[Nut-upsuser] nut-monitor: Set password on [cyberpower at localhost] failed - got [ERR INVALID-ARGUMENT]

Jim Klimov jimklimov+nut at gmail.com
Mon Jan 2 12:10:45 GMT 2023 

> Surely if the password is say "!@#"!@*&" then all 10 characters are part
of the password.  It is not for NUT to guess.

So I've run some experiments... and it seems to work as I OTOH-described
earlier.

In the new NIT tests, there are methods for `upsmon` configuration to be
created but it is not tested yet. Passwords for upsmon roles are used from
API clients however (Python, C++) and they succeed whether it is enclosed
in double-quotes or not in the `upsd.users` file.

In a live setup, identical password strings with or without doublequotes
worked for `upsmon.conf` and `upsd.conf`, also if only one is quoted.

Escaped doublequotes inside a password also worked, e.g. pass\"word or
"pass\"word"; however spaces (escaped or hidden in doublequotes) did not
work since the NUT protocol did not allow for that extra token on assumed
request line => ERR INVALID-ARGUMENT.

Then it gets a bit complicated for "invalid" spellings:
* upsd.users may define a pass"word (one unescaped quote in the middle) but
upsmon.conf must have it properly quoted and escaped as "pass\"word"
(otherwise it is a very long token I guess, and the MONITOR role is
defaulted as a secondary since the requested primary role is not parsed as
such).
* upsd.users may define a "pass"word" (three unescaped quotes) but
effectively the token is cut at the second quote, rest being ignored for
this line - so upsmon.conf must use it as "pass".

Similar effects are in place for `upsd.users` entries without an upsmon
role - quotes around work, unescaped quotes in the middle like pass"word do
not, escaped quotes in the middle do work, spaces cause ERR
PASSWORD-REQUIRED.

So passwords with spaces may be a problem, but otherwise everything seems
correct and predictable ;)

Hope this helps,
Jim Klimov

On Thu, Dec 29, 2022 at 9:11 PM Roger Price <roger at rogerprice.org> wrote:

> On Thu, 29 Dec 2022, Jim Klimov via Nut-upsuser wrote:
>
> > > Ah, dropping the ""s seems to have resolved it.
> >
> > I think parser should ignore quotes (not take them as content -
> > just treat the insides as one token) unless escaped, in both config file
> contexts.
>
> Surely if the password is say "!@#"!@*&" then all 10 characters are part
> of the
> password.  It is not for NUT to guess.
>  Roger_______________________________________________
> Nut-upsuser mailing list
> Nut-upsuser at alioth-lists.debian.net
> https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/nut-upsuser
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/nut-upsuser/attachments/20230102/42b0f94e/attachment.htm>

More information about the Nut-upsuser mailing list