Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not double encrypt a protected password dialog text field #18031

Merged
merged 1 commit into from
Sep 28, 2018
Merged

Do not double encrypt a protected password dialog text field #18031

merged 1 commit into from
Sep 28, 2018

Conversation

eclarizio
Copy link
Member

When passing in an already encrypted value to a protected field in some back end methods, there was an issue where it would encrypt it again. Whoops.

Related to https://bugzilla.redhat.com/show_bug.cgi?id=1602883

@miq-bot assign @gmcculloug

/cc @mkanoor

@eclarizio eclarizio changed the title Do not double encrypt a protected password field Do not double encrypt a protected password dialog text field Sep 27, 2018
@gmcculloug gmcculloug requested a review from lfu September 27, 2018 22:04
@mkanoor
Copy link
Contributor

mkanoor commented Sep 28, 2018

@lfu Please review this is needed for your BZ to prevent double encryption

gmcculloug
gmcculloug reviewed Sep 28, 2018
View reviewed changes
app/models/dialog_field_text_box.rb Outdated
@@ -31,7 +31,7 @@ def value_from_dialog_fields(dialog_values)

def automate_output_value
return nil if @value.nil?
return MiqPassword.encrypt(@value) if self.protected?
return MiqPassword.encrypt(@value) if self.protected? && value_is_not_already_encrypted?
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You should use MiqPassword.encrypted? instead of creating a new method. Also, we need to use MiqPassword methods so we are protected against the encrypted string format changing in the future.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh I didn't even realize this existed, nice. Will change.

@miq-bot
Copy link
Member

miq-bot commented Sep 28, 2018

Checked commit eclarizio@2496b78 with ruby 2.3.3, rubocop 0.52.1, haml-lint 0.20.0, and yamllint 1.10.0
2 files checked, 1 offense detected

app/models/dialog_field_text_box.rb

@lfu lfu mentioned this pull request Sep 28, 2018
Merged
@gmcculloug gmcculloug merged commit 27c9fe3 into ManageIQ:master Sep 28, 2018
@gmcculloug gmcculloug added this to the Sprint 96 Ending Oct 8, 2018 milestone Sep 28, 2018
@eclarizio eclarizio mentioned this pull request Sep 28, 2018
Merged
simaishi pushed a commit that referenced this pull request Oct 1, 2018
@gmcculloug @simaishi
Merge pull request #18031 from eclarizio/BZ1602883-Related
0a94e25 
Do not double encrypt a protected password dialog text field

(cherry picked from commit 27c9fe3)

https://bugzilla.redhat.com/show_bug.cgi?id=1602883
@simaishi
Copy link
Contributor

simaishi commented Oct 1, 2018

Hammer backport details:

$ git log -1
commit 0a94e25b14fd8534e45b32518d1e841a17ef44a4
Author: Greg McCullough <[email protected]>
Date:   Fri Sep 28 12:04:02 2018 -0400

    Merge pull request #18031 from eclarizio/BZ1602883-Related
    
    Do not double encrypt a protected password dialog text field
    
    (cherry picked from commit 27c9fe355f36d372ec30ccd0eb26495421db1aa8)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1602883

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gmcculloug gmcculloug gmcculloug left review comments

@mkanoor mkanoor mkanoor approved these changes

@lfu lfu Awaiting requested review from lfu

Assignees

@gmcculloug gmcculloug

Labels
bug hammer/backported
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@eclarizio @mkanoor @miq-bot @simaishi @gmcculloug