From 10f27e2ff218863e1edd4ce035fc3faee651b665 Mon Sep 17 00:00:00 2001 From: ishuah Date: Thu, 19 Oct 2017 14:36:12 +0300 Subject: [PATCH] allow trailing+leading whitespace for passwords - #1717 warn users when they enter passwords with leading/trailing whitespaces Updated config_test.go, removing deprecated test case and updated TestReveal --- fs/config.go | 10 +++++++--- fs/config_read_password.go | 3 +-- fs/config_test.go | 9 +++------ 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/fs/config.go b/fs/config.go index e559d56a6..952dbaa5b 100644 --- a/fs/config.go +++ b/fs/config.go @@ -551,11 +551,15 @@ func checkPassword(password string) (string, error) { if !utf8.ValidString(password) { return "", errors.New("password contains invalid utf8 characters") } - // Remove leading+trailing whitespace - password = strings.TrimSpace(password) + // Check for leading/trailing whitespace + trimmedPassword := strings.TrimSpace(password) + // Warn user if password has leading+trailing whitespace + if len(password) != len(trimmedPassword) { + fmt.Fprintln(os.Stderr, "Your password contains leading/trailing whitespace - in previous versions of rclone this was stripped") + } // Normalize to reduce weird variations. password = norm.NFKC.String(password) - if len(password) == 0 { + if len(password) == 0 || len(trimmedPassword) == 0 { return "", errors.New("no characters in password") } return password, nil diff --git a/fs/config_read_password.go b/fs/config_read_password.go index 08892cfb3..cc1eb609d 100644 --- a/fs/config_read_password.go +++ b/fs/config_read_password.go @@ -10,7 +10,6 @@ import ( "fmt" "log" "os" - "strings" "golang.org/x/crypto/ssh/terminal" ) @@ -22,5 +21,5 @@ func ReadPassword() string { if err != nil { log.Fatalf("Failed to read password: %v", err) } - return strings.TrimSpace(string(line)) + return string(line) } diff --git a/fs/config_test.go b/fs/config_test.go index 4008fa8ad..44a20f548 100644 --- a/fs/config_test.go +++ b/fs/config_test.go @@ -107,9 +107,9 @@ func TestReveal(t *testing.T) { in string wantErr string }{ - {"YmJiYmJiYmJiYmJiYmJiYp*gcEWbAw", "base64 decode failed: illegal base64 data at input byte 22"}, - {"aGVsbG8", "input too short"}, - {"", "input too short"}, + {"YmJiYmJiYmJiYmJiYmJiYp*gcEWbAw", "base64 decode failed when revealing password - is it obscured?: illegal base64 data at input byte 22"}, + {"aGVsbG8", "input too short when revealing password - is it obscured?"}, + {"", "input too short when revealing password - is it obscured?"}, } { gotString, gotErr := Reveal(test.in) assert.Equal(t, "", gotString) @@ -203,9 +203,6 @@ func TestPassword(t *testing.T) { // Simple check of wrong passwords hashedKeyCompare(t, "mis", "match", false) - // Check that passwords match with trimmed whitespace - hashedKeyCompare(t, " abcdef \t", "abcdef", true) - // Check that passwords match after unicode normalization hashedKeyCompare(t, "ff\u0041\u030A", "ffÅ", true)