one
one copied to clipboard
OpenNebula
Restic passwords: remove quotes and sanitize
Description
Follow back to #6571.
Restic datastores store the hashed password including the quotes it had in the template file (either double or single ones). We should remove them before storing the password and sanitize the value itself to avoid needing to do it later (for example in backup creation or restore).
To Reproduce
Create a restic datastore with RESTIC_PASSWORD=abc123$# with both types of quote and without them, and compare the three resulting hashes.
Expected behavior
Hash should be the same in the three cases.
Details
- Affected Component: Storage/Backups
- Hypervisor: KVM
- Version: 6.8.3
Additional context
$ cat restic1.txt
NAME="restic-test"
TYPE="BACKUP_DS"
DS_MAD="restic"
TM_MAD="-"
RESTIC_PASSWORD="abc123$#"
RESTIC_SFTP_SERVER="192.168.150.1"\
$ cat restic2.txt
(SAME AS restic1.txt EXCEPT)
RESTIC_PASSWORD='abc123$#'
$ cat restic3.txt
(SAME AS restic1.txt EXCEPT)
RESTIC_PASSWORD=abc123$#'
$ onedatastore create restic1.txt
ID: 119
# (same with restic2/restic3)
$ onedatastore list --no-expand | grep restic-tes
119 restic-tes 83.2G 84% 0 1 bck restic - on
$ onedatastore show -x 119 | grep RESTIC_PASSWORD
<RESTIC_PASSWORD>HASH1</RESTIC_PASSWORD>\
$ onedatastore show -x 120 | grep RESTIC_PASSWORD
<RESTIC_PASSWORD>HASH2</RESTIC_PASSWORD>
$ onedatastore show -x 121 | grep RESTIC_PASSWORD
<RESTIC_PASSWORD>HASH3</RESTIC_PASSWORD>
Progress Status
- [ ] Code committed
- [ ] Testing - QA
- [ ] Documentation (Release notes - resolved issues, compatibility, known issues)
