Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-3969

Shell interactive password prompt can't handle spaces

XMLWordPrintableJSON

    • Type: Icon: Bug Bug
    • Resolution: Done
    • Priority: Icon: Minor - P4 Minor - P4
    • 2.0.7, 2.1.0
    • Affects Version/s: 2.0.0
    • Component/s: Shell
    • None
    • Environment:
      mongodb-10gen 2.0.0 on Ubuntu 10.04
    • ALL

      The shell's interactive password prompt does not appear to be able to handle passwords with spaces in them.

      Consider a system with two users, dude1 with password "foo bar" and dude2 with password "foobar".

      MongoDB shell version: 2.0.0
Enter password: 
connecting to: admin
> db.addUser('dude1', 'foo bar')
{ "n" : 0, "connectionId" : 11, "err" : null, "ok" : 1 }
{
	"user" : "dude1",
	"readOnly" : false,
	"pwd" : "674962411d339872a613f5d22ba79650",
	"_id" : ObjectId("4e837ef0e495089ea6ace847")
}
> db.addUser('dude2', 'foobar')
{ "n" : 0, "connectionId" : 11, "err" : null, "ok" : 1 }
{
	"user" : "dude2",
	"readOnly" : false,
	"pwd" : "db3de9644903e3376f81808af7e4b05a",
	"_id" : ObjectId("4e837ef7e495089ea6ace848")
}
> 
bye

      Passing the password on the command line works fine.

      $ mongo -u dude1 --password='foo bar' admin
MongoDB shell version: 2.0.0
connecting to: admin
> 
bye

      But prompting interactively is a different story.

      $ echo 'foo bar' | mongo -u dude1 -p admin
MongoDB shell version: 2.0.0
Enter password: 
connecting to: admin
Wed Sep 28 16:10:31 uncaught exception: login failed
exception: login failed

$ echo 'foobar' | mongo -u dude2 -p admin
MongoDB shell version: 2.0.0
Enter password: 
connecting to: admin
bye

      In fact, if the string before the first space is the correct password, the subsequent text may be processed as a command.

      $ echo 'foobar WHAT' | mongo --verbose -u dude2 -p admin
MongoDB shell version: 2.0.0
Wed Sep 28 16:23:45 versionCmpTest passed
Wed Sep 28 16:23:45 versionArrayTest passed
Enter password: 
connecting to: admin
Wed Sep 28 16:23:45 creating new connection to:127.0.0.1
Wed Sep 28 16:23:45 BackgroundJob starting: ConnectBG
Wed Sep 28 16:23:45 connected connection!
Wed Sep 28 16:23:45 ReferenceError: WHAT is not defined (shell):1
bye

$ echo 'foobar db.system.users.find({user:"dude1"})' | mongo -u dude2 -p admin
MongoDB shell version: 2.0.0
Enter password: 
connecting to: admin
{ "_id" : ObjectId("4e837ef0e495089ea6ace847"), "user" : "dude1", "readOnly" : false, "pwd" : "674962411d339872a613f5d22ba79650" }
bye

      Maybe there's a bug in util/password.cpp:askPassword?

            Assignee:
            tad Tad Marshall
            Reporter:
            abrody Andy Brody
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: