robert-sanfeliu
commented
1 month ago I assume it is an error of the UI, if it comes from EXN middleware, please, feel free to assign it to the responsible person and move it to the appropriate repo.
Closed robert-sanfeliu closed 2 weeks ago
robert-sanfeliu
commented
1 month ago I assume it is an error of the UI, if it comes from EXN middleware, please, feel free to assign it to the responsible person and move it to the appropriate repo.
vkefalas-exz
commented
1 month ago Hey @robert-sanfeliu can you provide me the resource uuid I need to replicate it.
In the gui if the Key Private Key is already scaped '\n' it will double scape it.
It must be inserted like -----BEGIN RSA PRIVATE KEY---- MIIEogIBAAKCAQEAlEu1UYevZmtuOosEY+oiIDNLEwWnkrUvIyTfp7X/tcEmkfIE....
robert-sanfeliu
commented
1 month ago That is the problem, as far as I know, OpenSSH .pem file format has newlines in it. See a sample key generated by AWS:
(I changed the extension to .txt because GitHub wouldn't allow me to upload a .pem file)
fotisp
commented
1 month ago @robert-sanfeliu , that is not what @vkefalas-exz mentions. Please check that the value that has been copied into the text field, is not already escaped. Meaning that we do not escape the content before hand. Can you provide an application on CD for us to make sure.
robert-sanfeliu
commented
1 month ago Ok. Did some more testing with a fresh key from AWS and couldn't replicate the problem. I assume that the original key was wrong... Sorry for the inconvenience
robert-sanfeliu
commented
1 month ago Ok, I did again more testing and could replicate the problem.
Steps to reporduce:
{metaData={userId=admin}, body=[{"cloudId":"582fa17e-448e-47fe-9bd0-b95e53edc3cf","cloudProviderName":"aws-ec2","cloudType":"PUBLIC","securityGroup":"1","subnet":"1","sshCredentials":{"username":"1","keyPairName":"1","privateKey":"-----BEGIN RSA PRIVATE KEY-----\\nMIIEpAIBAAKCAQEAl6KekZZQIr6W2tgVZydumsscEsppjh4K/R0nUHH5qw76m64R\\nTXVGN4D8OYSb/iZgorRImLesmTS+ZofjlLfttBSWboiSzxGcmDDWAVBeFHS1DdEO\\nFU3AUwZHWZm5XL0zAMttItfxsD9oUe0X7qxZEm3D0mhh0JAo+5sr6RIdHbCzTd1N\\ncus20iXaAJW4gKV1Pz7ksoYIoinjN6kdy01K/GqM05Ey1IkH+WTwp4BpVYMVY6nL\\nWjkWbOGGgf5aA0LS0HNdDZEJCqn+nLq8iZh9h6qumvMD9KUAL1FIJoftm7rComUa\\nM8x1q/cXOQ6mxcWyBWPTv4Zz0rW635/NPnYTUwIDAQABAoIBAQCAntnuGBglQJDp\\nVLzi4Nm6x2oqrjLW77jWdnIwlFz4sh31C7N1hnJnBivsBgXjkF4L5OxnTfVDhy+x\\n/LYYIeOpCoWHgKU2q3OuzE3ak3cZ1tz0uU0+2NK4Ge1PnUtT1NB8bhFGqvFBVKeC\\nRqA0PVDYhu7BfPTrWjzJHxgh/NFhqn3d6Xy/zEcYQMeNeX1CFpYLeSbyLhV6hx12\\nHeAdV/UzMpFsnR1q0rNnSaIj9shbxrJC26YRUTMgRnNAaKlaaQFSrazAEj9uNV0d\\nbzUZ1w6nFJqAviRYnkm1aMx/DA5Ryz8fei4OpJe3tfgV8TxVtGh6BpNssHHGUB4/\\nGyP1jBdxAoGBAN5NOIjr8OLQUy85ieeGCJPgVqaSh26HXOIFyJjsdZFbEL8HdJle\\nBCY9PoKrxe1ZFgvF6xhtnFn2DGqrzs4pvUjVVNv6+fvNyP7AHV4W6zD9L/IkgUk6\\n9inFhSb3sioa8qyHhSiPxS+JbH8edUsIgqK0AX/uFUBHP9OW6d27SQPfAoGBAK6f\\nEqJZ5eCQGqMfYu7eSF26UFXfRz6+uQlsVB3GKwCGmJG0NWJbq6fzHMLugeduQp++\\n94NP1DB2A8LTEFfJx5P3YmezDmtbDFPpRKcoiufOr1/52DBYr70Yd9scnVEVlcQt\\nFjQwxJJGZgMGzNChyMPIRl4U75B7eNRqbFTN0z8NAoGBAMKb/Zs4Wkhlsf0MtSJ/\\nXzD92z2112Q2kmS4RXVCxGW8wDtL7pJ5EM7dHMVOVVbEf51M5dQb2R2UXihgQgqP\\n1cpWIBT4cTI0Y/pI+yysibb4X6nutVQDjw7ggQGtJEbiEoJhnXv16N0FxHrAklRe\\nneaMCSgSqH3+Ie09F31qgLAnAoGAKUyeD5/Lao0qf6IQuAYCf4htL6IbK4/YG45v\\nZotT6E/tDajdZ2He+13YU5ItTxsYzsdPqtLakIuY4B8jImAqv6gmsff7VRC3nbDx\\n98by81hCyiRBKU4QYlzDHCNsYZ0FStyO/9D47M+RmO2my0E4RnW7jszMzBMnxLVW\\n4ce8SpECgYAkfv/4Aix5LPCSkBGHkTQADKexL2Hlz58fWwkPdwrfcdRq6Qyzr02G\\nDk9l9hRNSZDCWLL0woNbXr65JvY0gMfXFvxPktekcgk5HEBzztHErpCMyC/lltWl\\nvEOL3IoJLGqd2o/soNjDzVGvIWcmjP7hGFZl+Eq/u2J5sCjzYE+cqw==\\n-----END RSA PRIVATE KEY-----"},"endpoint":"1","scope":{"prefix":null,"value":null},"identityVersion":"1","defaultNetwork":"1","credentials":{"user":"1","secret":"1","domain":"1"},"blacklist":null}]}
See how \n is converted to \\n
fotisp
commented
1 month ago @robert-sanfeliu OK, then this is not a valid requirement.
\n is a special character, and as such has to be escaped.
So what is happening, is that this is being double escaped, once manually by yourself, and next by the cleanup process during form submission which is very common.
The issue here is with sal, that requires these values to be escaped in the content.
This is expected behaviour, and we will need to discuss a bit more on this one.
robert-sanfeliu
commented
2 weeks ago I confirm it is fixed
In the cloud registration form, If I provide the following value in "Key Private Key" field:
-----BEGIN RSA PRIVATE KEY-----\nMIIEogIBAAKCAQEAlEu1UYevZmtuOosEY+oiIDNLEwWnkrUvIyTfp7X/tcEmkfIE\n...EXN middleware library reports that this message is sent to SAL:
...
"privateKey":"-----BEGIN RSA PRIVATE KEY-----\\nMIIEogIBAAKCAQEAlEu1UYevZmtuOosEY+oiIDNLEwWnkrUvIyTfp7X/tcEmkfIE\\ncYtQasYrgpvyT6Ev3fJpvY6UWb2poL+zciw8Pf5362m/9Aun....\ncharacters are escaped to\\n, making the SSH key invalid.