Merge branch 'c9' into a9

This commit is contained in:
eabdullin 2022-05-23 09:18:20 +00:00 committed by Stepan Oksanichenko
commit 384455d3f6
2 changed files with 71 additions and 2 deletions

View File

@ -0,0 +1,62 @@
From 4923426fbfbe8bb2a2ebc26a3096f9e774a274f6 Mon Sep 17 00:00:00 2001
From: Miroslav Rezanina <mrezanin@redhat.com>
Date: Wed, 18 May 2022 05:23:48 -0400
Subject: [PATCH] Add \r\n check for SSH keys in Azure (#889)
RH-Author: Miroslav Rezanina <mrezanin@redhat.com>
RH-MergeRequest: 63: Properly handle \r\n in SSH keys in Azure
RH-Commit: [1/1] decf28cd904c3a96552e954b85dfe07dc8feb84c (mrezanin/src_rhel_cloud-init)
RH-Bugzilla: 2088027
RH-Acked-by: Amy Chen <xiachen@redhat.com>
RH-Acked-by: Eduardo Otubo <otubo@redhat.com>
RH-Acked-by: Emanuele Giuseppe Esposito <eesposit@redhat.com>
See https://bugs.launchpad.net/cloud-init/+bug/1910835
(cherry picked from commit f17f78fa9d28e62793a5f2c7109fc29eeffb0c89)
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
---
cloudinit/sources/DataSourceAzure.py | 3 +++
tests/unittests/test_datasource/test_azure.py | 12 ++++++++++++
2 files changed, 15 insertions(+)
diff --git a/cloudinit/sources/DataSourceAzure.py b/cloudinit/sources/DataSourceAzure.py
index a66f023d..247284ad 100755
--- a/cloudinit/sources/DataSourceAzure.py
+++ b/cloudinit/sources/DataSourceAzure.py
@@ -1551,6 +1551,9 @@ def _key_is_openssh_formatted(key):
"""
Validate whether or not the key is OpenSSH-formatted.
"""
+ # See https://bugs.launchpad.net/cloud-init/+bug/1910835
+ if '\r\n' in key.strip():
+ return False
parser = ssh_util.AuthKeyLineParser()
try:
diff --git a/tests/unittests/test_datasource/test_azure.py b/tests/unittests/test_datasource/test_azure.py
index f8433690..742d1faa 100644
--- a/tests/unittests/test_datasource/test_azure.py
+++ b/tests/unittests/test_datasource/test_azure.py
@@ -1764,6 +1764,18 @@ scbus-1 on xpt0 bus 0
self.assertEqual(ssh_keys, ["ssh-rsa key1"])
self.assertEqual(m_parse_certificates.call_count, 0)
+ def test_key_without_crlf_valid(self):
+ test_key = 'ssh-rsa somerandomkeystuff some comment'
+ assert True is dsaz._key_is_openssh_formatted(test_key)
+
+ def test_key_with_crlf_invalid(self):
+ test_key = 'ssh-rsa someran\r\ndomkeystuff some comment'
+ assert False is dsaz._key_is_openssh_formatted(test_key)
+
+ def test_key_endswith_crlf_valid(self):
+ test_key = 'ssh-rsa somerandomkeystuff some comment\r\n'
+ assert True is dsaz._key_is_openssh_formatted(test_key)
+
@mock.patch(
'cloudinit.sources.helpers.azure.OpenSSLManager.parse_certificates')
@mock.patch(MOCKPATH + 'get_metadata_from_imds')
--
2.31.1

View File

@ -1,6 +1,6 @@
Name: cloud-init
Version: 21.1
Release: 19%{?dist}.alma
Release: 19%{?dist}.1.alma
Summary: Cloud instance init scripts
License: ASL 2.0 or GPLv3
URL: http://launchpad.net/cloud-init
@ -64,6 +64,8 @@ Patch28: ci-Fix-IPv6-netmask-format-for-sysconfig-1215.patch
Patch29: ci-Adding-_netdev-to-the-default-mount-configuration.patch
# For bz#2036060 - [cloud-init][ESXi][RHEL-9] Failed to config static IP according to VMware Customization Config File
Patch30: ci-Setting-highest-autoconnect-priority-for-network-scr.patch
# For bz#2088027 - [RHEL-9.1] SSH keys with \r\n line breaks are not properly handled on Azure [rhel-9.0.0.z]
Patch31: ci-Add-r-n-check-for-SSH-keys-in-Azure-889.patch
# AlmaLinux patches
Patch100: cloud-init-20.3-add_almalinux.patch
@ -268,9 +270,14 @@ fi
%config(noreplace) %{_sysconfdir}/rsyslog.d/21-cloudinit.conf
%changelog
* Wed May 18 2022 Eduard Abdullin <eabdullin@almalinux.org> - 21.1-19.alma
* Mon May 23 2022 Eduard Abdullin <eabdullin@almalinux.org> - 21.1-19.el9_0.1.alma
- AlmaLinux support
* Wed May 18 2022 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-19.el9_0.1
- ci-Add-r-n-check-for-SSH-keys-in-Azure-889.patch [bz#2088027]
- Resolves: bz#2088027
([RHEL-9.1] SSH keys with \r\n line breaks are not properly handled on Azure [rhel-9.0.0.z])
* Fri Feb 25 2022 Miroslav Rezanina <mrezanin@redhat.com> - 21.1-19
- ci-Fix-IPv6-netmask-format-for-sysconfig-1215.patch [bz#2053546]
- ci-Adding-_netdev-to-the-default-mount-configuration.patch [bz#1998445]