Canonical SSO provider

Unable to delete SSH keys

Bug #1780411 reported by Jimmy Merrild Krag
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Canonical SSO provider
Fix Released
Undecided
Maximiliano Bertacchini
Launchpad itself
Fix Released
High
Colin Watson

Bug Description

I cannot delete my SSH keys.
I have marked this a security vulnerability because of the poential inability to delete a compromized SSH key.

Got no OOPS ID, but got a Sentry ID: 32a232dcb50c420cb17e2de793c7968e

Related branches

lp:~maxiberta/canonical-identity-provider/clean-ssh-key-add
Colin Watson: Approve
Diff: 48 lines (+10/-4)
2 files modified
src/webui/forms.py (+8/-2)
src/webui/tests/test_forms.py (+2/-2)
lp:~cjwatson/launchpad/delete-ssh-key-text-type
Maximiliano Bertacchini (community): Approve
Launchpad code reviewers: Pending requested
Diff: 75 lines (+37/-3)
2 files modified
lib/lp/registry/browser/tests/test_person_webservice.py (+34/-1)
lib/lp/registry/interfaces/person.py (+3/-2)
Revision history for this message
Daniel Manrique (roadmr) wrote :

UnknownLaunchpadError: <UnknownLaunchpadError code: 400 message: 'key_text: ssh-dss AAAAB3NzaC1kc3MAAACBAJle69Pl5apCOWyy/IWxOXLC7aLPRTdziK56cPNeJJ8AKPcv3cncU1lqBVqub94URnWVuTobx00wlhBPzG+y4jEWe5Q/uFu0EgUV/uZ+csoNoaMxjZNGKS5HAeJBlkTJTtlRjwTviFNJzRsHQB8kK6EqKzlCVo5ppCAGQn2wOCS/AAAAFQDKTifx6yiHMEV0Bncrv57cgA11aQAAAIA1jl3JuRNEpKafZT2LBSMvebCTjAJiX06XzaGLN5azsNMSUQQhLszQW2pU+GQ9iJ5C7nqtNeUtJyUw2oWCDyWpp7gGKoYrO9+5WU+eFamTlfff2ilJ093sKqjTx8AiSKY/VJagKpqQd+qSLv8JN9NgYXiIz0uWUtIXlslHj8juNQAAAIBDnrlBOT1pUUr3dvdyjxAbw93spWEiAuHtQSA9kKpJEbuL1LxESjcGI1Tvo83mG5BHDE2Cmmm7oZLC+PedkqUD7m7iUG6PWZbAbTKFpTNt0yGQoZOQJnw6xRwtUFKerA+zx4q3YQaIHXVUP2JCD7v++alYvF87FlNrGG2fGSXlaQ== beruic@beruic-laptop
'>

This is what SSO said. I wonder why Launchpad 400d on us? could someone with access to Launchpad logs please have a look?

Here's the timestamp from the Sentry event.
Jul 6, 2018 9:52:55 AM UTC

Changed in canonical-identity-provider:
status: New → Confirmed
Revision history for this message
Colin Watson (cjwatson) wrote :

Launchpad is just rejecting this because of parameter formatting: the key_text parameter is declared as a TextLine, so it isn't allowed to have a trailing newline.

Changed in launchpad:
status: New → Invalid
Revision history for this message
Colin Watson (cjwatson) wrote :

16:16 <cjwatson> roadmr: easy to test - while you can't actually use that method for real without SSO's privileges, you can get far enough to see parameter validation happening. try 'lp-shell production devel' and then do lp.people.addSSHKeyFromSSO(openid_identifier='test', key_text='ssh-dss\n', dry_run=True) vs. same without the \n
16:20 <cjwatson> roadmr: so I think somebody needs to look into why ClaimSSHKeyForm.clean_ssh_key's .strip() and re.sub apparently isn't happening or not being saved into the form data or whatever (maybe something needs to call .clean() on the form and isn't?)
16:20 <cjwatson> roadmr: should be easy to exercise in the test suite anyway

Revision history for this message
Maximiliano Bertacchini (maxiberta) wrote :

Note that `ClaimSSHKeyForm` is used when adding keys, while this is an issue with deletion. That said, `DeleteSSHKeyForm` gets its choices directly from LP (`get_lp_ssh_keys()`). So, I believe LP itself might have "invalid" ssh keys in its storage. Is that possible?

OTOH, I've proposed a branch with an improved cleanup for *new* ssh keys.

Maximiliano Bertacchini (maxiberta)
Changed in launchpad:
status: Invalid → New
Colin Watson (cjwatson)
Changed in launchpad:
assignee: nobody → Colin Watson (cjwatson)
importance: Undecided → High
status: New → In Progress
tags: added: api lp-registry ssh trivial
Revision history for this message
Launchpad QA Bot (lpqabot) wrote :

Fixed in stable r18743 <http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/18743>.

tags: added: qa-needstesting
Changed in launchpad:
status: In Progress → Fix Committed
Maximiliano Bertacchini (maxiberta)
Changed in canonical-identity-provider:
status: Confirmed → Fix Committed
assignee: nobody → Maximiliano Bertacchini (maxiberta)
Maximiliano Bertacchini (maxiberta)
Changed in canonical-identity-provider:
status: Fix Committed → Fix Released
Revision history for this message
Jimmy Merrild Krag (beruic) wrote :

I have just tried to delete a key on https://login.launchpad.net/ssh-keys, but still get an error.

Revision history for this message
Colin Watson (cjwatson) wrote :

Jimmy, we haven't deployed the Launchpad side of this fix yet. You'll see the Launchpad bug task change to "Fix Released" once we have.

tags: added: qa-ok
removed: qa-needstesting
Revision history for this message
Jimmy Merrild Krag (beruic) wrote :

Sorry. Misread that one :)

Revision history for this message
Colin Watson (cjwatson) wrote :

This should work now. Please test and let us know either way; if it still doesn't work, we'll need to investigate further.

Changed in launchpad:
status: Fix Committed → Fix Released
Revision history for this message
Jimmy Merrild Krag (beruic) wrote :

Sorry it took so long, but the result is that it worked! I could finally delete my old unsafe public key :)

Colin Watson (cjwatson)
information type: Private Security → Public Security
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.