You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@libcloud.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2014/12/30 22:13:13 UTC

[jira] [Commented] (LIBCLOUD-610) GCE Driver with bad private key path generates unintuitive error message

    [ https://issues.apache.org/jira/browse/LIBCLOUD-610?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14261502#comment-14261502 ] 

ASF GitHub Bot commented on LIBCLOUD-610:
-----------------------------------------

GitHub user erjohnso opened a pull request:

    https://github.com/apache/libcloud/pull/424

    [LIBCLOUD-610] gce: better error message for missing key file

    This small fix addresses feedback in https://issues.apache.org/jira/browse/LIBCLOUD-610. A check is introduced for the existence and readability of the private key file before passing it on to pycrypto.  If the check fails, the user is notified that the private key file is not present or readable.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/erjohnso/libcloud LIBCLOUD-610_gce_keyfile_check

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/libcloud/pull/424.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #424
    
----
commit 7803f349aa88ab4fc3048941c70af9d1c9903b0c
Author: Eric Johnson <er...@google.com>
Date:   2014-12-30T21:10:41Z

    [google compute] better error message for missing key file

----


> GCE Driver with bad private key path generates unintuitive error message
> ------------------------------------------------------------------------
>
>                 Key: LIBCLOUD-610
>                 URL: https://issues.apache.org/jira/browse/LIBCLOUD-610
>             Project: Libcloud
>          Issue Type: Bug
>          Components: Compute
>            Reporter: Jeff Tratner
>            Assignee: Eric Johnson
>            Priority: Minor
>              Labels: Google
>
> When you pass a key to the GCE driver and the path doesn't exist, it ends up passing the buck down to PyCrypto, because it assumes that it isn't a keypath. Relevant lines are here (snipped from `__init__` method of `GoogleBaseAuthConnection`):
> {code:title=gce.py}
>         keypath = os.path.expanduser(key)
>         is_file_path = os.path.exists(keypath) and os.path.isfile(keypath)
>         if is_file_path:
>             with open(keypath, 'r') as f:
>                 key = f.read()
>         super(GoogleServiceAcctAuthConnection, self).__init__(
>             user_id, key, *args, **kwargs)
> {code}
> The problem is the keypath doesn't exist (and obviously it's not a file), so instead of a nice error message saying 'invalid file path', you get a ValueError from PyCrypto saying 'ValueError: RSA key format is not supported' which is problematic especially because you also get this error if you have the wrong version of PyCrypto installed. Given that PyCrypto actually expects bytes, I think it makes sense for libcloud to be responsible for this error.
> I encountered this using salt and there's an open issue to deal with it on the salt end here - https://github.com/saltstack/salt/pull/15589



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)