From 31c6fa3d10d1cf19971f5e14c455b55130d60582 Mon Sep 17 00:00:00 2001 From: Liviu Chircu Date: Thu, 11 Jul 2024 17:33:14 +0300 Subject: [PATCH] DB URLs: Allow some special chars in password: '@' and '/' In the opensips-cli.cfg config file, passwords may be given in both un-escaped and escaped forms, e.g. 'opensips@rw' or 'opensips%%40rw' (the double '%%' is needed to avoid a configparser error). For STDIN-given passwords, they may also be given both un-escaped and escaped, e.g. 'opensips@rw' or 'opensips%40rw'. --- opensipscli/db.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/opensipscli/db.py b/opensipscli/db.py index 67ea46d..81f1df6 100644 --- a/opensipscli/db.py +++ b/opensipscli/db.py @@ -119,6 +119,12 @@ class osdbAccessDeniedError(osdbError): pass class DBURL(object): + @staticmethod + def escape_pass(pwd): + for sym in ('@', '/'): # special symbols accepted in password + pwd = pwd.replace(sym, '%'+hex(ord('@'))[2:]) + return pwd + def __init__(self, url): arr = url.split('://') self.drivername = arr[0].strip() @@ -144,11 +150,11 @@ def __init__(self, url): arr = url.split('@') if len(arr) > 1: # handle user + password - upass = arr[0].strip().split(':') + upass = '@'.join(arr[:-1]).strip().split(':') self.username = upass[0].strip() if len(upass) > 1: - self.password = ":".join(upass[1:]).strip() - url = arr[1].strip() + self.password = self.escape_pass(":".join(upass[1:]).strip()) + url = arr[-1].strip() else: url = arr[0].strip() @@ -942,7 +948,7 @@ def set_url_driver(url, driver): @staticmethod def set_url_password(url, password): url = make_url(url) - url.password = password + url.password = DBURL.escape_pass(password) return str(url)