| Message ID | 20230711143320.255308-1-dit.kozmaj@kynetics.com |
|---|---|
| State | New |
| Headers | show |
| Series | fetch2: Set maxsplit to match expected variables | expand |
Bitbucket added a new feature that provides limited access to a specific repository using a Repository Access Tokens. This token comes in the form token-auth:key. https://support.atlassian.com/bitbucket-cloud/docs/repository-access-tokens/ https://support.atlassian.com/bitbucket-cloud/docs/using-access-tokens/#Include-the-Repository-Access-Token-in-the-URL The token can be used in the user parameter of SRC_URI as this parameter is in the form user=userid:password, and works correctly excluding the cases when the password contains a "=" symbol. The error comes from the split logic, which doesn't manage the case when the value contains the symbol "=". The proposed change guarantees that only two variables will be returned, splitted in "key" and "value" and the value can contain, especially in cases when it is a password, the "=" character. On Tue, Jul 11, 2023 at 4:33 PM <dit.kozmaj@kynetics.com> wrote: > From: Dit Kozmaj <dit.kozmaj@kynetics.com> > > Set the maxsplit value to match the expected number of variables. > This also avoids an unnecessary split as the parameters are in the form > 'key=value' > and the 'value' could contain the '=' character. > > Signed-off-by: Dit Kozmaj <dit.kozmaj@kynetics.com> > --- > bitbake/lib/bb/fetch2/__init__.py | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/bitbake/lib/bb/fetch2/__init__.py > b/bitbake/lib/bb/fetch2/__init__.py > index 3e6555bd67..79b289eaec 100644 > --- a/bitbake/lib/bb/fetch2/__init__.py > +++ b/bitbake/lib/bb/fetch2/__init__.py > @@ -388,7 +388,7 @@ def decodeurl(url): > if s: > if not '=' in s: > raise MalformedUrl(url, "The URL: '%s' is invalid: > parameter %s does not specify a value (missing '=')" % (url, s)) > - s1, s2 = s.split('=') > + s1, s2 = s.split('=', 1) > p[s1] = s2 > > return type, host, urllib.parse.unquote(path), user, pswd, p > -- > 2.25.1 > >
The change should be submitted to the bitbake-devel list. It also helps if you include everything a reviewer needs to know into the commit message. Alex On Tue, 11 Jul 2023 at 17:28, Dit Kozmaj <dit.kozmaj@kynetics.com> wrote: > > Bitbucket added a new feature that provides limited access to a specific repository using a Repository Access Tokens. This token comes in the form token-auth:key. > > https://support.atlassian.com/bitbucket-cloud/docs/repository-access-tokens/ > https://support.atlassian.com/bitbucket-cloud/docs/using-access-tokens/#Include-the-Repository-Access-Token-in-the-URL > > The token can be used in the user parameter of SRC_URI as this parameter is in the form user=userid:password, and works correctly excluding the cases when the password contains a "=" symbol. > > The error comes from the split logic, which doesn't manage the case when the value contains the symbol "=". > > The proposed change guarantees that only two variables will be returned, splitted in "key" and "value" and the value can contain, especially in cases when it is a password, the "=" character. > > > On Tue, Jul 11, 2023 at 4:33 PM <dit.kozmaj@kynetics.com> wrote: >> >> From: Dit Kozmaj <dit.kozmaj@kynetics.com> >> >> Set the maxsplit value to match the expected number of variables. >> This also avoids an unnecessary split as the parameters are in the form 'key=value' >> and the 'value' could contain the '=' character. >> >> Signed-off-by: Dit Kozmaj <dit.kozmaj@kynetics.com> >> --- >> bitbake/lib/bb/fetch2/__init__.py | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py >> index 3e6555bd67..79b289eaec 100644 >> --- a/bitbake/lib/bb/fetch2/__init__.py >> +++ b/bitbake/lib/bb/fetch2/__init__.py >> @@ -388,7 +388,7 @@ def decodeurl(url): >> if s: >> if not '=' in s: >> raise MalformedUrl(url, "The URL: '%s' is invalid: parameter %s does not specify a value (missing '=')" % (url, s)) >> - s1, s2 = s.split('=') >> + s1, s2 = s.split('=', 1) >> p[s1] = s2 >> >> return type, host, urllib.parse.unquote(path), user, pswd, p >> -- >> 2.25.1 >> > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#184143): https://lists.openembedded.org/g/openembedded-core/message/184143 > Mute This Topic: https://lists.openembedded.org/mt/100079813/1686489 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [alex.kanavin@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
On Tue, 2023-07-11 at 18:51 +0200, Alexander Kanavin wrote: > The change should be submitted to the bitbake-devel list. It also > helps if you include everything a reviewer needs to know into the > commit message. In addition, adding a new testcase to lib/bb/tests/fetch.py so that "bitbake-selftest bb.tests.fetch" covers this would be much appreciated and increase the chances of it merging! Cheers, Richard
diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py index 3e6555bd67..79b289eaec 100644 --- a/bitbake/lib/bb/fetch2/__init__.py +++ b/bitbake/lib/bb/fetch2/__init__.py @@ -388,7 +388,7 @@ def decodeurl(url): if s: if not '=' in s: raise MalformedUrl(url, "The URL: '%s' is invalid: parameter %s does not specify a value (missing '=')" % (url, s)) - s1, s2 = s.split('=') + s1, s2 = s.split('=', 1) p[s1] = s2 return type, host, urllib.parse.unquote(path), user, pswd, p