[rancid] plus in the prompt?

Discussion:

Ed Ravin

2008-03-10 20:53:44 UTC

I'm trying to get the "X&Y Corporation" router into RANCID. Here's
what a clogin attempt to run a command looks like:

[...]
User Access Verification

Username: cisco
Password:

x+y>enable
Password:
x+y#
x+y#term length 0
x+y#
Error: TIMEOUT reached

Looks like it's the plus sign in the prompt. If I change it to "XandY"
instead of "x+y" clogin works as expected.

Why does it work for the enable and the "term length 0" command, but not
afterwards?

Austin Schutz

2008-03-11 05:22:10 UTC

Permalink

Post by Ed Ravin
Looks like it's the plus sign in the prompt. If I change it to "XandY"
instead of "x+y" clogin works as expected.
Why does it work for the enable and the "term length 0" command, but not
afterwards?

Just tossing a guess out here: expect is looking for a prompt using
a regex. The + you have in your prompt is being treated like a regex +,
so expect is looking for a string that looks like xy or xxxy, etc.
Probably best to not do that, if you can avoid it.

Austin

Jethro R Binks

2008-03-11 09:43:51 UTC

Permalink

Post by Austin Schutz

I think I am correct in saying that if you look in clogin and equivalents,
in:

proc run_commands { prompt command } {

There is code like:

# escape any parens in the prompt, such as "(enable)"
regsub -all {[)(]} $prompt {\\&} reprompt
# match cisco config mode prompts too, such as router(config-if)#,
# but catalyst does not change in this fashion.
regsub -all {^(.{1,14}).*([#>])$} $reprompt {\1([^#>\r\n]+)?[#>](\$[^)\\r\\n]+\$)?} reprompt

which on my reading seems to be escaping certain chars in reprompt so that
they aren't interpreted by expect when used later on as part of a regexp
match against input. I guess you will need to add something to escape +
characters as well, if that's what you need to use in the prompt.

Jethro.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks
Computing Officer, IT Services
University Of Strathclyde, Glasgow, UK

David Luyer

2008-03-11 15:57:18 UTC

Permalink

Post by Jethro R Binks
# escape any parens in the prompt, such as "(enable)"
regsub -all {[)(]} $prompt {\\&} reprompt

could be changed to something more like:

# escape all regexp magic characters in the prompt
regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt

David.

Ed Ravin

2008-03-12 15:27:06 UTC

Permalink

Post by David Luyer

Post by Jethro R Binks
# escape any parens in the prompt, such as "(enable)"
regsub -all {[)(]} $prompt {\\&} reprompt

# escape all regexp magic characters in the prompt
regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt

Thank you, that works. It's the customer's router and it didn't
seem right to say "I need to change your router hostname, because,
well, ummm..."

Ed Ravin

2008-03-12 16:00:38 UTC

Permalink

Isn't the hostname + domain name used in setting up a SSH key in IOS?

And other things, like setting up LAT names for Appletalk. But IOS
accepts it and many other strange chars in the "hostname" command,
and I'm not going to argue with Cisco. In the case of the LAT name,
Cisco issues a warning and works around it.

You could always sell it as "+" isn't a valid character in a FQDN, so you
can run into trouble later with some SSH clients having trouble connecting?

I could, but I would rather wait until it actually causes a problem
and then I can give the customer a real reason why it needs to be
changed.

But, the code mod to support all possible characters in a hostname is more
likely the better way to go for cases like this.

Absolutely. This is easy to fix and will make clogin more reliable.

Austin Schutz

2008-03-13 23:56:12 UTC

Permalink

Post by Ed Ravin

Isn't the hostname + domain name used in setting up a SSH key in IOS?

You could always sell it as "+" isn't a valid character in a FQDN, so you
can run into trouble later with some SSH clients having trouble connecting?

I could, but I would rather wait until it actually causes a problem
and then I can give the customer a real reason why it needs to be
changed.

Because rancid doesn't support it works for me. I have it set up so
the name of the configured device (router.db) has to match what's in the
prompt, nicely allowing for case insensitivity. As our company has absorbed
other networks, it's been handy to force a bare minimum of organization to
get things manageable.
It has been my experience that it's just easier to have users fix
their oddities (which I non-judgementally tend to privately refer to as
stupid fu***ng bu****it) rather than deal later with the inevitable annoying
repurcussions, such as users configuring the same host to be polled twice,
incorrectly renamed hosts, etc. Some people may think the tools should allow
for every dumbass thing a user can think to do to their network, I guess I
disagree.
If they're doing stupid things like having +s in the prompt it's
most assuredly only the tip of a very large iceberg. Yeah.. but you know
that already, you're there trying to melt it. Good luck.

I guess that qualifies as a rant, sorry.

Austin

Ed Ravin

2008-03-14 00:19:48 UTC

Permalink

Post by Austin Schutz
Because rancid doesn't support it works for me. I have it set up so
the name of the configured device (router.db) has to match what's in the
prompt, nicely allowing for case insensitivity. As our company has absorbed
other networks, it's been handy to force a bare minimum of organization to
get things manageable.

But that's a customization you made to RANCID - over here, once I
patched clogin and rancid, there's been no problem. My customer's
company name has the "+" in it (love them modern Internet biz names),
so it's not like they were thinking up ways to break RANCID before
they hired us.

Post by Austin Schutz
It has been my experience that it's just easier to have users fix
their oddities (which I non-judgementally tend to privately refer to as
stupid fu***ng bu****it) rather than deal later with the inevitable annoying
repurcussions

I don't see any blowback from this - if IOS accepts the + as a valid
char in the prompt, and the router still works the way it is supposed to,
what's the problem? If we later discover that the router won't do
something it needs to do, we'll change the prompt, and I'll get an
extra email from RANCID about the change. Stil no problem.

Years ago I worked for a company that made network monitoring software.
We had a debate one day about whether we would support networks that
had more than one node with the same IP (v4) address. Apparently, thanks
to the joy of NAT, such networks exist, and we had to figure out how to
discover those nodes and tell them apart, and telling the customer to
fix their network so that they could buy our software was not an option.

Has anyone ever asked for THAT feature in RANCID?

Andrew Brennan

2008-03-12 15:34:27 UTC

Permalink

Isn't the hostname + domain name used in setting up a SSH key in IOS? You
could always sell it as "+" isn't a valid character in a FQDN, so you can
run into trouble later with some SSH clients having trouble connecting?

But, the code mod to support all possible characters in a hostname is more
likely the better way to go for cases like this.

andrew.

Post by Ed Ravin

Post by David Luyer

Post by Jethro R Binks
# escape any parens in the prompt, such as "(enable)"
regsub -all {[)(]} $prompt {\\&} reprompt

# escape all regexp magic characters in the prompt
regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt

Thank you, that works. It's the customer's router and it didn't
seem right to say "I need to change your router hostname, because,
well, ummm..."
_______________________________________________
Rancid-discuss mailing list
http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss

Ed Ravin

2008-03-12 21:43:05 UTC

Permalink

Post by David Luyer

Post by Jethro R Binks
# escape any parens in the prompt, such as "(enable)"
regsub -all {[)(]} $prompt {\\&} reprompt

# escape all regexp magic characters in the prompt
regsub -all {[+*.|(){}[\]]} $prompt {\\&} reprompt

And I also needed to change the corresponding code in rancid:

- $prompt =~ s/([][}{)(\\])/\\$1/g;
+ $prompt =~ s/([][+.*}{)(\\])/\\$1/g;