Ensure ssh key is sanitized when read from disk

We currently pass the ssh key read from disk straight into
cloud-init.  If it contains newlines before or after, it can
break the yaml formatting of the cloud-init causing the appliance
to fail to successfull boot.

Change-Id: I26ef83dc7b02afc5e30f09447363ee27c9dca07c
Closes-bug: #1573167
(cherry picked from commit 158cf8d670)
This commit is contained in:
Adam Gandelman 2016-04-21 11:00:14 -07:00
parent 4116810528
commit 5d428949c6
2 changed files with 14 additions and 1 deletions

View File

@ -395,7 +395,7 @@ def _ssh_key():
return ''
try:
with open(key) as out:
return out.read()
return out.read().strip()
except IOError:
LOG.warning(_LW('Could not load router ssh public key from %s'), key)
return ''

View File

@ -210,6 +210,19 @@ class TestNovaWrapper(base.RugTestBase):
result = nova._ssh_key()
self.assertEqual(result, 'fake-key')
@mock.patch.object(__builtins__, 'open', autospec=True)
def test_ssh_key_sanitize(self, fake_open):
mock_key_file = mock.MagicMock(spec=file)
mock_key_file.read.return_value = ('''
fake-key with some newlines
''')
mock_key_file.__enter__.return_value = mock_key_file
fake_open.return_value = mock_key_file
result = nova._ssh_key()
self.assertEqual(result, 'fake-key with some newlines')
@mock.patch.object(nova, 'LOG', autospec=True)
@mock.patch.object(__builtins__, 'open', autospec=True)
def test_ssh_key_not_found(self, fake_open, fake_log):