Quote arguments used for creating SNMP users.

ZEN-35103
zenoss · Oct 11, 2024 · 0b22a8c · 0b22a8c
1 parent 0de23b6
commit 0b22a8c
Showing 1 changed file with 26 additions and 23 deletions.
diff --git a/pynetsnmp/netsnmp.py b/pynetsnmp/netsnmp.py
@@ -858,29 +858,28 @@ def awaitTraps(
     def create_users(self, users):
         self._log.debug("create_users: Creating %s users.", len(users))
         for user in users:
-            if user.version == 3:
-                try:
-                    line = ""
-                    if user.engine_id:
-                        line = "-e {} ".format(user.engine_id)
-                    line += " ".join(
-                        [
-                            user.username,
-                            user.authentication_type,  # MD5 or SHA
-                            user.authentication_passphrase,
-                            user.privacy_protocol,  # DES or AES
-                            user.privacy_passphrase,
-                        ]
-                    )
-                    lib.usm_parse_create_usmUser("createUser", line)
-                    self._log.debug("create_users: created user: %s", user)
-                except Exception as e:
-                    self._log.debug(
-                        "create_users: could not create user: %s: (%s: %s)",
-                        user,
-                        e.__class__.__name__,
-                        e,
-                    )
+            if user.version != SNMP_VERSION_3:
+                continue
+            try:
+                line = ""
+                if user.engine_id:
+                    line = "-e '{}' ".format(user.engine_id)
+                line += "'{}' '{}' '{}' '{}' '{}'".format(
+                    _escape_char("'", user.username),
+                    _escape_char("'", user.authentication_type),
+                    _escape_char("'", user.authentication_passphrase),
+                    _escape_char("'", user.privacy_protocol),
+                    _escape_char("'", user.privacy_passphrase),
+                )
+                lib.usm_parse_create_usmUser("createUser", line)
+                self._log.debug("create_users: created user: %s", user)
+            except Exception as e:
+                self._log.debug(
+                    "create_users: could not create user: %s: (%s: %s)",
+                    user,
+                    e.__class__.__name__,
+                    e,
+                )
 
     def sendTrap(self, trapoid, varbinds=None):
         if "-v1" in self.cmdLineArgs:
@@ -1009,6 +1008,10 @@ def walk(self, root):
         return req.contents.reqid
 
 
+def _escape_char(char, text):
+    return text.replace(char, r"\{}".format(char))
+
+
 MAXFD = 1024
 FD_SETSIZE = MAXFD
 fdset = c_int32 * (MAXFD / 32)