[jira] [Updated] (KNOX-2940) knoxcli create-alias/create-aliases command doesn't support values starting with dash

Tue, 27 Feb 2024 02:48:49 -0800 


     [ 
https://issues.apache.org/jira/browse/KNOX-2940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Attila Magyar updated KNOX-2940:
--------------------------------
    Fix Version/s: 2.1.0

> knoxcli create-alias/create-aliases command doesn't support values starting 
> with dash
> -------------------------------------------------------------------------------------
>
>                 Key: KNOX-2940
>                 URL: https://issues.apache.org/jira/browse/KNOX-2940
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: KnoxCLI
>            Reporter: Attila Magyar
>            Assignee: Attila Magyar
>            Priority: Major
>             Fix For: 2.1.0
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> If I want to create a password with a leading - character the create-alias 
> command will fail:
> {code}
>  knoxcli.sh create-alias name --value "-asdf"
> {code}
> The same is true for the batch alias creation command. Using quotes around 
> the value doesn't help. Generated passwords sometimes contain - character and 
> sometimes they start with that character.
> The reason for this is this check:
> {code}
>     } else if (args[i].equals("--value")) {
>         if (i + 1 >= args.length || args[i + 1].startsWith("-")) {
>           printKnoxShellUsage();
>           return -1;
>         }
> {code}
> This tries to prevent incorrect usage by checking if the next parameter is 
> likely an another command (so the actual value is missing).
> For example this prevents this case where the user mistakenly combined the 
> --value (without defining a value) with the --generate command.
> {code}
> bin/knoxcli.sh create-alias test --value --generate
> {code}
> However we can prevent  this by explicitly testing if the next parameter is 
> any of the commands supported by the create-alias/create-aliases command. 
> There are only 2, --generate and --cluster.
> So these kind of incorrect usages can be tested with:
> {code}
>         if (args.length > i + 1 && ("--generate".equals(args[i + 1]) || 
> "--cluster".equals(args[i + 1]))) { // missing value
>           printKnoxShellUsage();
>           return -1;
>         }
> {code}
> So I think we should use the above check instead.
> Misusing the batch alias command will generate error regardless of this check 
> because the number of parameters won't match.
> Here there is no value for a1.
> {code}
> knoxcli.sh create-aliases --alias a1 --value --alias a2 --value v2
> {code}
> For this no extra check is required.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to