From: rmccabe@sourceware.org <rmccabe@sourceware.org>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] conga/luci cluster/form-macros cluster/validat ...
Date: 9 Feb 2007 18:32:05 -0000 [thread overview]
Message-ID: <20070209183205.13080.qmail@sourceware.org> (raw)
CVSROOT: /cvs/cluster
Module name: conga
Branch: RHEL4
Changes by: rmccabe at sourceware.org 2007-02-09 18:32:04
Modified files:
luci/cluster : form-macros validate_fence.js
luci/homebase : form-macros homebase_common.js
validate_cluster_add.js
luci/site/luci/Extensions: homebase_adapters.py
Log message:
don't let passwords get into the server's html output
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/cluster/form-macros.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.176.2.6&r2=1.176.2.7
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/cluster/validate_fence.js.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.3&r2=1.3.2.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/homebase/form-macros.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.55&r2=1.55.2.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/homebase/homebase_common.js.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.16&r2=1.16.2.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/homebase/validate_cluster_add.js.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.7&r2=1.7.2.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/luci/site/luci/Extensions/homebase_adapters.py.diff?cvsroot=cluster&only_with_tag=RHEL4&r1=1.48&r2=1.48.2.1
--- conga/luci/cluster/form-macros 2007/02/08 15:59:20 1.176.2.6
+++ conga/luci/cluster/form-macros 2007/02/09 18:32:03 1.176.2.7
@@ -275,7 +275,8 @@
<ul class="vanilla">
<li class="vanilla">
<input name="check_certs" type="checkbox"
- tal:attributes="checked python: (add_cluster and add_cluster['check_certs']) and 'checked'" />
+ id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)" />
View system certificates before sending any passwords.
</li>
<li class="vanilla">
@@ -404,7 +405,7 @@
onChange="pwd0Change(this.form)"
autocomplete="off"
tal:attributes="
- value sys/passwd | nothing;
+ value nothing;
class python: 'hbInputPass' + ('errors' in sys and ' error' or '');
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum" />
@@ -1485,7 +1486,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1543,7 +1544,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1592,7 +1593,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1642,7 +1643,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
</table>
@@ -1691,7 +1692,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</table>
@@ -1739,7 +1740,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
</table>
@@ -1796,7 +1797,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1854,7 +1855,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -1903,7 +1904,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -2042,7 +2043,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
</table>
@@ -2100,7 +2101,7 @@
<input name="passwd" type="password" autocomplete="off"
tal:attributes="
disabled cur_fencedev/isShared | nothing;
- value cur_fencedev/passwd | nothing" />
+ value nothing" />
</td>
</tr>
</table>
@@ -2254,7 +2255,7 @@
<td>Password</td>
<td>
<input name="passwd" type="password" autocomplete="off"
- tal:attributes="value cur_fencedev/passwd | nothing" />
+ tal:attributes="value nothing" />
</td>
</tr>
<tr>
@@ -3567,7 +3568,8 @@
<ul class="vanilla">
<li class="vanilla">
<input name="check_certs" type="checkbox"
- tal:attributes="checked python: (add_cluster and add_cluster['check_certs']) and 'checked'" />
+ id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)" />
View system certificates before sending any passwords.
</li>
<li class="vanilla"
@@ -3608,7 +3610,7 @@
autocomplete="off"
onChange="pwd0Change(this.form)"
tal:attributes="
- value sys/passwd | nothing;
+ value nothing;
class python: 'hbInputPass' + ('errors' in sys and ' error' or '');
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum" />
--- conga/luci/cluster/validate_fence.js 2007/01/25 21:03:47 1.3
+++ conga/luci/cluster/validate_fence.js 2007/02/09 18:32:03 1.3.2.1
@@ -50,6 +50,14 @@
return (null);
}
+function validate_field_passwd(form_elem) {
+ if (form_elem.disabled) {
+ clr_form_err(form_elem);
+ return (null);
+ }
+ return validate_field_str(form_elem);
+}
+
/* Very loose checking for now -- just make sure it's not blank */
function validate_field_host(form_elem) {
return (validate_field_str(form_elem));
@@ -82,7 +90,7 @@
field_validator['ipaddr'] = validate_field_host;
field_validator['hostname'] = validate_field_host;
field_validator['login'] = validate_field_str;
-field_validator['passwd'] = validate_field_str;
+field_validator['passwd'] = validate_field_passwd;
field_validator['servers'] = validate_field_str;
field_validator['cserver'] = validate_field_str;
field_validator['device'] = validate_field_str;
--- conga/luci/homebase/form-macros 2007/01/29 20:43:29 1.55
+++ conga/luci/homebase/form-macros 2007/02/09 18:32:03 1.55.2.1
@@ -373,7 +373,7 @@
tal:attributes="
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum;
- value sys/passwd | nothing" />
+ value nothing" />
</td>
<td class="systemsTable">
<img
@@ -413,7 +413,10 @@
<tfoot class="systemsTable">
<tr class="systemsTable"><td colspan="2" class="systemsTable">
<ul class="vanilla">
- <li class="vanilla"><input name="check_certs" type="checkbox">View system certificates before sending any passwords.</li>
+ <li class="vanilla">
+ <input name="check_certs" id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)"
+ type="checkbox">View system certificates before sending any passwords.</li>
<li class="vanilla"
tal:attributes="id python: cur_sysnum < 2 and 'allSameDiv' or ''">
<input type="checkbox" name="allSameCheckBox"
@@ -666,7 +669,7 @@
tal:attributes="
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum;
- value sys/passwd | nothing" />
+ value nothing" />
</td>
<td class="systemsTable">
@@ -707,7 +710,10 @@
<tfoot class="systemsTable">
<tr class="systemsTable"><td colspan="2" class="systemsTable">
<ul class="vanilla">
- <li class="vanilla"><input name="check_certs" type="checkbox">View system certificates before sending any passwords.</li>
+ <li class="vanilla">
+ <input name="check_certs" id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)"
+ type="checkbox">View system certificates before sending any passwords.</li>
<li class="vanilla"
tal:attributes="id python: cur_sysnum < 2 and 'allSameDiv' or ''"><input type="checkbox" name="allSameCheckBox" id="allSameCheckBox" onClick="allPasswdsSame(this.form);"/>Check if storage system passwords are identical.</li>
</ul>
@@ -804,7 +810,8 @@
<ul class="vanilla">
<li class="vanilla">
<input name="check_certs" type="checkbox"
- tal:attributes="checked python: add_cluster['check_certs'] and 'checked'" />
+ id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)" />
View system certificates before sending any passwords.
</li>
<li class="vanilla" id="allSameDiv">
@@ -848,7 +855,7 @@
autocomplete="off"
onChange="pwd0Change(this.form)"
tal:attributes="
- value sys/passwd | nothing;
+ value nothing;
class python: 'hbInputPass' + ('errors' in sys and ' error' or '');
id python: '__SYSTEM%d:Passwd' % cur_sysnum;
name python: '__SYSTEM%d:Passwd' % cur_sysnum" />
@@ -956,8 +963,11 @@
tal:condition="cur_sys" />
<ul class="vanilla">
- <li class="vanilla"><input name="check_certs" type="checkbox">View system certificates before sending any passwords.</li>
- <li class="vanilla"><input type="checkbox" name="allSameCheckBox" id="allSameCheckBox" onClick="allPasswdsSame(this.form);"/>Authenticate to all cluster nodes using the password provided above.</li>
+ <li class="vanilla">
+ <input name="check_certs" id="view_certs"
+ onchange="view_certs_only(this.form, this.checked)"
+ type="checkbox">View system certificates before sending any passwords.
+ </li>
</ul>
</td></tr>
</tfoot>
@@ -976,7 +986,7 @@
autocomplete="off"
id="__SYSTEM0:Passwd" name="__SYSTEM0:Passwd"
tal:attributes="
- value cur_sys/passwd | nothing" />
+ value nothing" />
</td>
<tal:block tal:condition="cur_sys">
<td class="systemsTable">
--- conga/luci/homebase/homebase_common.js 2007/01/25 21:03:47 1.16
+++ conga/luci/homebase/homebase_common.js 2007/02/09 18:32:03 1.16.2.1
@@ -132,6 +132,26 @@
return (null);
}
+function view_certs_only(form, state) {
+ var num_systems = form.numStorage.value;
+ if (!form.numStorage)
+ return (-1);
+
+ if (state) {
+ var cb = document.getElementById('allSameCheckBox');
+ if (cb && cb.checked)
+ cb.checked = false;
+ }
+
+ for (var i = 0 ; i < num_systems ; i++) {
+ var passwd = document.getElementById('__SYSTEM' + i + ':Passwd');
+ if (passwd) {
+ passwd.value = "";
+ passwd.disabled = state;
+ }
+ }
+}
+
function allPasswdsSame(form) {
var cb = document.getElementById('allSameCheckBox');
if (!cb)
@@ -252,6 +272,12 @@
var added_storage = new Array();
var num_systems = form.numStorage.value;
+ var view_certs = document.getElementById('view_certs');
+ if (view_certs)
+ view_certs = view_certs.checked;
+ else
+ view_certs = false;
+
for (var i = 0 ; i < num_systems ; i++) {
var element = document.getElementById('__SYSTEM' + i + ':Addr');
@@ -260,18 +286,31 @@
element.disabled = false;
var pwdElem = document.getElementById('__SYSTEM' + i + ':Passwd');
- if (!element.value) {
- if (pwdElem.value) {
+ if (!element.value || str_is_blank(element.value)) {
+ if (pwdElem && pwdElem.value && !str_is_blank(pwdElem.value)) {
set_form_err(element);
- if (!allSameCB.checked) {
+ if (!allSameCB || !allSameCB.checked) {
errors.push('You entered a password, but no hostname for system ' + (i + 1));
clr_form_err(pwdElem);
} else
pwdElem.value = '';
}
- clr_form_err(pwdElem);
+ if (pwdElem)
+ clr_form_err(pwdElem);
+ continue;
+ }
+
+ if (view_certs) {
+ if (pwdElem) {
+ pwdElem.value = ' ';
+ pwdElem.disabled = false;
+ }
+ added_storage.push(element.value);
+ clr_form_err(element);
continue;
- } else if (!pwdElem || !pwdElem.value) {
+ }
+
+ if (!pwdElem || !pwdElem.value) {
errors.push('No password was given for \"' + element.value + '\"');
set_form_err(pwdElem);
} else if (str_is_blank(pwdElem.value)) {
--- conga/luci/homebase/validate_cluster_add.js 2007/01/29 16:56:50 1.7
+++ conga/luci/homebase/validate_cluster_add.js 2007/02/09 18:32:03 1.7.2.1
@@ -34,13 +34,17 @@
if (error_dialog(errors))
return (-1);
- var confirm_str = '';
- if (form.addnode)
- confirm_str = 'Add ' + (added_storage.length > 1 ? 'these nodes' : 'this node') + ' to the \"' + clusterName + '\" cluster?';
- else
- confirm_str = 'Add the cluster \"' + clusterName + '\" to the Luci management interface?';
+ var view_certs = document.getElementById('view_certs');
+ if (!view_certs || !view_certs.checked) {
+ var confirm_str = '';
+ if (form.addnode)
+ confirm_str = 'Add ' + (added_storage.length > 1 ? 'these nodes' : 'this node') + ' to the \"' + clusterName + '\" cluster?';
+ else
+ confirm_str = 'Add the cluster \"' + clusterName + '\" to the Luci management interface?';
- if (confirm(confirm_str))
+ if (confirm(confirm_str))
+ form.submit();
+ } else
form.submit();
return (0);
--- conga/luci/site/luci/Extensions/homebase_adapters.py 2007/01/29 23:30:00 1.48
+++ conga/luci/site/luci/Extensions/homebase_adapters.py 2007/02/09 18:32:04 1.48.2.1
@@ -156,7 +156,7 @@
if len(sysData) < 2 or not sysData[1]:
raise Exception, 'no password'
cur_pass = sysData[1]
- cur_entry['passwd'] = cur_pass
+ cur_entry['passwd'] = ''
except:
luci_log.debug_verbose('vACI1: %s no password given')
request.SESSION.set('add_cluster_initial', cur_entry)
@@ -338,7 +338,7 @@
for i in node_list:
cur_node = { 'host': i }
if same_node_passwds:
- cur_node['passwd'] = cur_pass
+ cur_node['passwd'] = ''
add_cluster['nodes'][i] = cur_node
request.SESSION.set('add_cluster', add_cluster)
request.response.redirect('/luci/homebase/index_html?pagetype=%s' % HOMEBASE_ADD_CLUSTER)
@@ -382,7 +382,7 @@
cur_passwd = None
else:
cur_passwd = sysData[1]
- cur_system['passwd'] = cur_passwd
+ cur_system['passwd'] = ''
try:
cur_fp = request.form['__SYSTEM%dFingerprint' % i].strip()
next reply other threads:[~2007-02-09 18:32 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-02-09 18:32 rmccabe [this message]
-- strict thread matches above, loose matches on Subject: below --
2007-08-24 22:01 [Cluster-devel] conga/luci cluster/form-macros cluster/validat rmccabe
2007-08-24 21:55 rmccabe
2007-08-24 18:42 rmccabe
2007-08-24 18:40 rmccabe
2007-08-09 4:37 rmccabe
2007-08-09 4:34 rmccabe
2007-02-24 7:02 rmccabe
2007-02-16 5:29 rmccabe
2007-02-16 5:26 rmccabe
2007-02-12 23:28 rmccabe
2007-02-12 23:26 rmccabe
2007-02-09 18:30 rmccabe
2007-02-08 3:43 rmccabe
2007-02-08 2:34 rmccabe
2007-02-01 23:48 rmccabe
2007-01-25 19:55 rmccabe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070209183205.13080.qmail@sourceware.org \
--to=rmccabe@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.