> Surely if the password is say "!@#"!@*&" then all 10 characters are part of the password. It is not for NUT to guess.
So I've run some experiments... and it seems to work as I OTOH-described earlier. In the new NIT tests, there are methods for `upsmon` configuration to be created but it is not tested yet. Passwords for upsmon roles are used from API clients however (Python, C++) and they succeed whether it is enclosed in double-quotes or not in the `upsd.users` file. In a live setup, identical password strings with or without doublequotes worked for `upsmon.conf` and `upsd.conf`, also if only one is quoted. Escaped doublequotes inside a password also worked, e.g. pass\"word or "pass\"word"; however spaces (escaped or hidden in doublequotes) did not work since the NUT protocol did not allow for that extra token on assumed request line => ERR INVALID-ARGUMENT. Then it gets a bit complicated for "invalid" spellings: * upsd.users may define a pass"word (one unescaped quote in the middle) but upsmon.conf must have it properly quoted and escaped as "pass\"word" (otherwise it is a very long token I guess, and the MONITOR role is defaulted as a secondary since the requested primary role is not parsed as such). * upsd.users may define a "pass"word" (three unescaped quotes) but effectively the token is cut at the second quote, rest being ignored for this line - so upsmon.conf must use it as "pass". Similar effects are in place for `upsd.users` entries without an upsmon role - quotes around work, unescaped quotes in the middle like pass"word do not, escaped quotes in the middle do work, spaces cause ERR PASSWORD-REQUIRED. So passwords with spaces may be a problem, but otherwise everything seems correct and predictable ;) Hope this helps, Jim Klimov On Thu, Dec 29, 2022 at 9:11 PM Roger Price <[email protected]> wrote: > On Thu, 29 Dec 2022, Jim Klimov via Nut-upsuser wrote: > > > > Ah, dropping the ""s seems to have resolved it. > > > > I think parser should ignore quotes (not take them as content - > > just treat the insides as one token) unless escaped, in both config file > contexts. > > Surely if the password is say "!@#"!@*&" then all 10 characters are part > of the > password. It is not for NUT to guess. > Roger_______________________________________________ > Nut-upsuser mailing list > [email protected] > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/nut-upsuser >
_______________________________________________ Nut-upsuser mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/nut-upsuser
