Bug 980306

Summary: Failed to delete the ssh key with name "."
Product: OpenShift Online Reporter: Tian Feng <tfeng>
Component: MasterAssignee: Lili Nader <lnader>
Status: CLOSED CURRENTRELEASE QA Contact: libra bugs <libra-bugs>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 2.xCC: ccoleman, jliggitt, mfisher, pruan, xtian
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1018642 (view as bug list) Environment:
Last Closed: 2013-10-17 13:27:06 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1018642    

Description Tian Feng 2013-07-02 03:42:20 UTC 
Description of problem:
Failed to delete a ssh key with name with "." against RESTAPI

Version-Release number of selected component (if applicable):

devenv_3434 and STG 

How reproducible:

always

Steps to Reproduce:

1.Add a ssh key with name "."
2.Delete it
3.

Actual results:

It will return to /app/console/key, and the page not found.

Expected results:

Delete it successfully.

Additional info:
Comment 1 Tian Feng 2013-07-02 05:04:57 UTC 
Also happen on REST API

client:
[sunwei@dhcp-8-229 ~]$ rhc sshkey remove .
Removing the key '. ... Password: ******
The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or firewall).
Please verify that you can access the OpenShift server https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/
[sunwei@dhcp-8-229 ~]$ rhc sshkey remove . -d
DEBUG: Using config file /home/sunwei/.openshift/express.conf
Removing the key '. ... DEBUG: Authenticating with RHC::Auth::Basic
DEBUG: Connecting to https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/api
DEBUG: Deleting key '.'
DEBUG: Finding key .
DEBUG: Getting user info
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/api
DEBUG: SSL Verification failed -- Using self signed cert
DEBUG:    code 200 1111 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5
Password: *
DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user
DEBUG:    code 200 1066 ms
DEBUG: Getting all keys for user wsun+3
DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys
DEBUG:    code 200  550 ms
DEBUG: Deleting key .
DEBUG: Request DELETE https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/
DEBUG:    code 404  279 ms
DEBUG: Response did not include a message from server: invalid character at "<!DOCTYPE "
The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or firewall).
Please verify that you can access the OpenShift server https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/
Comment 2 Jordan Liggitt 2013-07-02 12:43:22 UTC 
The links generated for a key whose name is "." are incorrect.

The '.' needs to be encoded, or it will be normalized to point to the parent path segment, like this:

    "DELETE": {
        "href": "https://openshift.redhat.com/broker/rest/user/keys/",
        "method": "DELETE",
        "optional_params": [ ],
        "rel": "Delete SSH key",
        "required_params": [ ]
    }


A similar issue probably exists for a key named ".."
Comment 3 Lili Nader 2013-10-02 01:52:23 UTC 
Added code to prevent keys with names starting with "."

https://github.com/openshift/origin-server/pull/3757

There isn't much that can be done for any existing keys that start with "." other than a manual delete by OPS team.
Comment 4 Clayton Coleman 2013-10-02 20:08:11 UTC 
How many users have keys of this form?
Comment 5 Clayton Coleman 2013-10-02 20:11:19 UTC 
Also - why is starting with '.' important?  This bug sounds like it's more about '.' and '..', not keys of the form '.<something>'.  Being more restrictive doesn't help much here.
Comment 6 openshift-github-bot 2013-10-03 00:41:48 UTC 
Commit pushed to master at https://github.com/openshift/origin-server

https://github.com/openshift/origin-server/commit/8bef57b441cd60187cbcbeea219c7a7045140b6b
Bug 980306
Comment 7 Peter Ruan 2013-10-03 07:05:23 UTC 
tested with devenv_3854, still fail to delete the sshkey named '.'

[peter@unused-16-138 <DEV> ~]# rhc sshkey delete . -d
DEBUG: Using config file /home/peter/.openshift/express.conf
Warning: This command is deprecated. Please use 'rhc sshkey-remove' instead.

Removing the key '. ... DEBUG: Authenticating with RHC::Auth::Token
DEBUG: Connecting to https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api
DEBUG: Deleting key '.'
DEBUG: Finding key .
DEBUG: Getting user info
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Using token authentication
DEBUG: Created new httpclient
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api
DEBUG: SSL Verification failed -- Using self signed cert
DEBUG:    code 200  603 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api
DEBUG:    code 200  142 ms
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user
DEBUG:    code 200  214 ms
DEBUG: Getting all keys for user pruan
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys
DEBUG:    code 200  138 ms
DEBUG: Deleting key .
DEBUG: Using token authentication
DEBUG: Request DELETE https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys/
DEBUG:    code 404  137 ms
DEBUG: Response did not include a message from server: invalid character at "<!DOCTYPE "

The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or
firewall). Please verify that you can access the OpenShift server https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys/
Comment 8 Lili Nader 2013-10-03 16:05:36 UTC 
Please see comment 3 - Existing keys starting with . cannot be deleted though the API
Comment 9 Peter Ruan 2013-10-03 16:09:33 UTC 
When I tested it, I added the sshkey from scratch so it's not existing...looks like the code to prevent user from added '.' as the key name is not being hit.
Comment 10 Peter Ruan 2013-10-03 19:17:43 UTC 
verfiied with devenv_3958

[peter@unused-16-138 <DEV> .openshift]# rhc sshkey add . ~/.ssh/id_rsa.pub.old 
Invalid key name. Name cannot start with "."
[peter@unused-16-138 <DEV> .openshift]#