Description of problem: Failed to delete a ssh key with name with "." against RESTAPI Version-Release number of selected component (if applicable): devenv_3434 and STG How reproducible: always Steps to Reproduce: 1.Add a ssh key with name "." 2.Delete it 3. Actual results: It will return to /app/console/key, and the page not found. Expected results: Delete it successfully. Additional info:
Also happen on REST API client: [sunwei@dhcp-8-229 ~]$ rhc sshkey remove . Removing the key '. ... Password: ****** The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or firewall). Please verify that you can access the OpenShift server https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/ [sunwei@dhcp-8-229 ~]$ rhc sshkey remove . -d DEBUG: Using config file /home/sunwei/.openshift/express.conf Removing the key '. ... DEBUG: Authenticating with RHC::Auth::Basic DEBUG: Connecting to https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/api DEBUG: Deleting key '.' DEBUG: Finding key . DEBUG: Getting user info DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5 DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/api DEBUG: SSL Verification failed -- Using self signed cert DEBUG: code 200 1111 ms DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5 Password: * DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user DEBUG: code 200 1066 ms DEBUG: Getting all keys for user wsun+3 DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys DEBUG: code 200 550 ms DEBUG: Deleting key . DEBUG: Request DELETE https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/ DEBUG: code 404 279 ms DEBUG: Response did not include a message from server: invalid character at "<!DOCTYPE " The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or firewall). Please verify that you can access the OpenShift server https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/
The links generated for a key whose name is "." are incorrect. The '.' needs to be encoded, or it will be normalized to point to the parent path segment, like this: "DELETE": { "href": "https://openshift.redhat.com/broker/rest/user/keys/", "method": "DELETE", "optional_params": [ ], "rel": "Delete SSH key", "required_params": [ ] } A similar issue probably exists for a key named ".."
Added code to prevent keys with names starting with "." https://github.com/openshift/origin-server/pull/3757 There isn't much that can be done for any existing keys that start with "." other than a manual delete by OPS team.
How many users have keys of this form?
Also - why is starting with '.' important? This bug sounds like it's more about '.' and '..', not keys of the form '.<something>'. Being more restrictive doesn't help much here.
Commit pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/8bef57b441cd60187cbcbeea219c7a7045140b6b Bug 980306
tested with devenv_3854, still fail to delete the sshkey named '.' [peter@unused-16-138 <DEV> ~]# rhc sshkey delete . -d DEBUG: Using config file /home/peter/.openshift/express.conf Warning: This command is deprecated. Please use 'rhc sshkey-remove' instead. Removing the key '. ... DEBUG: Authenticating with RHC::Auth::Token DEBUG: Connecting to https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api DEBUG: Deleting key '.' DEBUG: Finding key . DEBUG: Getting user info DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5 DEBUG: Using token authentication DEBUG: Created new httpclient DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api DEBUG: SSL Verification failed -- Using self signed cert DEBUG: code 200 603 ms DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6 DEBUG: Using API version 1.5 DEBUG: Client API version 1.5 is not current. Refetching API DEBUG: Using token authentication DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api DEBUG: code 200 142 ms DEBUG: Using token authentication DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user DEBUG: code 200 214 ms DEBUG: Getting all keys for user pruan DEBUG: Using token authentication DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys DEBUG: code 200 138 ms DEBUG: Deleting key . DEBUG: Using token authentication DEBUG: Request DELETE https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys/ DEBUG: code 404 137 ms DEBUG: Response did not include a message from server: invalid character at "<!DOCTYPE " The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or firewall). Please verify that you can access the OpenShift server https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys/
Please see comment 3 - Existing keys starting with . cannot be deleted though the API
When I tested it, I added the sshkey from scratch so it's not existing...looks like the code to prevent user from added '.' as the key name is not being hit.
verfiied with devenv_3958 [peter@unused-16-138 <DEV> .openshift]# rhc sshkey add . ~/.ssh/id_rsa.pub.old Invalid key name. Name cannot start with "." [peter@unused-16-138 <DEV> .openshift]#