libcloud-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Tratner (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (LIBCLOUD-610) GCE Driver with bad private key path generates unintuitive error message
Date Mon, 08 Sep 2014 17:17:28 GMT

     [ https://issues.apache.org/jira/browse/LIBCLOUD-610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Jeff Tratner updated LIBCLOUD-610:
----------------------------------
    Description: 
When you pass a key to the GCE driver and the path doesn't exist, it ends up passing the buck
down to PyCrypto, because it assumes that it isn't a keypath. Relevant lines are here (snipped
from `__init__` method of `GoogleBaseAuthConnection`):
{code:title=gce.py}
        keypath = os.path.expanduser(key)
        is_file_path = os.path.exists(keypath) and os.path.isfile(keypath)
        if is_file_path:
            with open(keypath, 'r') as f:
                key = f.read()
        super(GoogleServiceAcctAuthConnection, self).__init__(
            user_id, key, *args, **kwargs)
{code}
The problem is the keypath doesn't exist (and obviously it's not a file), so instead of a
nice error message saying 'invalid file path', you get a ValueError from PyCrypto saying 'ValueError:
RSA key format is not supported' which is problematic especially because you also get this
error if you have the wrong version of PyCrypto installed. Given that PyCrypto actually expects
bytes, I think it makes sense for libcloud to be responsible for this error.

I encountered this using salt and there's an open issue to deal with it on the salt end here
- https://github.com/saltstack/salt/pull/15589

  was:
When you pass a key to the GCE driver and the path doesn't exist, it ends up passing the buck
down to PyCrypto, because it assumes that it isn't a keypath. Relevant lines are here (snipped
from `__init__` method of `GoogleBaseAuthConnection`):

        keypath = os.path.expanduser(key)
        is_file_path = os.path.exists(keypath) and os.path.isfile(keypath)
        if is_file_path:
            with open(keypath, 'r') as f:
                key = f.read()
        super(GoogleServiceAcctAuthConnection, self).__init__(
            user_id, key, *args, **kwargs)

The problem is the keypath doesn't exist (and obviously it's not a file), so instead of a
nice error message saying 'invalid file path', you get a ValueError from PyCrypto saying 'ValueError:
RSA key format is not supported' which is problematic especially because you also get this
error if you have the wrong version of PyCrypto installed. Given that PyCrypto actually expects
bytes, I think it makes sense for libcloud to be responsible for this error.

I encountered this using salt and there's an open issue to deal with it on the salt end here
- https://github.com/saltstack/salt/pull/15589


> GCE Driver with bad private key path generates unintuitive error message
> ------------------------------------------------------------------------
>
>                 Key: LIBCLOUD-610
>                 URL: https://issues.apache.org/jira/browse/LIBCLOUD-610
>             Project: Libcloud
>          Issue Type: Bug
>          Components: Compute
>            Reporter: Jeff Tratner
>            Priority: Minor
>
> When you pass a key to the GCE driver and the path doesn't exist, it ends up passing
the buck down to PyCrypto, because it assumes that it isn't a keypath. Relevant lines are
here (snipped from `__init__` method of `GoogleBaseAuthConnection`):
> {code:title=gce.py}
>         keypath = os.path.expanduser(key)
>         is_file_path = os.path.exists(keypath) and os.path.isfile(keypath)
>         if is_file_path:
>             with open(keypath, 'r') as f:
>                 key = f.read()
>         super(GoogleServiceAcctAuthConnection, self).__init__(
>             user_id, key, *args, **kwargs)
> {code}
> The problem is the keypath doesn't exist (and obviously it's not a file), so instead
of a nice error message saying 'invalid file path', you get a ValueError from PyCrypto saying
'ValueError: RSA key format is not supported' which is problematic especially because you
also get this error if you have the wrong version of PyCrypto installed. Given that PyCrypto
actually expects bytes, I think it makes sense for libcloud to be responsible for this error.
> I encountered this using salt and there's an open issue to deal with it on the salt end
here - https://github.com/saltstack/salt/pull/15589



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message