[Freeipa-devel] [PATCH] 0003 Validate key in otptoken-add
Jan Cholasta
jcholast at redhat.com
Tue Aug 23 09:53:02 UTC 2016
On 22.8.2016 19:08, Tomas Krizek wrote:
> I've attached the updated patch. Hopefully I didn't forget anything else
> this time.
>
>
> On 08/22/2016 05:48 PM, Martin Basti wrote:
>>
>> On 22.08.2016 10:22, Tomas Krizek wrote:
>>>
>>> Seems like a good idea, I'm attaching the updated patch. Autofill
>>> does work when the param is required.
>>>
>>>
>>> On 08/19/2016 04:19 PM, Martin Basti wrote:
>>>>
>>>>
>>>>
>>>> On 16.08.2016 17:35, Tomas Krizek wrote:
>>>>> Hi,
>>>>>
>>>>> the attached patch fixes an error message when user provides an
>>>>> empty key while adding otp token.
>>>>>
>>>>> https://fedorahosted.org/freeipa/ticket/6200
>>>>>
>>>>>
>>>>>
>>>>
>>>> I'm curious why we don't fix it here:
>>>>
>>>> OTPTokenKey('ipatokenotpkey?',
>>>> cli_name='key',
>>>> label=_('Key'),
>>>> doc=_('Token secret (Base32; default: random)'),
>>>> default_from=lambda: os.urandom(KEY_LENGTH),
>>>> autofill=True,
>>>> flags=('no_display', 'no_update', 'no_search'),
>>>> ),
>>>>
>>>>
>>>> If OTPTokenKey is mandratory, it should be required param (autofill
>>>> should work in this case too)
>>>>
>>>> Martin^2
>>>
>>> --
>>> Tomas Krizek
>>
>> You changed API, you must regenerate API.txt (./makeapi) and increment
>> minor version in VERSION file
>>
>> Option 'ipatokenotpkey?' in command 'otptoken_add/1' in API file not found
>> Options count in otptoken_add of 22 doesn't match expected: 23
>> Option ipatokenotpkey of command otptoken_add in ipalib, not in API file:
>> OTPTokenKey('ipatokenotpkey', autofill=True, cli_name='key')
NACK, this is a backward incompatible change.
AFAICT the option should remain optional, see the doc string:
Token secret (Base32; default: random)
^^^^^^^^^^^^^^^
--
Jan Cholasta
More information about the Freeipa-devel
mailing list