Repository: stratos Updated Branches: refs/heads/stratos-4.1.x 45ce6596c -> 4fad87cd9
This fixes STRATOS-1581: PCA @ sign in password Project: http://git-wip-us.apache.org/repos/asf/stratos/repo Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/4fad87cd Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/4fad87cd Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/4fad87cd Branch: refs/heads/stratos-4.1.x Commit: 4fad87cd999187d9023fad55c652e5bbc435cc70 Parents: 45ce659 Author: Akila Perera <[email protected]> Authored: Tue Oct 6 02:34:04 2015 +0530 Committer: Akila Perera <[email protected]> Committed: Tue Oct 6 02:35:09 2015 +0530 ---------------------------------------------------------------------- .../modules/artifactmgt/git/agentgithandler.py | 39 +++++++++----------- .../modules/util/cartridgeagentutils.py | 9 +++-- .../agent/integration/tests/ADCTestCase.java | 2 +- 3 files changed, 25 insertions(+), 25 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/stratos/blob/4fad87cd/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/artifactmgt/git/agentgithandler.py ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/artifactmgt/git/agentgithandler.py b/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/artifactmgt/git/agentgithandler.py index 742f759..b7ac62f 100644 --- a/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/artifactmgt/git/agentgithandler.py +++ b/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/artifactmgt/git/agentgithandler.py @@ -22,6 +22,7 @@ import time import os import tempfile from git import * +import urllib import constants from config import Config @@ -31,6 +32,7 @@ from ...artifactmgt.repository import Repository from exception import GitRepositorySynchronizationException from distutils.dir_util import copy_tree + class AgentGitHandler: """ Handles all the git artifact management tasks related to a cartridge @@ -288,34 +290,29 @@ class AgentGitHandler: # "https://host.com/path/to/repo.git"; # "https://[email protected]/path/to/repo.git"; # "https://username:[email protected]/path/to/repo.git"; NOT RECOMMENDED - if repo_info.repo_username is not None and repo_info.repo_username != "": + # IMPORTANT: if the credentials are provided in the repo url, they must be url encoded + if repo_info.repo_username is not None or repo_info.repo_password is not None: # credentials provided, have to modify url repo_url = repo_info.repo_url - url_split = repo_url.split("//") + url_split = repo_url.split("://", 1) + + # urlencode repo username and password + urlencoded_username = urllib.quote(repo_info.repo_username.strip(), safe='') + urlencoded_password = urllib.quote(repo_info.repo_password.strip(), safe='') if "@" in url_split[1]: # credentials seem to be in the url, check - at_split = url_split[1].split("@") - if ":" in url_split[1] and url_split[1].index(":") < url_split[1].index("@"): - # both username and password are in the url, check and return as is - credential_split = at_split[0].split(":") - if credential_split[0] is repo_info.repo_username and \ - credential_split[1] is repo_info.repo_password: - # credentialed url with provided credentials, return as is - return repo_info.repo_url - else: - # credentials wrong, need to replace - return str(url_split[ - 0] + "//" + repo_info.repo_username + ":" + repo_info.repo_password.strip() + "@" + - at_split[1]) + at_split = url_split[1].split("@", 1) + if ":" in at_split[0]: + # both username and password are in the url, return as is + return repo_info.repo_url else: # only username is provided, need to include password - return str( - url_split[0] + "//" + repo_info.repo_username + ":" + repo_info.repo_password.strip() + "@" + - at_split[1]) + username_in_url = at_split[0].split(":", 1)[0] + return str(url_split[0] + "://" + username_in_url + ":" + urlencoded_password + + "@" + at_split[1]) else: # no credentials in the url, need to include username and password - return str(url_split[0] + "//" + repo_info.repo_username + ":" + repo_info.repo_password.strip() + "@" + - url_split[1]) + return str(url_split[0] + "://" + urlencoded_username + ":" + urlencoded_password + "@" + url_split[1]) # no credentials specified, return as is return repo_info.repo_url @@ -573,4 +570,4 @@ class GitUtils: shutil.rmtree(path) GitUtils.log.debug("Directory [%s] deleted." % path) except OSError as e: - raise GitRepositorySynchronizationException("Deletion of folder path %s failed: %s" % (path, e)) \ No newline at end of file + raise GitRepositorySynchronizationException("Deletion of folder path %s failed: %s" % (path, e)) http://git-wip-us.apache.org/repos/asf/stratos/blob/4fad87cd/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/util/cartridgeagentutils.py ---------------------------------------------------------------------- diff --git a/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/util/cartridgeagentutils.py b/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/util/cartridgeagentutils.py index 4103bbc..f9a9bbb 100644 --- a/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/util/cartridgeagentutils.py +++ b/components/org.apache.stratos.python.cartridge.agent/src/main/python/cartridge.agent/cartridge.agent/modules/util/cartridgeagentutils.py @@ -20,6 +20,7 @@ import base64 import time import socket import string +import hashlib from log import LogFactory @@ -27,7 +28,8 @@ log = LogFactory().get_log(__name__) unpad = lambda s: s[0:-ord(s[-1])] current_milli_time = lambda: int(round(time.time() * 1000)) - +BS = 16 +pad = lambda s: s + (BS - len(s) % BS) * chr(BS - len(s) % BS) def decrypt_password(pass_str, secret): """ @@ -45,7 +47,7 @@ def decrypt_password(pass_str, secret): dec_pass = "" try: - log.debug("Decrypting password") + log.debug("Decrypting cipher text: %s" % pass_str) bdecoded_pass = base64.b64decode(pass_str.strip()) # secret length should be 16 cipher = AES.new(secret.strip(), AES.MODE_ECB) @@ -56,7 +58,8 @@ def decrypt_password(pass_str, secret): # remove nonprintable characters that are padded in the decrypted password dec_pass = filter(lambda x: x in string.printable, dec_pass) - log.debug("Decrypted PWD: [%r]" % dec_pass) + dec_pass_md5 = hashlib.md5(dec_pass.encode('utf-8')).hexdigest() + log.debug("Decrypted password md5sum: [%r]" % dec_pass_md5) return dec_pass http://git-wip-us.apache.org/repos/asf/stratos/blob/4fad87cd/products/python-cartridge-agent/modules/integration/test-integration/src/test/java/org/apache/stratos/python/cartridge/agent/integration/tests/ADCTestCase.java ---------------------------------------------------------------------- diff --git a/products/python-cartridge-agent/modules/integration/test-integration/src/test/java/org/apache/stratos/python/cartridge/agent/integration/tests/ADCTestCase.java b/products/python-cartridge-agent/modules/integration/test-integration/src/test/java/org/apache/stratos/python/cartridge/agent/integration/tests/ADCTestCase.java index 6277a55..733a111 100755 --- a/products/python-cartridge-agent/modules/integration/test-integration/src/test/java/org/apache/stratos/python/cartridge/agent/integration/tests/ADCTestCase.java +++ b/products/python-cartridge-agent/modules/integration/test-integration/src/test/java/org/apache/stratos/python/cartridge/agent/integration/tests/ADCTestCase.java @@ -242,7 +242,7 @@ public class ADCTestCase extends PythonAgentIntegrationTest { ArtifactUpdatedEvent privateRepoEvent = createTestArtifactUpdatedEvent(); privateRepoEvent.setRepoURL("https://bitbucket.org/testapache2211/testrepo.git";); privateRepoEvent.setRepoUserName("testapache2211"); - privateRepoEvent.setRepoPassword("RExPDGa4GkPJj4kJDzSROQ=="); + privateRepoEvent.setRepoPassword("+to2qVW16jzy+Xb/zuafQQ=="); return privateRepoEvent; }
