nimbus-new-user doesn't support addresses with the '+' character #76

Closed
buzztroll opened this Issue Nov 16, 2011 · 4 comments

Comments

Projects
None yet
2 participants
@buzztroll
Member

buzztroll commented Nov 16, 2011

The nimbus-new-user does accept email addresses with the '+' character in the
leading portion of the username, which are perfectly legitimate email
addresses. For instance user+text@gmail.com.

When attempt to run nimbus-new-user with such an address, the following error
is triggered:

./nimbus-new-user --dest /tmp --batch --web --group=3
--report=cert,key,dn,canonical_id,access_id,access_secret,url,web_id,cloud_properties
user+text@gmail.com
Traceback (most recent call last):
File "/opt/nimbus/libexec/nimbus_new_user.py", line 420, in
rc = main()
File "/opt/nimbus/libexec/nimbus_new_user.py", line 407, in main
create_user(o, db)
File "/opt/nimbus/libexec/nimbus_new_user.py", line 340, in create_user
raise ex1
nimbusweb.setup.setuperrors.UnexpectedError: Problem creating certificate.
[<<< stderr: 'Problem creating certificate: String index out of range: -1

@buzztroll

This comment has been minimized.

Show comment
Hide comment
@buzztroll

buzztroll Nov 16, 2011

Member

This is not actually a problem with the email address, it is a problem with the common name for the cert DN. You can work around this by using the -c option and using a name without a + in it.

Member

buzztroll commented Nov 16, 2011

This is not actually a problem with the email address, it is a problem with the common name for the cert DN. You can work around this by using the -c option and using a name without a + in it.

@buzztroll

This comment has been minimized.

Show comment
Hide comment
@buzztroll

buzztroll Nov 17, 2011

Member

The bouncy castle class X509Principal will not accept a DN with a + in it, thus Nimbus cannot support this.

Member

buzztroll commented Nov 17, 2011

The bouncy castle class X509Principal will not accept a DN with a + in it, thus Nimbus cannot support this.

@buzztroll buzztroll closed this Nov 17, 2011

@victor73

This comment has been minimized.

Show comment
Hide comment
@victor73

victor73 Nov 17, 2011

Very well, if such an email address is attempted, can the error message indicate something along those lines then?

Very well, if such an email address is attempted, can the error message indicate something along those lines then?

@buzztroll

This comment has been minimized.

Show comment
Hide comment
@buzztroll

buzztroll Nov 17, 2011

Member

That seems reasonable. I will open this back up.

Member

buzztroll commented Nov 17, 2011

That seems reasonable. I will open this back up.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment