go/rclone
1
0
Fork 0
mirror of https://github.com/rclone/rclone.git synced 2025-01-13 20:38:12 +02:00
Code Issues Releases Activity

allow trailing+leading whitespace for passwords - #1717

Browse Source 
warn users when they enter passwords with leading/trailing whitespaces

Updated config_test.go, removing deprecated test case and updated TestReveal
This commit is contained in:
ishuah 2017-10-19 14:36:12 +03:00 committed by Nick Craig-Wood
parent d121a94c20
commit 10f27e2ff2
3 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
fs/config.go
View File

@ -551,11 +551,15 @@ func checkPassword(password string) (string, error) {
if !utf8.ValidString(password) { if !utf8.ValidString(password) {
return "", errors.New("password contains invalid utf8 characters") return "", errors.New("password contains invalid utf8 characters")
} }
// Remove leading+trailing whitespace // Check for leading/trailing whitespace
password = strings.TrimSpace(password) trimmedPassword := strings.TrimSpace(password)
// Warn user if password has leading+trailing whitespace
if len(password) != len(trimmedPassword) {
fmt.Fprintln(os.Stderr, "Your password contains leading/trailing whitespace - in previous versions of rclone this was stripped")
}
// Normalize to reduce weird variations. // Normalize to reduce weird variations.
password = norm.NFKC.String(password) password = norm.NFKC.String(password)
if len(password) == 0 { if len(password) == 0 || len(trimmedPassword) == 0 {
return "", errors.New("no characters in password") return "", errors.New("no characters in password")
} }
return password, nil return password, nil

3
fs/config_read_password.go
View File

@ -10,7 +10,6 @@ import (
"fmt" "fmt"
"log" "log"
"os" "os"
"strings"
"golang.org/x/crypto/ssh/terminal" "golang.org/x/crypto/ssh/terminal"
) )
@ -22,5 +21,5 @@ func ReadPassword() string {
if err != nil { if err != nil {
log.Fatalf("Failed to read password: %v", err) log.Fatalf("Failed to read password: %v", err)
} }
return strings.TrimSpace(string(line)) return string(line)
} }

9
fs/config_test.go
View File

@ -107,9 +107,9 @@ func TestReveal(t *testing.T) {
in string in string
wantErr string wantErr string
}{ }{
{"YmJiYmJiYmJiYmJiYmJiYp*gcEWbAw", "base64 decode failed: illegal base64 data at input byte 22"}, {"YmJiYmJiYmJiYmJiYmJiYp*gcEWbAw", "base64 decode failed when revealing password - is it obscured?: illegal base64 data at input byte 22"},
{"aGVsbG8", "input too short"}, {"aGVsbG8", "input too short when revealing password - is it obscured?"},
{"", "input too short"}, {"", "input too short when revealing password - is it obscured?"},
} { } {
gotString, gotErr := Reveal(test.in) gotString, gotErr := Reveal(test.in)
assert.Equal(t, "", gotString) assert.Equal(t, "", gotString)
@ -203,9 +203,6 @@ func TestPassword(t *testing.T) {
// Simple check of wrong passwords // Simple check of wrong passwords
hashedKeyCompare(t, "mis", "match", false) hashedKeyCompare(t, "mis", "match", false)
// Check that passwords match with trimmed whitespace
hashedKeyCompare(t, " abcdef \t", "abcdef", true)
// Check that passwords match after unicode normalization // Check that passwords match after unicode normalization
hashedKeyCompare(t, "ff\u0041\u030A", "ffÅ", true) hashedKeyCompare(t, "ff\u0041\u030A", "ffÅ", true)