diff --git a/SOURCES/ci-Add-r-n-check-for-SSH-keys-in-Azure-889.patch b/SOURCES/ci-Add-r-n-check-for-SSH-keys-in-Azure-889.patch new file mode 100644 index 0000000..73bd2ba --- /dev/null +++ b/SOURCES/ci-Add-r-n-check-for-SSH-keys-in-Azure-889.patch @@ -0,0 +1,62 @@ +From 4923426fbfbe8bb2a2ebc26a3096f9e774a274f6 Mon Sep 17 00:00:00 2001 +From: Miroslav Rezanina +Date: Wed, 18 May 2022 05:23:48 -0400 +Subject: [PATCH] Add \r\n check for SSH keys in Azure (#889) + +RH-Author: Miroslav Rezanina +RH-MergeRequest: 63: Properly handle \r\n in SSH keys in Azure +RH-Commit: [1/1] decf28cd904c3a96552e954b85dfe07dc8feb84c (mrezanin/src_rhel_cloud-init) +RH-Bugzilla: 2088027 +RH-Acked-by: Amy Chen +RH-Acked-by: Eduardo Otubo +RH-Acked-by: Emanuele Giuseppe Esposito + +See https://bugs.launchpad.net/cloud-init/+bug/1910835 + +(cherry picked from commit f17f78fa9d28e62793a5f2c7109fc29eeffb0c89) +Signed-off-by: Miroslav Rezanina +--- + cloudinit/sources/DataSourceAzure.py | 3 +++ + tests/unittests/test_datasource/test_azure.py | 12 ++++++++++++ + 2 files changed, 15 insertions(+) + +diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py +index a66f023d..247284ad 100755 +--- a/cloudinit/sources/DataSourceAzure.py ++++ b/cloudinit/sources/DataSourceAzure.py +@@ -1551,6 +1551,9 @@ def _key_is_openssh_formatted(key): + """ + Validate whether or not the key is OpenSSH-formatted. + """ ++ # See https://bugs.launchpad.net/cloud-init/+bug/1910835 ++ if '\r\n' in key.strip(): ++ return False + + parser = ssh_util.AuthKeyLineParser() + try: +diff --git a/tests/unittests/test_datasource/test_azure.py b/tests/unittests/test_datasource/test_azure.py +index f8433690..742d1faa 100644 +--- a/tests/unittests/test_datasource/test_azure.py ++++ b/tests/unittests/test_datasource/test_azure.py +@@ -1764,6 +1764,18 @@ scbus-1 on xpt0 bus 0 + self.assertEqual(ssh_keys, ["ssh-rsa key1"]) + self.assertEqual(m_parse_certificates.call_count, 0) + ++ def test_key_without_crlf_valid(self): ++ test_key = 'ssh-rsa somerandomkeystuff some comment' ++ assert True is dsaz._key_is_openssh_formatted(test_key) ++ ++ def test_key_with_crlf_invalid(self): ++ test_key = 'ssh-rsa someran\r\ndomkeystuff some comment' ++ assert False is dsaz._key_is_openssh_formatted(test_key) ++ ++ def test_key_endswith_crlf_valid(self): ++ test_key = 'ssh-rsa somerandomkeystuff some comment\r\n' ++ assert True is dsaz._key_is_openssh_formatted(test_key) ++ + @mock.patch( + 'cloudinit.sources.helpers.azure.OpenSSLManager.parse_certificates') + @mock.patch(MOCKPATH + 'get_metadata_from_imds') +-- +2.31.1 + diff --git a/SPECS/cloud-init.spec b/SPECS/cloud-init.spec index cd2c478..bfaf532 100644 --- a/SPECS/cloud-init.spec +++ b/SPECS/cloud-init.spec @@ -1,6 +1,6 @@ Name: cloud-init Version: 21.1 -Release: 19%{?dist} +Release: 19%{?dist}.1 Summary: Cloud instance init scripts License: ASL 2.0 or GPLv3 URL: http://launchpad.net/cloud-init @@ -64,6 +64,8 @@ Patch28: ci-Fix-IPv6-netmask-format-for-sysconfig-1215.patch Patch29: ci-Adding-_netdev-to-the-default-mount-configuration.patch # For bz#2036060 - [cloud-init][ESXi][RHEL-9] Failed to config static IP according to VMware Customization Config File Patch30: ci-Setting-highest-autoconnect-priority-for-network-scr.patch +# For bz#2088027 - [RHEL-9.1] SSH keys with \r\n line breaks are not properly handled on Azure [rhel-9.0.0.z] +Patch31: ci-Add-r-n-check-for-SSH-keys-in-Azure-889.patch # Source-git patches @@ -265,6 +267,11 @@ fi %config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf %changelog +* Wed May 18 2022 Miroslav Rezanina - 21.1-19.el9_0.1 +- ci-Add-r-n-check-for-SSH-keys-in-Azure-889.patch [bz#2088027] +- Resolves: bz#2088027 + ([RHEL-9.1] SSH keys with \r\n line breaks are not properly handled on Azure [rhel-9.0.0.z]) + * Fri Feb 25 2022 Miroslav Rezanina - 21.1-19 - ci-Fix-IPv6-netmask-format-for-sysconfig-1215.patch [bz#2053546] - ci-Adding-_netdev-to-the-default-mount-configuration.patch [bz#1998445]