bug: backslashes preceding numbers in passwords
Jesse Norell
jesse at kci.net
Tue Apr 5 17:19:30 CEST 2022
Hello,
In troubleshooting a client which did not work to unlock the disk at
boot, I found that passwords with a backslash preceding a number are
mishandled. Eg. here the two char sequence '\1' is converted to the
single char 001:
# KEY='test\1test\two'
# echo -e "${KEY}\n${KEY}" | mandos-keygen --password
(added output to mandos server)
# echo ${KEY} | od -c
0000000 t e s t \ 1 t e s t \ t w o \n
0000017
# /usr/lib/x86_64-linux-gnu/mandos/plugins.d/mandos-client --pubkey=/etc/keys/mandos/pubkey.txt --seckey=/etc/keys/mandos/seckey.txt --tls-pubkey=/etc/keys/mandos/tls-pubkey.pem --tls-privkey=/etc/keys/mandos/tls-privkey.pem | od -c
0000000 t e s t 001 t e s t \t w o
0000014
This is with mandos-client 1.8.14-1 on debian 11 (server is mandos
1.8.14-1~bpo10+1 on debian 10, but I think it's a client issue).
Thanks,
--
Jesse Norell
Kentec Communications, Inc.
970-522-8107 - www.kci.net
More information about the Mandos-Dev
mailing list