Bug 980306 - Failed to delete the ssh key with name "."
Failed to delete the ssh key with name "."
Status: CLOSED CURRENTRELEASE
Product: OpenShift Online
Classification: Red Hat
Component: REST API (Show other bugs)
2.x
Unspecified Unspecified
unspecified Severity medium
: ---
: ---
Assigned To: Lili Nader
libra bugs
:
Depends On:
Blocks: 1018642
  Show dependency treegraph
 
Reported: 2013-07-01 23:42 EDT by Tian Feng
Modified: 2015-05-14 20:55 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1018642 (view as bug list)
Environment:
Last Closed: 2013-10-17 09:27:06 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tian Feng 2013-07-01 23:42:20 EDT
Description of problem:
Failed to delete a ssh key with name with "." against RESTAPI

Version-Release number of selected component (if applicable):

devenv_3434 and STG 

How reproducible:

always

Steps to Reproduce:

1.Add a ssh key with name "."
2.Delete it
3.

Actual results:

It will return to /app/console/key, and the page not found.

Expected results:

Delete it successfully.

Additional info:
Comment 1 Tian Feng 2013-07-02 01:04:57 EDT
Also happen on REST API

client:
[sunwei@dhcp-8-229 ~]$ rhc sshkey remove .
Removing the key '. ... Password: ******
The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or firewall).
Please verify that you can access the OpenShift server https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/
[sunwei@dhcp-8-229 ~]$ rhc sshkey remove . -d
DEBUG: Using config file /home/sunwei/.openshift/express.conf
Removing the key '. ... DEBUG: Authenticating with RHC::Auth::Basic
DEBUG: Connecting to https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/api
DEBUG: Deleting key '.'
DEBUG: Finding key .
DEBUG: Getting user info
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/api
DEBUG: SSL Verification failed -- Using self signed cert
DEBUG:    code 200 1111 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5
Password: *
DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user
DEBUG:    code 200 1066 ms
DEBUG: Getting all keys for user wsun+3@redhat.com
DEBUG: Request GET https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys
DEBUG:    code 200  550 ms
DEBUG: Deleting key .
DEBUG: Request DELETE https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/
DEBUG:    code 404  279 ms
DEBUG: Response did not include a message from server: invalid character at "<!DOCTYPE "
The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or firewall).
Please verify that you can access the OpenShift server https://ec2-67-202-36-189.compute-1.amazonaws.com/broker/rest/user/keys/
Comment 2 Jordan Liggitt 2013-07-02 08:43:22 EDT
The links generated for a key whose name is "." are incorrect.

The '.' needs to be encoded, or it will be normalized to point to the parent path segment, like this:

    "DELETE": {
        "href": "https://openshift.redhat.com/broker/rest/user/keys/",
        "method": "DELETE",
        "optional_params": [ ],
        "rel": "Delete SSH key",
        "required_params": [ ]
    }


A similar issue probably exists for a key named ".."
Comment 3 Lili Nader 2013-10-01 21:52:23 EDT
Added code to prevent keys with names starting with "."

https://github.com/openshift/origin-server/pull/3757

There isn't much that can be done for any existing keys that start with "." other than a manual delete by OPS team.
Comment 4 Clayton Coleman 2013-10-02 16:08:11 EDT
How many users have keys of this form?
Comment 5 Clayton Coleman 2013-10-02 16:11:19 EDT
Also - why is starting with '.' important?  This bug sounds like it's more about '.' and '..', not keys of the form '.<something>'.  Being more restrictive doesn't help much here.
Comment 7 Peter Ruan 2013-10-03 03:05:23 EDT
tested with devenv_3854, still fail to delete the sshkey named '.'

[peter@unused-16-138 <DEV> ~]# rhc sshkey delete . -d
DEBUG: Using config file /home/peter/.openshift/express.conf
Warning: This command is deprecated. Please use 'rhc sshkey-remove' instead.

Removing the key '. ... DEBUG: Authenticating with RHC::Auth::Token
DEBUG: Connecting to https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api
DEBUG: Deleting key '.'
DEBUG: Finding key .
DEBUG: Getting user info
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Using token authentication
DEBUG: Created new httpclient
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api
DEBUG: SSL Verification failed -- Using self signed cert
DEBUG:    code 200  603 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/api
DEBUG:    code 200  142 ms
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user
DEBUG:    code 200  214 ms
DEBUG: Getting all keys for user pruan@redhat.com
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys
DEBUG:    code 200  138 ms
DEBUG: Deleting key .
DEBUG: Using token authentication
DEBUG: Request DELETE https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys/
DEBUG:    code 404  137 ms
DEBUG: Response did not include a message from server: invalid character at "<!DOCTYPE "

The server did not respond correctly. This may be an issue with the server configuration or with your connection to the server (such as a Web proxy or
firewall). Please verify that you can access the OpenShift server https://ec2-54-224-126-19.compute-1.amazonaws.com/broker/rest/user/keys/
Comment 8 Lili Nader 2013-10-03 12:05:36 EDT
Please see comment 3 - Existing keys starting with . cannot be deleted though the API
Comment 9 Peter Ruan 2013-10-03 12:09:33 EDT
When I tested it, I added the sshkey from scratch so it's not existing...looks like the code to prevent user from added '.' as the key name is not being hit.
Comment 10 Peter Ruan 2013-10-03 15:17:43 EDT
verfiied with devenv_3958

[peter@unused-16-138 <DEV> .openshift]# rhc sshkey add . ~/.ssh/id_rsa.pub.old 
Invalid key name. Name cannot start with "."
[peter@unused-16-138 <DEV> .openshift]#

Note You need to log in before you can comment on or make changes to this bug.