[
https://issues.apache.org/jira/browse/KNOX-2940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Attila Magyar updated KNOX-2940:
--------------------------------
Description:
If I want to create a password with a leading - character the create-alias
command will fail:
{code}
knoxcli.sh create-alias name --value "-asdf"
{code}
The same is true for the batch alias creation command. Using quotes around the
value doesn't help.
The reason for this is this check:
{code}
} else if (args[i].equals("--value")) {
if (i + 1 >= args.length || args[i + 1].startsWith("-")) {
printKnoxShellUsage();
return -1;
}
{code}
This tries to prevent incorrect usage by checking if the next parameter is
likely an another command.
For example this prevents this case where the user mistakenly combined the
--value (without defining a value) with the --generate command.
{code}
bin/knoxcli.sh create-alias test --value --generate
{code}
However we can prevent by explicitly testing if the next parameter is any of
the commands supported by the create-alias/create-aliases command. There are
only 2, --generate and --cluster.
But these kind of incorrect usages can be tested with:
{code}
if (args.length > i + 1 && ("--generate".equals(args[i + 1]) ||
"--cluster".equals(args[i + 1]))) {
printKnoxShellUsage();
return -1;
}
{code}
Misusing the batch alias command will generate error regardless of this check
because the number of parameters won't match.
Here there is no value for a1.
{code}
knoxcli.sh create-aliases --alias a1 --value --alias a2 --value v2
{code}
For this no extra check is required.
was:
If I want to create a password with a leading - character the create-alias
command will fail:
{code}
knoxcli.sh create-alias name --value "-asdf"
{code}
The same is true for the batch alias creation command. Using quotes around the
value doesn't help.
The reason for this is this check:
{code}
} else if (args[i].equals("--value")) {
if (i + 1 >= args.length || args[i + 1].startsWith("-")) {
printKnoxShellUsage();
return -1;
}
{code}
This tries to prevent incorrect usage by checking if the next parameter is
likely an another command.
For example this prevents this case where the user mistakenly combined the
--value (without defining a value) with the --generate command.
{code}
bin/knoxcli.sh create-alias test --value --generate
{code}
However we can prevent by explicitly testing if the next parameter is any of
the commands supported by the create-alias/create-aliases command. There are
only 2, --generate and --cluster.
But these kind of incorrect usages can be tested with:
{code}
if (i + 1 >= args.length && ("--generate".equals(args[i + 1]) ||
"--cluster".equals(args[i + 1]))) {
printKnoxShellUsage();
return -1;
}
{code}
Misusing the batch alias command will generate error regardless of this check
because the number of parameters won't match.
Here there is no value for a1.
{code}
knoxcli.sh create-aliases --alias a1 --value --alias a2 --value v2
{code}
For this no extra check is required.
> knoxcli create-alias/create-aliases command doesn't support values starting
> with dash
> -------------------------------------------------------------------------------------
>
> Key: KNOX-2940
> URL: https://issues.apache.org/jira/browse/KNOX-2940
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxCLI
> Reporter: Attila Magyar
> Assignee: Attila Magyar
> Priority: Major
>
> If I want to create a password with a leading - character the create-alias
> command will fail:
> {code}
> knoxcli.sh create-alias name --value "-asdf"
> {code}
> The same is true for the batch alias creation command. Using quotes around
> the value doesn't help.
> The reason for this is this check:
> {code}
> } else if (args[i].equals("--value")) {
> if (i + 1 >= args.length || args[i + 1].startsWith("-")) {
> printKnoxShellUsage();
> return -1;
> }
> {code}
> This tries to prevent incorrect usage by checking if the next parameter is
> likely an another command.
> For example this prevents this case where the user mistakenly combined the
> --value (without defining a value) with the --generate command.
> {code}
> bin/knoxcli.sh create-alias test --value --generate
> {code}
> However we can prevent by explicitly testing if the next parameter is any of
> the commands supported by the create-alias/create-aliases command. There are
> only 2, --generate and --cluster.
> But these kind of incorrect usages can be tested with:
> {code}
> if (args.length > i + 1 && ("--generate".equals(args[i + 1]) ||
> "--cluster".equals(args[i + 1]))) {
> printKnoxShellUsage();
> return -1;
> }
> {code}
> Misusing the batch alias command will generate error regardless of this check
> because the number of parameters won't match.
> Here there is no value for a1.
> {code}
> knoxcli.sh create-aliases --alias a1 --value --alias a2 --value v2
> {code}
> For this no extra check is required.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
