Bug 497828

Summary: piranha removes slashes from monitoring script send commands
Product: [Retired] Red Hat Cluster Suite Reporter: Marek Grac <mgrac>
Component: piranhaAssignee: Marek Grac <mgrac>
Status: CLOSED ERRATA QA Contact: Cluster QE <mspqa-list>
Severity: medium Docs Contact:
Priority: low    
Version: 4CC: cluster-maint, djansa, edamato, fnadge, ricardo.arguello, sghosh
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: piranha-0.8.3.1-6 Doc Type: Bug Fix
Doc Text:
Previously, piranha removed slashes from "send" commands. This caused the nanny daemon to time out. This update does no longer remove the slashes.
 Story Points: ---
Clone Of: 495102 Environment:
Last Closed: 2011-02-16 16:21:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 495102    
Bug Blocks:    
Attachments:
Description Flags
Patch for RHCS none

Description Marek Grac 2009-04-27 13:32:49 UTC 
+++ This bug was initially created as a clone of Bug #495102 +++

Description of problem: When editing a virtual service, any slash entered in the Send box will be removed when written to the configuration.  The default Send command contains slashes, so simply leaving it as-is and hitting Accept will result in HTTP/1.0rnrn as opposed to HTTP/1.0\r\n\r\n.  This in turn results in nanny timing out waiting for the real server to respond, when it never will because it didn't receive the two carriage returns.  

This is caused by the unnecessary stripslashes call in web/web/secure/virtual_edit_services.php:

       $send           = stripslashes($_GET['send']);



Version-Release number of selected component (if applicable): piranha-0.8.4-11.el5

How reproducible: Always

Steps to Reproduce:
1. Create a new virtual server or edit an existing one
2. Go to the Monitoring Scripts tab
3. Enter value (or leave defaults) of "GET / HTTP/1.0\r\n\r\n"
4. Hit Accept
  
Actual results: lvs.cf has 'send = "GET / HTTP/1.0rnrn"'

Expected results: lvs.cf has 'send = "GET / HTTP/1.0\r\n\r\n"'

Additional info: This issue was fixed in RHEL 4 by BZ 199243.

--- Additional comment from mgrac on 2009-04-27 09:28:21 EDT ---

Created an attachment (id=341428)
Patch

Situation is slightly more complicated. Usage of stripslashes() is not useless when php is configured with 'magic_quotes_gpc = On'. Attached patch should work in both of the situations.
Comment 1 Marek Grac 2009-04-27 13:33:50 UTC 
Created attachment 341429 [details]
Patch for RHCS

Patch for BZ 199243 does not care about magic_quotes_gpc.
Comment 4 Florian Nadge 2011-01-03 14:26:59 UTC 
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Previously, piranha removed slashes from "send" commands. This caused the nanny daemon to time out. This update does no longer remove the slashes.
Comment 5 errata-xmlrpc 2011-02-16 16:21:29 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0272.html