Red Hat Bugzilla – Bug 84541
rhn-register complains about characters in password
Last modified: 2013-02-26 19:49:42 EST
Description of problem: After recently changing my password to one that happens to have a '%' character in it via the web interface, I can no longer register systems. The RHN web interface accepted the new password without complaint. RHN register returns error code 15: password contains a '%' character Error Class Info: The username contains invalid characters Version-Release number of selected component (if applicable): rhn_register-2.7.9-7.x.2 How reproducible: always Steps to Reproduce: 1.set a password w/ a '%' character on the web interface (which will he accepted) 2. run rhn_register 3. Actual results: rhn_register doesn't accept my valid password. Expected results: rhn_register should register the system regardless of what is in the password if the password is valid. Additional info:
Blocking rhnupr4u4 and rhnupr3u8 to track the progress of the release
Moving bugs to the CanFix List
This bug did not make the code freeze and it will not be fiixed during this release cycle. Re-aligning bug to the next release
This bug did not make the code freeze. It will not be fixed in this releasee Reea ligning to the next one.
Note, this may not involve client changes. Should this solely be a server-side change, I'll clone this bug, change the clone's component to RHN/Backend, and close this one.
Yes, this needs to be a server side change: basically in backend/server/rhnUser.py there is a call validate_new_password this validates the password sent by the client and throws an rhnFault if it does'nt comply with the regex mentioned. invalid_re = re.compile(r"[^ A-Za-z0-9`!@#$%^&*()-_=+[{\]}\\|;:'\",<.>/?~]") so instead of checking for valid characters, we just follow the business rule on account creation that we follow for webui where the only restriction is the length.
Apparently It seems to work for me: created a user with username: 'test_pwd' password: '%password%' from webui then ran $rhn_register -vv (with the above uname and password) [root@rlx-0-20 ~]# rhn_register -vv D: logininfo: {'X-RHN-Server-Id': 1007041205, 'X-RHN-Auth-Server-Time': '1163706208.5', 'X-RHN-Auth': 'IHPBtCY7wiZ8y/AJjZmVMA==', 'X-RHN-Auth-Channels': [['rhel-i386-as-4', '20061110101036', '1', '1']], 'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'} [root@rlx-0-20 ~]# works fine with no errors... let me know if i missed anything here
Also the version of up2date i'm running is: [root@rlx-0-20 ~]# rpm -q up2date up2date-4.4.69-25
my comments in comment#11 is only for new user creation. So if we try to create a new user with rhn_register with % in password it raises an exception as i mentioned. But as per the original bug reported we should not have this issue for existing users.