Description of problem: If the wallaby tool wallaby-load is run without given password, the tool requires password from user, it prints 'Please enter your password'. The prompt is not ended by colon, moreover it's not clear which password is required. It will be better if the tool prints the prompt such like this 'Please enter qpid password:' Version-Release number of selected component (if applicable): wallaby-utils-0.6.1-2 How reproducible: 100% Steps to Reproduce: 1. Run wallaby-load with some valid snapshot as parameter e.g. with '/var/lib/condor-wallaby-base-db/condor-base-db.snapshot' Actual results: The tool ask for qpid password with this prompt 'Please enter your password' Expected results: The tool ask for password with some prompt ended by colon
This prompt comes from SASL, and the issue is present in cyrus-sasl-plain-2.1.22.el5. I am reassigning this bug to cyrus-sasl.
The problem is in the sasl callback in the mentioned tool. The message is displayed only when the caller does not supply its own one.
(In reply to comment #5) > The message is displayed only when the caller does not supply its own one. But if we agree with the original bug report, the (default) message is still wrong, is it not? In that case, it should be fixed in SASL regardless of whether or not individual clients can override the message. The Ruby QMF library that wallaby is built on does not allow developers to supply password-gathering callbacks; fixing SASL is obviously the cleanest solution from my perspective. (It's far less invasive to correct a static string than it is to expose callback functionality in Qpid/QMF and retool applications to use it!) But just punting to the application level isn't a good option, both philosophically (because library defaults should be usable and sensible) and technically (because clients may not be able to work around this issue).
(In reply to comment #6) > (In reply to comment #5) > > The message is displayed only when the caller does not supply its own one. > > But if we agree with the original bug report, the (default) message is still > wrong, is it not? In that case, it should be fixed in SASL regardless of > whether or not individual clients can override the message. No this should be repaired in the caller. > > The Ruby QMF library that wallaby is built on does not allow developers to > supply password-gathering callbacks; fixing SASL is obviously the cleanest > solution from my perspective. In this case the bug is in ruby. (It's far less invasive to correct a static > string than it is to expose callback functionality in Qpid/QMF and retool > applications to use it!) But just punting to the application level isn't a > good option, both philosophically (because library defaults should be usable > and sensible) and technically (because clients may not be able to work around > this issue).
To be clear, there are two problems here. (1) The default prompt string is broken in SASL, and (2) the QMF console library for Ruby does not provide an option for a callback. Both of these should be fixed. Neither is a bug in ruby.
The default prompt string here is actually human readable string you can prompt the user with. You get all strings asking for name and password at once so if you had a GUI application you could bring up a dialog box asking for authentication name and password together instead of one at a time like it's done eg in virt-manager. Given that, this is not bug in cyrus-sasl. I'm closing this now but feel free to reassign this to correct QMF console library component.