Rev 3429: Warn when ignoring ssh password in authentication.conf (#203186) in http://bazaar.launchpad.net/%7Evila/bzr/bzr.integration

Vincent Ladeuil v.ladeuil+lp at free.fr
Fri May 16 19:43:58 BST 2008


At http://bazaar.launchpad.net/%7Evila/bzr/bzr.integration

------------------------------------------------------------
revno: 3429
revision-id: v.ladeuil+lp at free.fr-20080516184329-jspuzitz6fhevxnm
parent: pqm at pqm.ubuntu.com-20080516112018-tcfzyuogltgboinn
parent: v.ladeuil+lp at free.fr-20080516183336-3jz7zixt676448r8
committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
branch nick: trunk
timestamp: Fri 2008-05-16 20:43:29 +0200
message:
  Warn when ignoring ssh password in authentication.conf (#203186)
modified:
  NEWS                           NEWS-20050323055033-4e00b5db738777ff
  bzrlib/config.py               config.py-20051011043216-070c74f4e9e338e8
  bzrlib/tests/test_config.py    testconfig.py-20051011041908-742d0c15d8d8c8eb
    ------------------------------------------------------------
    revno: 3420.1.4
    revision-id: v.ladeuil+lp at free.fr-20080516183336-3jz7zixt676448r8
    parent: v.ladeuil+lp at free.fr-20080516072422-d6rfj3lw8rmldvfy
    committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
    branch nick: 203186-warn-pass-for-ssh-auth
    timestamp: Fri 2008-05-16 20:33:36 +0200
    message:
      Fix comment.
    modified:
      bzrlib/tests/test_config.py    testconfig.py-20051011041908-742d0c15d8d8c8eb
    ------------------------------------------------------------
    revno: 3420.1.3
    revision-id: v.ladeuil+lp at free.fr-20080516072422-d6rfj3lw8rmldvfy
    parent: v.ladeuil+lp at free.fr-20080515222045-0ewqm6gk6f8s58zv
    committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
    branch nick: 203186-warn-pass-for-ssh-auth
    timestamp: Fri 2008-05-16 09:24:22 +0200
    message:
      John's review feedback.
      
      * bzrlib/tests/test_config.py:
      (TestAuthenticationConfig.test_ssh_without_password_doesnt_emit_warning):
      Ensure that no warning is emitted if no password is defined.
      
      * bzrlib/config.py:
      (AuthenticationConfig.get_password): Check that there is a
      password defined before warning the user.
    modified:
      bzrlib/config.py               config.py-20051011043216-070c74f4e9e338e8
      bzrlib/tests/test_config.py    testconfig.py-20051011041908-742d0c15d8d8c8eb
    ------------------------------------------------------------
    revno: 3420.1.2
    revision-id: v.ladeuil+lp at free.fr-20080515222045-0ewqm6gk6f8s58zv
    parent: v.ladeuil+lp at free.fr-20080512142928-b0x3ktxdriztye6h
    committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
    branch nick: 203186-warn-pass-for-ssh-auth
    timestamp: Fri 2008-05-16 00:20:45 +0200
    message:
      Fix bug #203186 by ignoring passwords for ssh and warning user.
      
      * bzrlib/tests/test_config.py:
      (TestAuthenticationConfig.test_ssh_password_emits_warning): Check
      that password is ignored and a warning issued.
      
      * bzrlib/config.py:
      (AuthenticationConfig.get_password): Ignore passwords for ssh
      schemes and warn user.
    modified:
      NEWS                           NEWS-20050323055033-4e00b5db738777ff
      bzrlib/config.py               config.py-20051011043216-070c74f4e9e338e8
      bzrlib/tests/test_config.py    testconfig.py-20051011041908-742d0c15d8d8c8eb
    ------------------------------------------------------------
    revno: 3420.1.1
    revision-id: v.ladeuil+lp at free.fr-20080512142928-b0x3ktxdriztye6h
    parent: pqm at pqm.ubuntu.com-20080509175237-wexvavsbk1x3qf38
    parent: pqm at pqm.ubuntu.com-20080512115743-6uz3lnmrrbhmoiqe
    committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
    branch nick: 203186-warn-pass-for-ssh-auth
    timestamp: Mon 2008-05-12 16:29:28 +0200
    message:
       merge bzr.dev to get other related fixes
    added:
      doc/developers/repository-stream.txt repositorystream.txt-20080410222511-nh6b9bvscvcerh48-1
    modified:
      NEWS                           NEWS-20050323055033-4e00b5db738777ff
      bzr                            bzr.py-20050313053754-5485f144c7006fa6
      bzrlib/__init__.py             __init__.py-20050309040759-33e65acf91bbcd5d
      bzrlib/builtins.py             builtins.py-20050830033751-fc01482b9ca23183
      bzrlib/config.py               config.py-20051011043216-070c74f4e9e338e8
      bzrlib/errors.py               errors.py-20050309040759-20512168c4e14fbd
      bzrlib/fetch.py                fetch.py-20050818234941-26fea6105696365d
      bzrlib/help_topics/en/authentication.txt authentication_conf.-20071104135035-glfv0ri355tyg1nf-1
      bzrlib/knit.py                 knit.py-20051212171256-f056ac8f0fbe1bd9
      bzrlib/repofmt/knitrepo.py     knitrepo.py-20070206081537-pyy4a00xdas0j4pf-1
      bzrlib/repofmt/pack_repo.py    pack_repo.py-20070813041115-gjv5ma7ktfqwsjgn-1
      bzrlib/repofmt/weaverepo.py    presplitout.py-20070125045333-wfav3tsh73oxu3zk-1
      bzrlib/repository.py           rev_storage.py-20051111201905-119e9401e46257e3
      bzrlib/revision.py             revision.py-20050309040759-e77802c08f3999d5
      bzrlib/store/__init__.py       store.py-20050309040759-164dc5173d6406c2
      bzrlib/store/versioned/__init__.py weavestore.py-20050907094258-88262e0434babab9
      bzrlib/symbol_versioning.py    symbol_versioning.py-20060105104851-9ecf8af605d15a80
      bzrlib/tests/__init__.py       selftest.py-20050531073622-8d0e3c8845c97a64
      bzrlib/tests/blackbox/test_selftest.py test_selftest.py-20060123024542-01c5f1bbcb596d78
      bzrlib/tests/interrepository_implementations/test_fetch.py test_fetch.py-20080425213627-j60cjh782ufm83ry-1
      bzrlib/tests/interrepository_implementations/test_interrepository.py test_interrepository.py-20060220061411-1ec13fa99e5e3eee
      bzrlib/tests/interversionedfile_implementations/test_join.py test_join.py-20060302012326-9b5e9b0f0a03fedc
      bzrlib/tests/repository_implementations/test_repository.py test_repository.py-20060131092128-ad07f494f5c9d26c
      bzrlib/tests/test_config.py    testconfig.py-20051011041908-742d0c15d8d8c8eb
      bzrlib/tests/test_errors.py    test_errors.py-20060210110251-41aba2deddf936a8
      bzrlib/tests/test_knit.py      test_knit.py-20051212171302-95d4c00dd5f11f2b
      bzrlib/tests/test_revision.py  testrevision.py-20050804210559-46f5e1eb67b01289
      bzrlib/tests/test_selftest.py  test_selftest.py-20051202044319-c110a115d8c0456a
      bzrlib/tests/test_versionedfile.py test_versionedfile.py-20060222045249-db45c9ed14a1c2e5
      bzrlib/tests/test_weave.py     testknit.py-20050627023648-9833cc5562ffb785
      bzrlib/versionedfile.py        versionedfile.py-20060222045106-5039c71ee3b65490
      bzrlib/weave.py                knit.py-20050627021749-759c29984154256b
      doc/developers/HACKING.txt     HACKING-20050805200004-2a5dc975d870f78c
      doc/developers/authentication-ring.txt authring.txt-20070718200437-q5tdik0ne6lor86d-1
      doc/developers/index.txt       index.txt-20070508041241-qznziunkg0nffhiw-1
      doc/en/user-guide/configuring_bazaar.txt configuring_bazaar.t-20071128000722-ncxiua259xwbdbg7-1
-------------- next part --------------
=== modified file 'NEWS'
--- a/NEWS	2008-05-16 07:43:58 +0000
+++ b/NEWS	2008-05-16 18:43:29 +0000
@@ -27,6 +27,11 @@
 
   BUGFIXES:
 
+    * Issue a warning and ignore passwords declared in authentication.conf when
+      used for an ssh scheme (sftp or bzr+ssh).
+      (Vincent Ladeuil, #203186)
+
+
   DOCUMENTATION:
 
   TESTING:

=== modified file 'bzrlib/config.py'
--- a/bzrlib/config.py	2008-05-09 19:09:52 +0000
+++ b/bzrlib/config.py	2008-05-16 07:24:22 +0000
@@ -1090,12 +1090,17 @@
         credentials = self.get_credentials(scheme, host, port, user, path)
         if credentials is not None:
             password = credentials['password']
+            if password is not None and scheme is 'ssh':
+                trace.warning('password ignored in section [%s],'
+                              ' use an ssh agent instead'
+                              % credentials['name'])
+                password = None
         else:
             password = None
         # Prompt user only if we could't find a password
         if password is None:
             if prompt is None:
-                # Create a default prompt suitable for most of the cases
+                # Create a default prompt suitable for most cases
                 prompt = '%s' % scheme.upper() + ' %(user)s@%(host)s password'
             # Special handling for optional fields in the prompt
             if port is not None:

=== modified file 'bzrlib/tests/test_config.py'
--- a/bzrlib/tests/test_config.py	2008-05-09 19:09:52 +0000
+++ b/bzrlib/tests/test_config.py	2008-05-16 18:33:36 +0000
@@ -1412,6 +1412,51 @@
             'SMTP %(user)s@%(host)s:%(port)d password: ',
             'smtp', port=10025)
 
+    def test_ssh_password_emits_warning(self):
+        conf = config.AuthenticationConfig(_file=StringIO(
+                """
+[ssh with password]
+scheme=ssh
+host=bar.org
+user=jim
+password=jimpass
+"""))
+        entered_password = 'typed-by-hand'
+        stdout = tests.StringIOWrapper()
+        ui.ui_factory = tests.TestUIFactory(stdin=entered_password + '\n',
+                                            stdout=stdout)
+
+        # Since the password defined in the authentication config is ignored,
+        # the user is prompted
+        self.assertEquals(entered_password,
+                          conf.get_password('ssh', 'bar.org', user='jim'))
+        self.assertContainsRe(
+            self._get_log(keep_log_file=True),
+            'password ignored in section \[ssh with password\]')
+
+    def test_ssh_without_password_doesnt_emit_warning(self):
+        conf = config.AuthenticationConfig(_file=StringIO(
+                """
+[ssh with password]
+scheme=ssh
+host=bar.org
+user=jim
+"""))
+        entered_password = 'typed-by-hand'
+        stdout = tests.StringIOWrapper()
+        ui.ui_factory = tests.TestUIFactory(stdin=entered_password + '\n',
+                                            stdout=stdout)
+
+        # Since the password defined in the authentication config is ignored,
+        # the user is prompted
+        self.assertEquals(entered_password,
+                          conf.get_password('ssh', 'bar.org', user='jim'))
+        # No warning shoud be emitted since there is no password. We are only
+        # providing "user".
+        self.assertNotContainsRe(
+            self._get_log(keep_log_file=True),
+            'password ignored in section \[ssh with password\]')
+
 
 # FIXME: Once we have a way to declare authentication to all test servers, we
 # can implement generic tests.



More information about the bazaar-commits mailing list