962986 – ipa-server-install crashes if DM Password contains a % character

Bug 962986 - ipa-server-install crashes if DM Password contains a % character

Summary: ipa-server-install crashes if DM Password contains a % character

Keywords:
Status:	CLOSED DUPLICATE of bug 953488
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	pki-ca
Sub Component:
Version:	18
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Orphan Owner
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-05-14 21:45 UTC by Joel
Modified:	2013-10-10 18:52 UTC (History)
CC List:	9 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-10-10 18:52:01 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Joel 2013-05-14 21:45:32 UTC

Description of problem:

When running ipa-server-install and setting the DM password to contain a % character, the install crashes on step:

Done configuring directory server (dirsrv).
Configuring certificate server (pki-tomcatd): Estimated time 3 minutes 30 seconds
  [1/20]: creating certificate server user
  [2/20]: configuring certificate server instance
ipa         : CRITICAL failed to configure ca instance Command '/usr/sbin/pkispawn -s CA -f /tmp/tmpDCzrue' returned non-zero exit status 1
Configuration of CA failed

Looking in /var/log/ipaserver-install.log, one can see that it is crashing on the % character in the password:

2013-05-14T15:51:34Z DEBUG stderr=Traceback (most recent call last):
  File "/usr/sbin/pkispawn", line 419, in <module>
    main(sys.argv)
  File "/usr/sbin/pkispawn", line 319, in main
    parser.compose_pki_master_dictionary()
  File "/usr/lib/python2.7/site-packages/pki/deployment/pkiparser.py", line 454, in compose_pki_master_dictionary
    self.flatten_master_dict()
  File "/usr/lib/python2.7/site-packages/pki/deployment/pkiparser.py", line 350, in flatten_master_dict
    subsystem_dict = dict(self.pki_config.items(config.pki_subsystem))
  File "/usr/lib64/python2.7/ConfigParser.py", line 655, in items
    for option in options]
  File "/usr/lib64/python2.7/ConfigParser.py", line 691, in _interpolate
    self._interpolate_some(option, L, rawval, section, vars, 1)
  File "/usr/lib64/python2.7/ConfigParser.py", line 732, in _interpolate_some
    "'%%' must be followed by '%%' or '(', found: %r" % (rest,))
ConfigParser.InterpolationSyntaxError: '%' must be followed by '%' or '(', found: '%restofpassword'



Version-Release number of selected component (if applicable):
freeipa-server-selinux-3.1.3-5.fc18.x86_64
freeipa-python-3.1.3-5.fc18.x86_64
freeipa-server-3.1.3-5.fc18.x86_64
freeipa-server-trust-ad-3.1.3-5.fc18.x86_64
freeipa-admintools-3.1.3-5.fc18.x86_64
freeipa-client-3.1.3-5.fc18.x86_64


How reproducible:
Set DM Password to contain a % character.   

User entered strings should be better escaped.

Comment 1 Nathan Kinder 2013-10-10 18:52:01 UTC

This was recently fixed upstream in Dogtag (though it's not yet available in a build).  I'm closing this as a duplicate of the bug where this is being handled since there is more info there.

*** This bug has been marked as a duplicate of bug 953488 ***

Note You need to log in before you can comment on or make changes to this bug.