Mariusz Felisiak
009fddc96b
Refs #32061 -- Fixed test_crash_password_does_not_leak() crash on Windows.
...
When env is passed to subprocess.run() we should pass all existing
environment variables. This fixes crash on Windows:
Fatal Python error: failed to get random numbers to initialize Python
Fatal Python error: _Py_HashRandomization_Init: failed to get random
numbers to initialize Python
Python runtime state: preinitialized
2020-11-03 11:38:40 +01:00
Simon Charette
384ac0990f
Refs #32061 -- Prevented password leak on MySQL dbshell crash.
...
The usage of the --password flag when invoking the mysql CLI has the
potential of exposing the password in plain text if the command happens
to crash due to the inclusion of args provided to
subprocess.run(check=True) in the string representation of the
subprocess.CalledProcessError exception raised on non-zero return code.
Since this has the potential of leaking the password to logging
facilities configured to capture crashes (e.g. sys.excepthook, Sentry)
it's safer to rely on the MYSQL_PWD environment variable instead even
if its usage is discouraged due to potential leak through the ps
command on old flavors of Unix.
Thanks Charlie Denton for reporting the issue to the security team.
Refs #24999 .
2020-10-30 10:12:52 +01:00
Simon Charette
eb25fdb620
Refs #32061 -- Added test for dbshell password leak on PostgreSQL.
2020-10-30 10:12:47 +01:00
Simon Charette
bbe6fbb876
Refs #32061 -- Unified DatabaseClient.runshell() in db backends.
2020-10-29 22:22:58 +01:00
manav014
af87574a3c
Fixed #6517 -- Made dbshell use charset option on MySQL.
...
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-10-17 12:24:36 +02:00
Hasan Ramezani
9e8edc1e55
Fixed #31491 -- Allowed 'password' option in DATABASES['OPTIONS'] on MySQL.
2020-06-12 12:07:43 +02:00
Adam Johnson
5b884d45ac
Fixed #29501 -- Allowed dbshell to pass options to underlying tool.
2020-04-14 14:02:51 +01:00
Mariusz Felisiak
8189976663
Refs #29501 -- Added test for missing dbshell executable.
2020-04-14 13:22:46 +02:00
Zeynel Özdemir
9d40b6bbf4
Fixed #31076 -- Fixed dbshell crash on Windows with Python < 3.8.
...
subprocess.run()'s args parameter accepts path-like objects on Windows
since Python 3.8.
2019-12-16 11:20:41 +01:00
Mariusz Felisiak
92c72b68b7
Fixed broken OracleDbshellTests tests after 9386586f31
.
2019-08-23 21:25:21 +02:00
Claude Paroz
9386586f31
Replaced subprocess commands by run() wherever possible.
2019-08-23 10:53:36 +02:00
Min ho Kim
9f11939dd1
Fixed typos in comments and a test name.
2019-07-19 18:24:06 +02:00
Oleh Mykytiuk
177fa08339
Fixed #30370 -- Added dbshell support for client TLS certificates on PostgreSQL.
2019-04-18 08:10:31 +02:00
Daniel Bowring
cf826c9a91
Fixed #30173 -- Simplified db.backends.postgresql.client.
2019-02-13 17:12:02 -05:00
Tim Graham
ddb2936852
Refs #25175 -- Renamed test file referencing the old postgresql_psycopg2 engine.
2019-02-13 17:11:33 -05:00
Jon Dufresne
7e3bf2662b
Removed default mode='r' argument from calls to open().
2019-01-27 17:41:43 -05:00
Mariusz Felisiak
c6525bea9e
Fixed #29534 -- Made dbshell use rlwrap on Oracle if available.
2018-10-25 19:39:42 -04:00
luz.paz
97e637a87f
Fixed typos in comments and docs.
2018-08-01 16:09:22 -04:00
Paul Tiplady
335a8d7895
Fixed #28322 -- Added dbshell support for MySQL client TLS certs.
2017-06-19 18:11:25 -04:00
Chris Sinchok
66150f7cf6
Fixed #27954 -- Allowed keyboard interrupt to abort queries in PostgreSQL dbshell.
...
Thanks Tim Martin for review.
2017-04-01 21:01:08 -04:00
Tim Graham
7aba69145d
Refs #23919 -- Removed django.test.mock Python 2 compatibility shim.
2017-01-20 08:17:20 -05:00
Claude Paroz
dc8834cad4
Refs #23919 -- Removed unneeded force_str calls
2017-01-20 08:44:31 +01:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
mieciu
19ff506878
Fixed #26698 -- Fixed PostgreSQL dbshell crash on an empty database name.
2016-06-03 12:30:21 -04:00
Caio Ariede
ec9004728e
Fixed #25175 -- Renamed the postgresql_psycopg2 database backend to postgresql.
2015-08-07 09:33:17 -04:00
Tim Graham
6bd8462380
Refs #23658 -- Fixed dbshell tests on Windows.
2015-07-06 16:17:56 -04:00
Tim Graham
b535eb3fcb
Refs #23658 -- Fixed unclosed file in dbshell tests.
2015-07-01 13:45:02 -04:00
Jean-Michel Vourgère
b64c0d4d61
Fixed #23658 -- Provided the password to PostgreSQL dbshell command
...
The password from settings.py is written in a temporary .pgpass file
file whose name is given to psql using the PGPASSFILE environment
variable.
2015-06-30 18:21:51 -04:00
Tim Graham
1e63652e44
Renamed MySQL-specific dbshell test file.
2015-06-27 16:22:11 -04:00
zsoldosp
01801edd37
Fixed #22646 : Added support for the MySQL ssl-ca option to dbshell.
2014-08-13 18:29:42 -04:00