[
https://issues.apache.org/jira/browse/KNOX-2940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Attila Magyar updated KNOX-2940:
--------------------------------
Description:
If I want to create a password with a leading - character the create-alias
command will fail:
{code}
knoxcli.sh create-alias name --value "-asdf"
{code}
The same is true for the batch alias creation command. Using quotes around the
value doesn't help.
The reason for this is this check:
{code}
} else if (args[i].equals("--value")) {
if (i + 1 >= args.length || args[i + 1].startsWith("-")) {
printKnoxShellUsage();
return -1;
}
{code}
This tries to prevent incorrect usage by checking if the next parameter is
likely an another command (so the actual value is missing).
For example this prevents this case where the user mistakenly combined the
--value (without defining a value) with the --generate command.
{code}
bin/knoxcli.sh create-alias test --value --generate
{code}
However we can prevent this by explicitly testing if the next parameter is any
of the commands supported by the create-alias/create-aliases command. There are
only 2, --generate and --cluster.
So these kind of incorrect usages can be tested with:
{code}
if (args.length > i + 1 && ("--generate".equals(args[i + 1]) ||
"--cluster".equals(args[i + 1]))) {
printKnoxShellUsage();
return -1;
}
{code}
Misusing the batch alias command will generate error regardless of this check
because the number of parameters won't match.
Here there is no value for a1.
{code}
knoxcli.sh create-aliases --alias a1 --value --alias a2 --value v2
{code}
For this no extra check is required.
was:
If I want to create a password with a leading - character the create-alias
command will fail:
{code}
knoxcli.sh create-alias name --value "-asdf"
{code}
The same is true for the batch alias creation command. Using quotes around the
value doesn't help.
The reason for this is this check:
{code}
} else if (args[i].equals("--value")) {
if (i + 1 >= args.length || args[i + 1].startsWith("-")) {
printKnoxShellUsage();
return -1;
}
{code}
This tries to prevent incorrect usage by checking if the next parameter is
likely an another command (so the actual value is missing).
For example this prevents this case where the user mistakenly combined the
--value (without defining a value) with the --generate command.
{code}
bin/knoxcli.sh create-alias test --value --generate
{code}
However we can prevent this by explicitly testing if the next parameter is any
of the commands supported by the create-alias/create-aliases command. There are
only 2, --generate and --cluster.
But these kind of incorrect usages can be tested with:
{code}
if (args.length > i + 1 && ("--generate".equals(args[i + 1]) ||
"--cluster".equals(args[i + 1]))) {
printKnoxShellUsage();
return -1;
}
{code}
Misusing the batch alias command will generate error regardless of this check
because the number of parameters won't match.
Here there is no value for a1.
{code}
knoxcli.sh create-aliases --alias a1 --value --alias a2 --value v2
{code}
For this no extra check is required.
> knoxcli create-alias/create-aliases command doesn't support values starting
> with dash
> -------------------------------------------------------------------------------------
>
> Key: KNOX-2940
> URL: https://issues.apache.org/jira/browse/KNOX-2940
> Project: Apache Knox
> Issue Type: Bug
> Components: KnoxCLI
> Reporter: Attila Magyar
> Assignee: Attila Magyar
> Priority: Major
>
> If I want to create a password with a leading - character the create-alias
> command will fail:
> {code}
> knoxcli.sh create-alias name --value "-asdf"
> {code}
> The same is true for the batch alias creation command. Using quotes around
> the value doesn't help.
> The reason for this is this check:
> {code}
> } else if (args[i].equals("--value")) {
> if (i + 1 >= args.length || args[i + 1].startsWith("-")) {
> printKnoxShellUsage();
> return -1;
> }
> {code}
> This tries to prevent incorrect usage by checking if the next parameter is
> likely an another command (so the actual value is missing).
> For example this prevents this case where the user mistakenly combined the
> --value (without defining a value) with the --generate command.
> {code}
> bin/knoxcli.sh create-alias test --value --generate
> {code}
> However we can prevent this by explicitly testing if the next parameter is
> any of the commands supported by the create-alias/create-aliases command.
> There are only 2, --generate and --cluster.
> So these kind of incorrect usages can be tested with:
> {code}
> if (args.length > i + 1 && ("--generate".equals(args[i + 1]) ||
> "--cluster".equals(args[i + 1]))) {
> printKnoxShellUsage();
> return -1;
> }
> {code}
> Misusing the batch alias command will generate error regardless of this check
> because the number of parameters won't match.
> Here there is no value for a1.
> {code}
> knoxcli.sh create-aliases --alias a1 --value --alias a2 --value v2
> {code}
> For this no extra check is required.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
