Bug #26044 Login does not URL encode special characters in Agent username/password
Submitted: 2 Feb 2007 21:45 Modified: 28 Feb 2007 19:12
Reporter: Harrison Fisk Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Enterprise Monitor: Web Severity:S3 (Non-critical)
Version:1.0.1 - 1.1.0.4839 OS:Linux (Ubuntu)
Assigned to: BitRock Merlin CPU Architecture:Any

[2 Feb 2007 21:45] Harrison Fisk
Description:
When you enter a username or password that includes a URL special character, such as @ or :, then it will break the URL used by the Agent to heartbeat.

This broken URL appears in both the configuration_report.txt and also in the mysql-service-agent.ini file when you run the installer.

For example, the URL would look like:

hostname = http://agent:foo@bar@127.0.0.1:18080/merlin/heartbeat

which results in an error of:

2007-02-02 16:36:38: (critical) connection to merlin-server 'http://agent:foo@bar@127.0.0.1:18080/merlin/heartbeat'; failed: Couldn't resolve host 'bar@127.0.0.1'

If you properly URL encode the @ to %40, then it works fine:

hostname = http://agent:foo%40bar@127.0.0.1:18080/merlin/heartbeat

This bug is similar in nature to 24640, but different in location in the product.

How to repeat:
Use a password of:  foo@bar for the agent and specify it in the agent installer.

Notice the agent can not login properly due to URL problems.

Suggested fix:
Encode the neccesary characters such as +, @, /, : in the URL in both installers.
[2 Feb 2007 22:00] Andy Bang
BitRock needs to update the agent installer to do this.  However, now that we're removing this password setup from the Service Manager installer and replacing it with a GUI Setup screen the first time you access Merlin, we need to do this in the Setup screen (either Josh on the GUI side or Oldag on the server side) rather than having the installer updated.
[8 Feb 2007 18:06] Joshua Ganderson
Agent issue, assigning to Jan per Sloan's request.
[16 Feb 2007 22:02] Jan Kneschke
The installer has to apply a URL-encoding at the password and the username. If that is requiring to many changes on the installer side we have to change the configfile to split the URL into specific key-value pairs instead:

hostname = 127.0.0.1
port = 8080
username = ...
password = ...
url-path = /merlin/heartbeat

and the agent could do the encoding with ease.
[17 Feb 2007 21:29] BitRock Merlin
New agent XML file provided. The username and password are encoded in the hostname entry of merlind, but just on that one. We believe this is the desired behavior, please let us know otherwise

[mysqld]
user     = ${mysqluser}
password = ${mysqlpass}
hostname = ${mysqlhost}
port =     ${mysqlport}

[merlind]
hostname = http://${merlinuserEncoded}:${merlinpassEncoded}@${merlinhost}:${merlinport}/merlin/heartb...
[27 Feb 2007 15:26] Keith Russell
Reported as corrected in versions => 1.1.0.4839
[27 Feb 2007 15:39] Carsten Segieth
successfull tested a patch from bitRock for bug#26667 - Agent inst: unknown variables entered into agent ini file for hostname params

This will be available with the next build after 1.1.0.4839
[27 Feb 2007 17:15] Keith Russell
Reported as corrected in versions => 1.1.0.4847.
[28 Feb 2007 10:47] Carsten Segieth
tested OK with 1.1.0.4861 (tested on WinXP, but Linux tests will follow in the next hours):

test@agent / agentp@test is converted to 
hostname = http://test%40agent:agent%40test@127.0.0.1:8080/merlin/heartbeat
[28 Feb 2007 19:12] Peter Lavin
Added to changelog.