From 209bcb0b98daf7edbea2c7428f6fe5f109e74e49 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Mon, 26 Sep 2011 08:27:01 +0200
Subject: Work around pkisilent bugs.

Check directory manager password and certificate subject base for
invalid characters.
(https://bugzilla.redhat.com/show_bug.cgi?id=658641)

Shell-escape pkisilent command-line arguments.
(https://bugzilla.redhat.com/show_bug.cgi?id=741180)

ticket 1636
---
 install/tools/ipa-server-install | 31 +++++++++++++++++++++++++------
 1 file changed, 25 insertions(+), 6 deletions(-)

(limited to 'install/tools')

diff --git a/install/tools/ipa-server-install b/install/tools/ipa-server-install
index 36efd2b82..cf00d5fac 100755
--- a/install/tools/ipa-server-install
+++ b/install/tools/ipa-server-install
@@ -40,7 +40,7 @@ from ConfigParser import RawConfigParser
 import random
 import tempfile
 import nss.error
-from optparse import OptionGroup
+from optparse import OptionGroup, OptionValueError
 
 from ipaserver.install import dsinstance
 from ipaserver.install import krbinstance
@@ -92,15 +92,31 @@ def subject_callback(option, opt_str, value, parser):
     """
     name = opt_str.replace('--','')
     v = unicode(value, 'utf-8')
+    if any(ord(c) < 0x20 for c in v):
+        raise OptionValueError("Subject base must not contain control characters")
+    if '&' in v:
+        raise OptionValueError("Subject base must not contain an ampersand (\"&\")")
     try:
         dn = DN(v)
         for rdn in dn:
             if rdn.attr.lower() not in VALID_SUBJECT_ATTRS:
-                raise ValueError('invalid attribute: %s' % rdn.attr)
+                raise OptionValueError('invalid attribute: %s' % rdn.attr)
     except ValueError, e:
-        raise ValueError('Invalid subject base format: %s' % str(e))
+        raise OptionValueError('Invalid subject base format: %s' % str(e))
     parser.values.subject = str(dn) # may as well normalize it
 
+def validate_dm_password(password):
+    if len(password) < 8:
+        raise ValueError("Password must be at least 8 characters long")
+    if any(ord(c) < 0x20 for c in password):
+        raise ValueError("Password must not contain control characters")
+    if ' ' in password:
+        raise ValueError("Password must not contain a space (\" \")")
+    if '&' in password:
+        raise ValueError("Password must not contain an ampersand (\"&\")")
+    if '\\' in password:
+        raise ValueError("Password must not contain a backslash (\"\\\")")
+
 def parse_options():
     # Guaranteed to give a random 200k range below the 2G mark (uint32_t limit)
     namespace = random.randint(1, 10000) * 200000
@@ -204,8 +220,11 @@ def parse_options():
     options, args = parser.parse_args()
     safe_options = parser.get_safe_opts(options)
 
-    if options.dm_password is not None and len(options.dm_password) < 8:
-        parser.error("DS admin password must be at least 8 characters long")
+    if options.dm_password is not None:
+        try:
+            validate_dm_password(options.dm_password)
+        except ValueError, e:
+            parser.error("DS admin password: " + str(e))
     if options.admin_password is not None and len(options.admin_password) < 8:
         parser.error("Admin user password must be at least 8 characters long")
 
@@ -417,7 +436,7 @@ def read_dm_password():
     print "The password must be at least 8 characters long."
     print ""
     #TODO: provide the option of generating a random password
-    dm_password = read_password("Directory Manager")
+    dm_password = read_password("Directory Manager", validator=validate_dm_password)
     return dm_password
 
 def read_admin_password():
-- 
cgit