You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by "Pavan-Nambi (via GitHub)" <gi...@apache.org> on 2023/01/26 07:17:55 UTC
[GitHub] [cloudstack] Pavan-Nambi opened a new pull request, #7134: feat:password-complexity(adding special characters)
Pavan-Nambi opened a new pull request, #7134:
URL: https://github.com/apache/cloudstack/pull/7134
### Description
This PR is made regarding
<!--- Describe your changes in DETAIL - And how has behaviour functionally changed. -->
issue: https://github.com/apache/cloudstack/issues/6861#issue-1431841155
added configkey and updated `generateRandomPassword()`
<!-- For new features, provide link to FS, dev ML discussion etc. -->
<!-- In case of bug fix, the expected and actual behaviours, steps to reproduce. -->
<!-- When "Fixes: #<id>" is specified, the issue/PR will automatically be closed when this PR gets merged -->
<!-- For addressing multiple issues/PRs, use multiple "Fixes: #<id>" -->
<!-- Fixes: # -->
<!--- ********************************************************************************* -->
<!--- NOTE: AUTOMATATION USES THE DESCRIPTIONS TO SET LABELS AND PRODUCE DOCUMENTATION. -->
<!--- PLEASE PUT AN 'X' in only **ONE** box -->
<!--- ********************************************************************************* -->
### Types of changes
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] Enhancement (improves an existing feature and functionality)
- [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
### Feature/Enhancement Scale or Bug Severity
#### Feature/Enhancement Scale
- [ ] Major
- [ ] Minor
#### Bug Severity
- [ ] BLOCKER
- [ ] Critical
- [ ] Major
- [ ] Minor
- [ ] Trivial
### Screenshots (if appropriate):
### How Has This Been Tested?
<!-- Please describe in detail how you tested your changes. -->
<!-- Include details of your testing environment, and the tests you ran to -->
<!-- see how your change affects other areas of the code, etc. -->
unable to build
os:windows (wsl ubuntu)
<!-- Please read the [CONTRIBUTING](https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md) document -->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GutoVeronezi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "GutoVeronezi (via GitHub)" <gi...@apache.org>.
GutoVeronezi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1090542018
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -810,7 +810,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
protected StateMachine2<State, VirtualMachine.Event, VirtualMachine> _stateMachine;
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6", "Specifies the length of a randomly generated password", false);
- static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])", "Specifies the pattern for generated password", false);
+ static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", ".*", "Specifies the pattern for generated password", true);
Review Comment:
@DaanHoogland, the point of suggesting value `.*` was to keep the current behavior easily; however, it can be achieved with other approaches, like handling an empty pattern.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "GutoVeronezi (via GitHub)" <gi...@apache.org>.
GutoVeronezi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1745674462
> @GutoVeronezi @JoaoJandre , the last time @Pavan-Nambi returned to this was in January. Will this be harmful or can it be improved by some small changes and merged? cc @shwstppr
@DaanHoogland I think the approach used here could cause some problems, especially the possible infinite loop that can be caused by the following block:
```java
while (!pswd.matches(passwordComplexity)) {
pswd= PasswordGenerator.generateRandomPassword(passwordLength);
}
```
I agree with @JoaoJandre on his comment https://github.com/apache/cloudstack/issues/6861#issuecomment-1419337976. However, if we go with the feature, we should guide @Pavan-Nambi (if they are willing to do it) on a better approach for addressing the use case.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1087830360
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,12 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
Review Comment:
oh nvm i got it sorry for the mess
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1746742250
hey, sorry for the delay, i will look into this in few days or this weekend. i got into gsoc work and forgot about this. sorry.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1087821608
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,12 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
Review Comment:
so here i have to make a nested class here..?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "codecov[bot] (via GitHub)" <gi...@apache.org>.
codecov[bot] commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1744649802
## [Codecov](https://app.codecov.io/gh/apache/cloudstack/pull/7134?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report
> Merging [#7134](https://app.codecov.io/gh/apache/cloudstack/pull/7134?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (16092cb) into [main](https://app.codecov.io/gh/apache/cloudstack/commit/4d41b6bc4453bb823f98cecb42b6bde00d7d8cf5?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (4d41b6b) will **decrease** coverage by `1.71%`.
> Report is 840 commits behind head on main.
> The diff coverage is `n/a`.
```diff
@@ Coverage Diff @@
## main #7134 +/- ##
============================================
- Coverage 6.56% 4.86% -1.71%
============================================
Files 4361 342 -4019
Lines 370925 25689 -345236
Branches 47614 4418 -43196
============================================
- Hits 24360 1250 -23110
+ Misses 343630 24305 -319325
+ Partials 2935 134 -2801
```
| [Flag](https://app.codecov.io/gh/apache/cloudstack/pull/7134/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | Coverage Δ | |
|---|---|---|
| [uitests](https://app.codecov.io/gh/apache/cloudstack/pull/7134/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | `4.86% <ø> (?)` | |
Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#carryforward-flags-in-the-pull-request-comment) to find out more.
[see 4700 files with indirect coverage changes](https://app.codecov.io/gh/apache/cloudstack/pull/7134/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
:mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1750559091
@Pavan-Nambi , both the examples of libraries you mention are distributed under the apache2 license, so you can safely incorporate them. If you isolate the calls to the library in a single module (i.e. proxy the library) there should be no problem. You are shifting a maintenance burden away from us and guaranteeing a higher adherence to industry standards.
As you have taken the lead on this, your choince is best unless, ... rather then have everybody's way ;)
As these are apache licensed you may also decide to copy design or even parts of the code as long as you leave good references to the origin. I can imagin you want just part of the functionality or a simplified version of it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1087821608
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,12 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
Review Comment:
so i have to make a nested class here..? and define a `generateRandomPassword` method there and call it from this one?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1088946912
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -810,7 +810,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
protected StateMachine2<State, VirtualMachine.Event, VirtualMachine> _stateMachine;
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6", "Specifies the length of a randomly generated password", false);
- static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])", "Specifies the pattern for generated password", false);
+ static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", ".*", "Specifies the pattern for generated password", true);
Review Comment:
sorry if i am wrong but if you are referring to passwordgenerator.java file i have added code to add special characters too
and the reasoni used .* is
in above conversation this was told so
@Pavan-Nambi, to keep compatibility with the current behavior (accept any password generated), the default value should be .*; then, one should change the configuration via API/UI according to the necessity.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland closed pull request #7134: password-complexity(adding special characters)
URL: https://github.com/apache/cloudstack/pull/7134
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #7134: password-complexity(adding special characters)
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404881469
before running
```
mvn -P developer -pl developer -Ddeploydb
```
did you run
```
mvn clean install -D simulator -Pdeveloper
```
Also you say you installed from a packages dir, but you should clone the repository and do the build command above first.
> > btw, this question would be an exelent example to put on the dev list ;)
>
> what is dev list...?sweat_smile
this one:
> For generic questions the [maillist](mailto:dev@cloudstack.apache.org) is best.
mailto:dev@cloudstack.apache.org
> and these are the two ways i followed from development 101 in docs [one for linux setting up env](https://cwiki.apache.org/confluence/display/CLOUDSTACK/Setting+up+CloudStack+Development+Environment+on+Linux) and another [for build cloudstack](https://cwiki.apache.org/confluence/display/CLOUDSTACK/How+to+build+CloudStack#HowtobuildCloudStack-Dependencies) in this the links pointing out in dependencies are not leading me anywhere
>
You can forget about the dependencies for now. later if you want to support these you can include them. For this feature they are not needed.
> and there was no step saying i have to manually download dependencies like [cloudutils](https://github.com/apache/cloudstack/packages/55879) and [cloudserver](https://github.com/apache/cloudstack/packages/55882) i am not sure if this is how it was intended to be or diff saying here for reference... if its not how it should be i am willing to help/try to change it a bit ig
this is not true, I wonder where you read that. These packages are part of the project and should be build with the command above. i.e. `mvn clean install -D simulator -Pdeveloper`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] JoaoJandre commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "JoaoJandre (via GitHub)" <gi...@apache.org>.
JoaoJandre commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1091030700
##########
utils/src/main/java/com/cloud/utils/PasswordGenerator.java:
##########
@@ -41,6 +41,8 @@ public class PasswordGenerator {
static private char[] alphaNumeric = new char[] {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y',
'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '2', '3', '4', '5', '6', '7', '8', '9'};
+ static private char[] symbols = new char[] {'!', '#', '@', '(', '%', '^', '&', '*', '$', ')', '-', '_', '+', '=', '{', '}', '[', ']', '|', '\\', ':', ';', '"', '\'', '<', '>', '.', '?'};
Review Comment:
You could make this variable protected, and use it in your `containsSpecialChar` test in the `PasswordGeneratorTest` class, this way you don't need to create a new string with all these symbols.
Furthermore if any new special symbol is added here, the test will cover it automatically as well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1088801971
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,12 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
Review Comment:
hey @GutoVeronezi can you check the changed files?
thankyou
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1087821608
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,12 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
Review Comment:
so i have to make a nested class here..? and define a `generateRandomPassword` method there and call it from this one?
sorry if thts wrong qstn to ask i will try and update
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] JoaoJandre commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "JoaoJandre (via GitHub)" <gi...@apache.org>.
JoaoJandre commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1100403927
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,13 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ final String passwordComplexity = "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])"
Review Comment:
You should use the configuration that you created to set the password complexity, instead of a hard-coding it.
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,13 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ final String passwordComplexity = "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])"
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
+ while (!pswd.matches(passwordComplexity)) {
+ pswd= PasswordGenerator.generateRandomPassword(passwordLength);
+ }
Review Comment:
You should refactor the PasswordGenerator.generateRandomPassword() method so that it always generates a password based on a configured regex, otherwise, we do not know how many times will this run. Depending on the configured regex, this might run forever (if you create a regex that requires two special symbols, this loop will run forever).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "shwstppr (via GitHub)" <gi...@apache.org>.
shwstppr commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1744625517
@Pavan-Nambi can you please address outstanding review comments?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1744838633
@Pavan-Nambi there are build errors in the github actions. Can you have a look?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1344018136
##########
utils/src/test/java/com/cloud/utils/PasswordGeneratorTest.java:
##########
@@ -62,4 +63,13 @@ private boolean containsDigit(String password) {
}
return false;
}
+ private boolean containsSpecialChar(String password) {
Review Comment:
```suggestion
private boolean containsSpecialChar(String password) {
```
##########
utils/src/test/java/com/cloud/utils/PasswordGeneratorTest.java:
##########
@@ -62,4 +63,13 @@ private boolean containsDigit(String password) {
}
return false;
}
+ private boolean containsSpecialChar(String password) {
+ String symbols = new String(passwordgenerator.symbols);
Review Comment:
```suggestion
String symbols = new String(PasswordGenerator.symbols);
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GutoVeronezi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "GutoVeronezi (via GitHub)" <gi...@apache.org>.
GutoVeronezi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1087772093
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -810,6 +810,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
protected StateMachine2<State, VirtualMachine.Event, VirtualMachine> _stateMachine;
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6", "Specifies the length of a randomly generated password", false);
+ static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])", "Specifies the pattern for generated password", false);
Review Comment:
@Pavan-Nambi, to keep compatibility with the current behavior (accept any password generated), the default value should be `.*`; then, one should change the configuration via API/UI according to the necessity.
Also, the last parameter of this constructor refers to the dynamism of the configuration. If `false`, it means when we change the configuration, we should restart the management server in order to load the new value; if `true`, it means the next time the configuration is used it will be reloaded. For this case, I do not think it is necessary to restart the management server; then, it could be `true`.
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,12 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
Review Comment:
Currently `PasswordGenerator` is only working with alpha numeric characters; therefore, to meet the need you presented, this class should be extended to work with other symbols.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on pull request #7134: feat:password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404637813
hello,
I am not sure if this is the appropriate way to ask this, if not Can you please direct me to the correct channel for assistance?
I have changed code... but when i am trying to build here are the issues i faced
and then when i tried to check dependency tree it showed i have `Apache CloudStack Utils jar`
and i reffered for documentation [here](https://cwiki.apache.org/confluence/display/CLOUDSTACK/How+to+build+CloudStack#HowtobuildCloudStack-Dependencies)
I wasn't able to access an y links provided there
thankyou!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404839904
and these are the two ways i followed from development 101
[one for linux setting up env](https://cwiki.apache.org/confluence/display/CLOUDSTACK/Setting+up+CloudStack+Development+Environment+on+Linux)
[for build cloudstack](https://cwiki.apache.org/confluence/display/CLOUDSTACK/How+to+build+CloudStack#HowtobuildCloudStack-Dependencies) in this the links pointing out in dependencies are not leading me anywhere
and there was no step saying i have to manually download dependencies like [cloudutils](https://github.com/apache/cloudstack/packages/55879) and [cloudserver](https://github.com/apache/cloudstack/packages/55882) i am not sure if this is how it was intended to be or diff saying here for reference... or if it should be changed i am willing to if i can..
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1822695909
hey, I am sorry but things got busy for me and i don't think I can dedicate time in making a new library for regex(as of now) and i don't want to keep this open without updating for long , it's already been way too long.
sorry some personal and work stuff got in.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404919212
this is the series of commands i have followed as per [docs](https://cwiki.apache.org/confluence/display/CLOUDSTACK/Setting+up+CloudStack+Development+Environment+on+Linux)
```
mvn clean
mvn clean install -P developer,systemvm
mvn -P developer -pl developer -Ddeploydb
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404826910
platform : `windows 10 wsl ubuntu`
maven version : inside wsl : `Apache Maven 3.6.3` ,,, inside windows : Apache Maven 3.8.7
javac version : inside wsl : `javac 11.0.17` ,,,, inside windows : javac 19.0.2
all commands r done in wsl
## Command : mvn -P developer -pl developer -Ddeploydb
## Error :
```
[ERROR] Failed to execute goal on project cloud-developer: Could not resolve dependencies for project org.apache.cloudstack:cloud-developer:pom:4.18.0.0-SNAPSHOT: Failure to find org.apache.cloudstack:cloud-server:jar:4.18.0.0-SNAPSHOT in https://repo.jenkins-ci.org/public/ was cached in the local repository, resolution will not be reattempted until the update interval of repo.jenkins-ci.org.public has elapsed or updates are forced -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
```
## in .m2/repo i have cloudserver i am not sure why i got that error i have tried downloading it again and reinstalling
### version i installed is 14.13.0.0 from [here](https://github.com/apache/cloudstack/packages/55882)
### error :
```
pavan-nambi@Pavan-nambi:~/.m2/repository/org/apache/cloudstack$ ls
checkstyle cloud-plugin-hypervisor-ucs
cloud-agent cloud-plugin-hypervisor-xenserver
cloud-api cloud-plugin-integrations-cloudian-connector
cloud-apidoc cloud-plugin-integrations-kubernetes-service
cloud-client-ui cloud-plugin-integrations-prometheus-exporter
cloud-console-proxy cloud-plugin-metrics
cloud-controller-secondary-storage cloud-plugin-network-bigswitch
cloud-core cloud-plugin-network-contrail
cloud-devcloud-kvm cloud-plugin-network-elb
cloud-devcloud4 cloud-plugin-network-globodns
cloud-developer cloud-plugin-network-internallb
cloud-engine cloud-plugin-network-netscaler
cloud-engine-api cloud-plugin-network-nvp
cloud-engine-components-api cloud-plugin-network-opendaylight
cloud-engine-network cloud-plugin-network-ovs
cloud-engine-orchestration cloud-plugin-network-palo-alto
cloud-engine-schema cloud-plugin-network-ssp
cloud-engine-service cloud-plugin-network-vcs
cloud-engine-storage cloud-plugin-network-vxlan
cloud-engine-storage-cache cloud-plugin-non-strict-host-affinity
cloud-engine-storage-configdrive cloud-plugin-non-strict-host-anti-affinity
cloud-engine-storage-datamotion cloud-plugin-outofbandmanagement-driver-ipmitool
cloud-engine-storage-image cloud-plugin-outofbandmanagement-driver-nested-cloudstack
cloud-engine-storage-snapshot cloud-plugin-outofbandmanagement-driver-redfish
cloud-engine-storage-volume cloud-plugin-planner-implicit-dedication
cloud-framework-agent-lb cloud-plugin-planner-skip-heurestics
cloud-framework-ca cloud-plugin-planner-user-concentrated-pod
cloud-framework-cluster cloud-plugin-planner-user-dispersing
cloud-framework-config cloud-plugin-snmp-alerts
cloud-framework-db cloud-plugin-storage-allocator-random
cloud-framework-direct-download cloud-plugin-storage-image-default
cloud-framework-events cloud-plugin-storage-image-s3
cloud-framework-ipc cloud-plugin-storage-image-sample
cloud-framework-jobs cloud-plugin-storage-image-swift
cloud-framework-managed-context cloud-plugin-storage-volume-cloudbyte
cloud-framework-quota cloud-plugin-storage-volume-datera
cloud-framework-rest cloud-plugin-storage-volume-default
cloud-framework-security cloud-plugin-storage-volume-linstor
cloud-framework-spring-lifecycle cloud-plugin-storage-volume-nexenta
cloud-framework-spring-module cloud-plugin-storage-volume-sample
cloud-marvin cloud-plugin-storage-volume-scaleio
cloud-mom-inmemory cloud-plugin-storage-volume-solidfire
cloud-mom-kafka cloud-plugin-storage-volume-storpool
cloud-mom-rabbitmq cloud-plugin-syslog-alerts
cloud-plugin-acl-dynamic-role-based cloud-plugin-user-authenticator-ldap
cloud-plugin-acl-project-role-based cloud-plugin-user-authenticator-md5
cloud-plugin-acl-static-role-based cloud-plugin-user-authenticator-pbkdf2
cloud-plugin-api-discovery cloud-plugin-user-authenticator-plaintext
cloud-plugin-api-limit-account-based cloud-plugin-user-authenticator-saml2
cloud-plugin-api-solidfire-intg-test cloud-plugin-user-authenticator-sha256salted
cloud-plugin-backup-dummy cloud-quickcloud
cloud-plugin-backup-networker cloud-secondary-storage
cloud-plugin-ca-rootca cloud-server
cloud-plugin-database-quota cloud-systemvm
cloud-plugin-dedicated-resources cloud-testclient
cloud-plugin-example-dns-notifier cloud-tools
cloud-plugin-explicit-dedication cloud-usage
cloud-plugin-host-affinity cloud-utils
cloud-plugin-host-allocator-random cloudstack
cloud-plugin-host-anti-affinity cloudstack-framework
cloud-plugin-hypervisor-baremetal cloudstack-plugins
cloud-plugin-hypervisor-hyperv cloudstack-service-console-proxy
cloud-plugin-hypervisor-kvm cloudstack-service-secondary-storage
cloud-plugin-hypervisor-ovm cloudstack-services
cloud-plugin-hypervisor-ovm3
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1091430837
##########
utils/src/main/java/com/cloud/utils/PasswordGenerator.java:
##########
@@ -41,6 +41,8 @@ public class PasswordGenerator {
static private char[] alphaNumeric = new char[] {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y',
'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '2', '3', '4', '5', '6', '7', '8', '9'};
+ static private char[] symbols = new char[] {'!', '#', '@', '(', '%', '^', '&', '*', '$', ')', '-', '_', '+', '=', '{', '}', '[', ']', '|', '\\', ':', ';', '"', '\'', '<', '>', '.', '?'};
Review Comment:
ok
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1746302533
> I agree with @JoaoJandre on his comment [#6861 (comment)](https://github.com/apache/cloudstack/issues/6861#issuecomment-1419337976). However, if we go with the feature, we should guide @Pavan-Nambi (if they are willing to do it) on a better approach for addressing the use case.
ok, removing it from the 4.19 milestone for now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi closed pull request #7134: password-complexity(adding special characters)
URL: https://github.com/apache/cloudstack/pull/7134
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404925645
> this is not true, I wonder where you read that. These packages are part of the project and should be build with the command above. i.e. `mvn clean install -D simulator -Pdeveloper`
ohh for `cloud-utils` when i got error i manually downloaded them .. then i didn't got error.. so that is the reason i asked idk if i did something wrong but i manually downloaded both `cloud-utils and cloud-server ` when i got the error in my first message...(the one i sent images ...)
eitherway i am retrying with the command you provided :)
thankyou!
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1087818075
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -810,6 +810,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
protected StateMachine2<State, VirtualMachine.Event, VirtualMachine> _stateMachine;
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6", "Specifies the length of a randomly generated password", false);
+ static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])", "Specifies the pattern for generated password", false);
Review Comment:
ok will do
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] boring-cyborg[bot] commented on pull request #7134: feat:password-complexity(adding special characters)
Posted by boring-cyborg.
boring-cyborg[bot] commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404633759
Congratulations on your first Pull Request and welcome to the Apache CloudStack community! If you have any issues or are unsure about any anything please check our Contribution Guide (https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md)
Here are some useful points:
- In case of a new feature add useful documentation (raise doc PR at https://github.com/apache/cloudstack-documentation)
- Be patient and persistent. It might take some time to get a review or get the final approval from the committers.
- Pay attention to the quality of your code, ensure tests are passing and your PR doesn't have conflicts.
- Please follow [ASF Code of Conduct](https://github.com/apache/.github/blob/main/.github/CODE_OF_CONDUCT.md) for all communication including (but not limited to) comments on Pull Requests, Issues, Mailing list and Slack.
- Be sure to read the [CloudStack Coding Conventions](https://cwiki.apache.org/confluence/display/CLOUDSTACK/Coding+conventions).
Apache CloudStack is a community-driven project and together we are making it better 🚀.
In case of doubts contact the developers at:
Mailing List: dev@cloudstack.apache.org (https://cloudstack.apache.org/mailing-lists.html)
Slack: https://apachecloudstack.slack.com/
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #7134: password-complexity(adding special characters)
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404698798
@Pavan-Nambi for specific question it is all right to ask in an issue or PR related to the question. For generic questions the [maillist](mailto:dev@cloudstack.apache.org) is best.
As to your question;
- what platform are you on?
- what version of maven do you use?
- what version of javac do you use?
- what is the cmd line you issued?
- and what ever info you think might be relevant...
The cloudstack-util jar should be in your .m2/repository tree.
Also can you please paste text rather than images?
btw, this question would be an exelent example to put on the dev list ;)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1404827624
> btw, this question would be an exelent example to put on the dev list ;)
what is dev list...?😅
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1744871393
@GutoVeronezi @JoaoJandre , the last time @Pavan-Nambi returned to this was in January. Will this be harmful or can it be improved by some small changes and merged?
cc @shwstppr
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1746894527
np @Pavan-Nambi , just ping us when you need help or are done
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "kiranchavala (via GitHub)" <gi...@apache.org>.
kiranchavala commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1746752617
@Pavan-Nambi thanks for looking into it would be great , if vm password can be also customized based on these user password global settings
<img width="1115" alt="270932832-5b9cd041-3b3a-449c-8ee3-51d6f6c2851a" src="https://github.com/apache/cloudstack/assets/1401014/0ad13d2a-f90c-4c6e-9e49-e92235ee1ed8">
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
Re: [PR] password-complexity(adding special characters) [cloudstack]
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#issuecomment-1750104007
> > @GutoVeronezi @JoaoJandre , the last time @Pavan-Nambi returned to this was in January. Will this be harmful or can it be improved by some small changes and merged? cc @shwstppr
>
> @DaanHoogland I think the approach used here could cause some problems, especially the possible infinite loop that can be caused by the following block:
>
> ```java
> while (!pswd.matches(passwordComplexity)) {
> pswd= PasswordGenerator.generateRandomPassword(passwordLength);
> }
> ```
>
> I agree with @JoaoJandre on his comment [#6861 (comment)](https://github.com/apache/cloudstack/issues/6861#issuecomment-1419337976). However, if we go with the feature, we should guide @Pavan-Nambi (if they are willing to do it) on a better approach for addressing the use case.
hey can someone tell me if i am thinking this correctly?
as this gonna result in infinite loop , we have to dynamically generate password based on regex given by user through parsing it or something
which i tired but it ends up failing whenever regex gets bit complex and as regex can get really complex i am not sure how to proceed here
on same note i found some already existing java libraries [RgXGen](https://github.com/curious-odd-man/RgxGen) and [generex](https://github.com/mifmif/Generex)
which does same but i guess this does for bit more complex passwords too. but again i am not sure if its worth it to add a new library here for this.
or if there is a better way to do this , please let me know
thankyou
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1090632981
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -810,7 +810,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
protected StateMachine2<State, VirtualMachine.Event, VirtualMachine> _stateMachine;
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6", "Specifies the length of a randomly generated password", false);
- static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])", "Specifies the pattern for generated password", false);
+ static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", ".*", "Specifies the pattern for generated password", true);
Review Comment:
Ah, right, thanks @GutoVeronezi . This looks to me that any password would be allowed. If we leave it at this this behaviour should be well documented.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] JoaoJandre commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "JoaoJandre (via GitHub)" <gi...@apache.org>.
JoaoJandre commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1091030700
##########
utils/src/main/java/com/cloud/utils/PasswordGenerator.java:
##########
@@ -41,6 +41,8 @@ public class PasswordGenerator {
static private char[] alphaNumeric = new char[] {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y',
'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'j', 'k', 'm', 'n', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '2', '3', '4', '5', '6', '7', '8', '9'};
+ static private char[] symbols = new char[] {'!', '#', '@', '(', '%', '^', '&', '*', '$', ')', '-', '_', '+', '=', '{', '}', '[', ']', '|', '\\', ':', ';', '"', '\'', '<', '>', '.', '?'};
Review Comment:
You could make this variable protected, and use it in your `containsSpecialChar` test in the ´PasswordGeneratorTest´ class, this way you don't need to create a new string with all these symbols.
Furthermore if any new special symbol is added here, the test will cover it automatically as well.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "DaanHoogland (via GitHub)" <gi...@apache.org>.
DaanHoogland commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1088840762
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -810,7 +810,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
protected StateMachine2<State, VirtualMachine.Event, VirtualMachine> _stateMachine;
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6", "Specifies the length of a randomly generated password", false);
- static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])", "Specifies the pattern for generated password", false);
Review Comment:
we could add the more complex regex to the docstring as example
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -810,7 +810,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
protected StateMachine2<State, VirtualMachine.Event, VirtualMachine> _stateMachine;
static final ConfigKey<Integer> vmPasswordLength = new ConfigKey<Integer>("Advanced", Integer.class, "vm.password.length", "6", "Specifies the length of a randomly generated password", false);
- static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", "^(?=.{6,})(?=.*[A-Z])(?=.*[a-z])(?=.*[@#%&^~.,!,?,:,;])", "Specifies the pattern for generated password", false);
+ static final ConfigKey<String> vmPasswordComplexity = new ConfigKey<String>("Advanced", String.class, "vm.password.complexity", ".*", "Specifies the pattern for generated password", true);
Review Comment:
.* is possibly more complex and possibly simpler than what is generated, this is ok though. the generated one is 6 chars with at least lower case, upper case and numeral.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] Pavan-Nambi commented on a diff in pull request #7134: password-complexity(adding special characters)
Posted by "Pavan-Nambi (via GitHub)" <gi...@apache.org>.
Pavan-Nambi commented on code in PR #7134:
URL: https://github.com/apache/cloudstack/pull/7134#discussion_r1088809071
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -1095,7 +1096,12 @@ protected Map<String, String> getConfigs() {
@Override
public String generateRandomPassword() {
final Integer passwordLength = vmPasswordLength.value();
- return PasswordGenerator.generateRandomPassword(passwordLength);
+ String pswd= PasswordGenerator.generateRandomPassword(passwordLength);
Review Comment:
i should have used regex.Pattern and regex.Matcher ? or this works? in other files i saw Pattern and Matcher being used so should i change it to like that for consistency?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org