[jira] [Commented] (SLING-10430) Add fix for POSIX newline in password files

Fri, 28 May 2021 01:03:09 -0700 


    [ 
https://issues.apache.org/jira/browse/SLING-10430?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17353034#comment-17353034
 ] 

Bertrand Delacretaz commented on SLING-10430:
---------------------------------------------

I still don't understand what's wrong with removing all trailing whitespace 
characters when reading the password from the file. That wouldn't require a 
configuration and helps avoid hard to troubleshoot issues in the vast majority 
of cases.

The remaining cases are passwords which contain whitespace at the end, which 
such a change would break, but such passwords are not a good idea anyway, IMO. 
I wouldn't mind blocking them and documenting that limitation.

This being said, I have never used this module myself so if you think the 
current behavior is fine I will not object.

> Add fix for POSIX newline in password files
> -------------------------------------------
>
>                 Key: SLING-10430
>                 URL: https://issues.apache.org/jira/browse/SLING-10430
>             Project: Sling
>          Issue Type: New Feature
>          Components: Commons
>            Reporter: Oliver Lietz
>            Assignee: Oliver Lietz
>            Priority: Major
>             Fix For: Commons Crypto 1.1.0
>
>
> POSIX recommends (_shall_) to terminate lines in regular text files with 
> newline character ({{\n}}).
> Tools on UNIX/POSIX systems therefore add a newline character by default to 
> terminate lines and also expect a newline character:
> {noformat}
> beat:resources olli$ wc -l password.ascii85
>        0 password.ascii85
> beat:resources olli$ cat password.ascii85
> +AQ?aDes!'DBMkrCi:FE6q\sOn=Pbmn=PK8n=PK?beat:resources olli$ wc -l 
> password.ascii85_newline
>        1 password.ascii85_newline
> beat:resources olli$ cat password.ascii85_newline
> +AQ?aDes!'DBMkrCi:FE6q\sOn=Pbmn=PK8n=PK?
> beat:resources olli$
> {noformat}
> * {{wc}} reports zero lines for {{password.ascii85}}
> * output for {{password.ascii85}} on shell from {{cat}} looks flawed
> The extra newline character leads to an error (SLING-10415) with misleading 
> message:
> {noformat}
> org.jasypt.exceptions.EncryptionInitializationException: 
> java.security.spec.InvalidKeySpecException: Password is not ASCII
>       at 
> org.jasypt.encryption.pbe.StandardPBEByteEncryptor.initialize(StandardPBEByteEncryptor.java:773)
> {noformat}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to