Bug 510733
Summary: | ipa pwpolicy minclasses: Need to define and enforce acceptable data ranges | ||
---|---|---|---|
Product: | [Retired] freeIPA | Reporter: | Jenny Severance <jgalipea> |
Component: | ipa-admintools | Assignee: | Dmitri Pal <dpal> |
Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 2.0 | CC: | benl, dpal, jgalipea, rcritten |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | freeipa-2.0.0-1.fc15 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-03-27 07:12:31 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 431020 |
Description
Jenny Severance
2009-07-10 14:10:11 UTC
Jason, perhaps we should put a default min/max into some of these classes to prevent this type of error. We still need to put per-param min/max in this case I think but a default would at least prevent this type of exception. No more traceback. There are 5 character classes according to Kerberos docs: - lower-case letters - upper-case letters - digits - punctuation - all other characters (e.g., control characters) I'm pretty sure, this was fixed before, but the limit is gone now. Patch coming soon. verified # ipa pwpolicy-mod --minclasses=100000000099999999 ipa: ERROR: invalid 'minclasses': can be at most 5 # ipa pwpolicy-mod --minclasses=1234567890 ipa: ERROR: invalid 'minclasses': can be at most 5 # ipa pwpolicy-mod --minclasses=6 ipa: ERROR: invalid 'minclasses': can be at most 5 # ipa pwpolicy-mod --minclasses=-1 ipa: ERROR: invalid 'minclasses': must be at least 0 # rpm -qi ipa-server | head Name : ipa-server Relocations: (not relocatable) Version : 2.0.0 Vendor: Red Hat, Inc. Release : 23.el6 Build Date: Wed 20 Apr 2011 09:57:13 AM EDT Install Date: Thu 19 May 2011 12:47:52 PM EDT Build Host: x86-003.build.bos.redhat.com Group : System Environment/Base Source RPM: ipa-2.0.0-23.el6.src.rpm Size : 2565882 License: GPLv3+ Signature : RSA/8, Thu 21 Apr 2011 03:48:25 PM EDT, Key ID 199e2f91fd431d51 Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla> URL : http://www.freeipa.org/ Summary : The IPA authentication server |