Issue #6200: ipa otptoken-add with empty `key` cause internal error - freeipa

freeipa

#6200 ipa otptoken-add with empty `key` cause internal error

Closed: Fixed None Opened 7 years ago by dkupka.

Steps to reproduce:

# ipa-server-install -a Secret123 -p Secret123 -r EXAMPLE.TEST --domain example.test -U
$ echo -e "Secret123\n" | kinit admin
$ echo -e "\n\n" | ipa otptoken-add --type hotp --key --no-qrcode

Expected:
ValidationError or similar graceful fail.

Got:

ipa: ERROR: an internal error has occurred

from httpd/error_log:

[Wed Aug 10 09:15:28.074362 2016] [wsgi:error] [pid 15377] ipa: ERROR: non-public: TypeError: object of type 'NoneType' has no len()
[Wed Aug 10 09:15:28.074405 2016] [wsgi:error] [pid 15377] Traceback (most recent call last):
[Wed Aug 10 09:15:28.074409 2016] [wsgi:error] [pid 15377]   File "/usr/lib/python2.7/site-packages/ipaserver/rpcserver.py", line 352, in wsgi_execute
[Wed Aug 10 09:15:28.074412 2016] [wsgi:error] [pid 15377]     result = self.Command[name](*args, **options)
[Wed Aug 10 09:15:28.074415 2016] [wsgi:error] [pid 15377]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 449, in __call__
[Wed Aug 10 09:15:28.074417 2016] [wsgi:error] [pid 15377]     return self.__do_call(*args, **options)
[Wed Aug 10 09:15:28.074419 2016] [wsgi:error] [pid 15377]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 477, in __do_call
[Wed Aug 10 09:15:28.074422 2016] [wsgi:error] [pid 15377]     ret = self.run(*args, **options)
[Wed Aug 10 09:15:28.074424 2016] [wsgi:error] [pid 15377]   File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 799, in run
[Wed Aug 10 09:15:28.074426 2016] [wsgi:error] [pid 15377]     return self.execute(*args, **options)
[Wed Aug 10 09:15:28.074428 2016] [wsgi:error] [pid 15377]   File "/usr/lib/python2.7/site-packages/ipaserver/plugins/otptoken.py", line 281, in execute
[Wed Aug 10 09:15:28.074430 2016] [wsgi:error] [pid 15377]     return super(otptoken_add, self).execute(ipatokenuniqueid, **options)
[Wed Aug 10 09:15:28.074432 2016] [wsgi:error] [pid 15377]   File "/usr/lib/python2.7/site-packages/ipaserver/plugins/baseldap.py", line 1181, in execute
[Wed Aug 10 09:15:28.074435 2016] [wsgi:error] [pid 15377]     *keys, **options)
[Wed Aug 10 09:15:28.074437 2016] [wsgi:error] [pid 15377]   File "/usr/lib/python2.7/site-packages/ipaserver/plugins/otptoken.py", line 329, in pre_callback
[Wed Aug 10 09:15:28.074487 2016] [wsgi:error] [pid 15377]     args['secret'] = base64.b32encode(entry_attrs['ipatokenotpkey'] or u'')
[Wed Aug 10 09:15:28.074532 2016] [wsgi:error] [pid 15377]   File "/usr/lib64/python2.7/base64.py", line 148, in b32encode
[Wed Aug 10 09:15:28.074541 2016] [wsgi:error] [pid 15377]     quanta, leftover = divmod(len(s), 5)
[Wed Aug 10 09:15:28.074546 2016] [wsgi:error] [pid 15377] TypeError: object of type 'NoneType' has no len()
[Wed Aug 10 09:15:28.074874 2016] [wsgi:error] [pid 15377] ipa: INFO: [jsonserver_kerb] admin@EXAMPLE.TEST: otptoken_add/1(None, type=u'hotp', ipatokenotpkey=None, no_qrcode=True, version=u'2.211'): TypeError

mbasti commented 7 years ago

master:

6f9a029 Validate key in otptoken-add

Metadata Update from @dkupka:
- Issue assigned to tkrizek
- Issue set to the milestone: FreeIPA 4.4.1

7 years ago

Metadata

Assignee

tkrizek

Tags

None

Blocking

None

Depending on

None

Priority

important

Milestone

FreeIPA 4.4.1

None

affects_doc

None

source

None

knownissue

None

type

defect

blockedby

None

test_case

None

component

IPA

blocking

None

on_review

keywords

None

test_coverage

None

reviewer

None

external_tracker

None

rhbz

todo

tester

None

changelog

None

design

None

freeipa

Source Code

#6200 ipa otptoken-add with empty `key` cause internal error Closed: Fixed None Opened 7 years ago by dkupka.

Metadata

#6200 ipa otptoken-add with empty `key` cause internal error

Closed: Fixed None Opened 7 years ago by dkupka.