From: Christian Ebner <c.ebner@proxmox.com>
To: Maximiliano Sandoval <m.sandoval@proxmox.com>,
pbs-devel@lists.proxmox.com
Subject: Re: [PATCH backup 1/2] fix #7054: client: remove trailing newlines from credentials
Date: Fri, 20 Feb 2026 13:05:49 +0100 [thread overview]
Message-ID: <c77ddcb7-a2c3-4cf0-b9d2-ea24c4803891@proxmox.com> (raw)
In-Reply-To: <20260220111951.280082-2-m.sandoval@proxmox.com>
no in depth review, but just a quick comment
On 2/20/26 12:19 PM, Maximiliano Sandoval wrote:
> For repositories and fingerprints we simply strip trailing whitespaces.
> For passwords, we refer to the password regex at proxmox-schema:
> `^[[:^cntrl:]]*$`, we can only strip trailing control characters without
> potentially breaking existing passwords.
>
> The encryption password is just a blob of bytes handled locally by the
> client, we cannot remove trailing whitespace here without potential
> breakage. Creation of such passwords (via
> proxmox_sys::tty::read_and_verify_password) only verifies valid utf-8
> and len >= 5.
>
> In order to prevent an allocation for credentials that do not need to be
> stripped we perform a preemptive check with str::ends_with before
> allocating.
>
> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
> pbs-client/src/tools/mod.rs | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/pbs-client/src/tools/mod.rs b/pbs-client/src/tools/mod.rs
> index 7a496d14c..8dc7c2cd5 100644
> --- a/pbs-client/src/tools/mod.rs
> +++ b/pbs-client/src/tools/mod.rs
> @@ -169,6 +169,17 @@ fn get_secret_impl(env_variable: &str, credential_name: &str) -> Result<Option<S
> Ok(Some(password))
> } else if let Some(password) = get_credential(credential_name)? {
> String::from_utf8(password)
> + .map(|s| {
> + if matches!(credential_name, CRED_PBS_REPOSITORY | CRED_PBS_FINGERPRINT)
> + && s.ends_with(char::is_whitespace)
instead of doing the string allocation above and add additional checks
to avoid allocation here and below (1), why not strip before string
allocation of `password` directly?
You can use str::from_utf8 [0] and only do the full string allocation
once trailing characters are stripped.
> + {
> + s.trim_end().to_string()
> + } else if credential_name == CRED_PBS_PASSWORD && s.ends_with(char::is_control) {
(1)
> + s.trim_end_matches(char::is_control).to_string()
> + } else {
> + s
> + }
> + })
> .map(Option::Some)
> .map_err(|_err| format_err!("credential {credential_name} is not utf8 encoded"))
> } else {
[0] https://doc.rust-lang.org/std/primitive.str.html#method.from_utf8
next prev parent reply other threads:[~2026-02-20 12:05 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-20 11:17 [PATCH backup 0/2] " Maximiliano Sandoval
2026-02-20 11:17 ` [PATCH backup 1/2] " Maximiliano Sandoval
2026-02-20 12:05 ` Christian Ebner [this message]
2026-02-20 12:21 ` Maximiliano Sandoval
2026-02-20 12:23 ` Fabian Grünbichler
2026-02-20 11:17 ` [PATCH backup 2/2] docs: client: document further password constrains Maximiliano Sandoval
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c77ddcb7-a2c3-4cf0-b9d2-ea24c4803891@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=m.sandoval@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox