Allow all Whitespace Characters as Vault Content

Disallowing line breaks (and possibly tabs) renders Chef Vaults unusable for X.509 and SSH keys (see chef#370). This commit include these character in the set of allowed characters. Signed-off-by: Mario Haustein <mario.haustein@hrz.tu-chemnitz.de>
hamarituc · May 28, 2021 · c7fdd73 · c7fdd73
1 parent c817dbc
commit c7fdd73
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 4 deletions.
diff --git a/lib/chef/knife/mixin/helper.rb b/lib/chef/knife/mixin/helper.rb
@@ -66,10 +66,10 @@ def validate_json(json)
 
       # I/P: String
       # O/P: true/false
-      # returns true if string is free of non-printable characters (escape sequences)
-      # this returns false for whitespace escape sequences as well, e.g. \n\t
+      # returns true if string is free of non-printable and whitespace characters
+      # (escape sequences)
       def printable?(string)
-        /[^[:print:]]/.match(string)
+        /[^[:graph:][:space:]]/.match(string)
       end
     end
   end

diff --git a/spec/chef/helper_spec.rb b/spec/chef/helper_spec.rb
@@ -5,6 +5,7 @@
   include ChefVault::Mixin::Helper
 
   let(:json_data) { '{"username": "root", "password": "abcabc"}' }
+  let(:json_data_whitespace) { '{"username": "root", "password": "abc\nabc\tabc"}' }
   let(:json_data_control_char) { '{"username": "root", "password": "abc\abc"}' }
   let(:buggy_json_data) { '{"username": "root", "password": "abc\abc"' }
 
@@ -20,5 +21,9 @@
     it "Not to raise error if valid data provided" do
       expect { validate_json(json_data) }.to_not raise_error
     end
+
+    it "Not to raise error if valid data with whitespace provided" do
+      expect { validate_json(json_data_whitespace) }.to_not raise_error
+    end
   end
-end
+end