640071706efbc82742a01.tar.xz puppet-db05c00af042cce1f09640071706efbc82742a01.zip