#4866 closed defect (fixed)
Bug when handling slashes in DB passwords
| Reported by: | Owned by: | Matthew Good | |
|---|---|---|---|
| Priority: | low | Milestone: | 0.10.4 |
| Component: | admin/console | Version: | 0.10.3 |
| Severity: | normal | Keywords: | _parse_db_string documentation |
| Cc: | Branch: | ||
| Release Notes: | |||
| API Changes: | |||
| Internal Changes: | |||
Description
When trying to initialize a new Trac environment with trac-admin and a password containing slashes ('/'), then trac.db.api._parse_db_str(db_str) parses the password up to the first slash as the DB port, which in turn generates a parse error like in the following example (where the DB password starts with "1X2/").
If this is not recognized as a bug but as poor password selection, then this password constraint should at least be mentioned in the Trac install guide.
Creating and Initializing Project
Failed to create environment. invalid literal for int(): 1X2
Traceback (most recent call last):
File "/projects/skillmap/usr/trac-0.10.3/lib/python2.4/site-packages/trac/scripts/admin.py", line 613, in do_initenv
options=options)
File "/projects/skillmap/usr/trac-0.10.3/lib/python2.4/site-packages/trac/env.py", line 124, in __init__
self.create(options)
File "/projects/skillmap/usr/trac-0.10.3/lib/python2.4/site-packages/trac/env.py", line 229, in create
DatabaseManager(self).init_db()
File "/projects/skillmap/usr/trac-0.10.3/lib/python2.4/site-packages/trac/db/api.py", line 68, in init_db
connector, args = self._get_connector()
File "/projects/skillmap/usr/trac-0.10.3/lib/python2.4/site-packages/trac/db/api.py", line 84, in _get_connector
scheme, args = _parse_db_str(self.connection_uri)
File "/projects/skillmap/usr/trac-0.10.3/lib/python2.4/site-packages/trac/db/api.py", line 146, in _parse_db_str
port = int(port)
ValueError: invalid literal for int(): 1X2
Failed to initialize environment. 1
Traceback (most recent call last):
File "/projects/skillmap/usr/trac-0.10.3/lib/python2.4/site-packages/trac/scripts/admin.py", line 617, in do_initenv
sys.exit(1)
SystemExit: 1
Attachments (0)
Change History (6)
comment:1 by , 18 years ago
| Keywords: | documentation added |
|---|---|
| Milestone: | → 0.10.4 |
comment:2 by , 18 years ago
| Milestone: | 0.10.4 → 0.12 |
|---|
As a second look, it seems possible to modify the parsing in order to accept such passwords.
This is not high prio though.
comment:3 by , 18 years ago
(and the current limitation is now documented in TracEnvironment#DatabaseConnectionStrings)
comment:4 by , 18 years ago
| Milestone: | 0.12 → 0.11 |
|---|---|
| Owner: | changed from to |
| Status: | new → assigned |
The URL spec requires ':', '@' or '/' in the username or password to be quoted. This is simple enough to fix.
Well, yes, given you can have multiple "/" later on, better keep the db: URLs parsing simple and explicitly mention this limitation in the doc.