pytest-testinfra icon indicating copy to clipboard operation
pytest-testinfra copied to clipboard
verified publisher icon pytest-dev

winrm sessions failing with complex passwords.

Open arnav-bnrj opened this issue 4 years ago • 3 comments

Firstly, apologies if this is not the correct way to do this. I am new to GitHub and haven't contributed to anything before. The code section concerned: https://github.com/pytest-dev/pytest-testinfra/blob/d40f6efff10a24c5f887dfb0caab390ef590e1a4/testinfra/backend/base.py#L208

Since it is hard-coded to look for '@' character in the host value if you were to enter a host with password: Abc@123@cdf, it fails to identify the password. Let me know if I need to provide more info on this.

Regards.

arnav-bnrj avatar Jan 22 '21 20:01 arnav-bnrj

Update: I corrected the problem by making changes to base.py file: Previously:

if '@' in name:
           user, name = name.split('@', 1)
           if ':' in user:
               user, password = user.split(':', 1)

My modification:

if '@' in name:
            user, name = name.rsplit('@', 1)
            if ':' in user:
                user, password = user.split(':', 1)

Reason: the structure is supposed to be user:password@host -- rightmost is hostname string in the list is the hostname.
Let me know if this sounds fair, although, it worked for me.

arnav-bnrj avatar Jan 22 '21 21:01 arnav-bnrj

Hi, indeed this is problematic (also with the : char). I think the correct way to handle this is to url encode these characters, and properly parse "$user:$pass@host" string with https://docs.python.org/3/library/urllib.parse.html

However I'm fine with your suggestion until someone (or I) have time to code the proper fix.

philpep avatar Jan 24 '21 22:01 philpep

Hi @philpep ,

Thanks for the quick response. I can see your approach, too. As for ":", this is quite an interesting piece as I don't expect a problem with it. This is where rsplit and split work. Assuming: username: "alpha" and password: "bet@:". The structure becomes alpha:bet@:@hostname. So, rsplit splitting from right, gets "alpha:bet@:". Then when split is applied it does split from left, as long as a username doesn't have ":", it won't split the password. And I think ":" and "@" are not allowed in the username for any system. This is possibly the quickest fix. But I expect problems with "" unless properly fixed in code. Just wanted to bring it to your attention so we can have a more awesome and improved tool! BTW, just to mention you guys are awesome! I needed to properly test it before using it in my company environment, so hopefully, I am helping the cause. :+1:

Regards, Arnav.

arnav-bnrj avatar Jan 25 '21 05:01 arnav-bnrj