ssh key upload only works without value in "name" field #7

New Issue

Open

opened 2022-05-11 06:45:36 +00:00 by nicholas_a_b_ · 4 comments

nicholas_a_b_ commented 2022-05-11 06:45:36 +00:00

Copy Link

don't know if this project is meant to be used at all - i made a test capsul following the guide and one tiny hiccup i had - you can only upload an ssh key if you don't put any value in the name field and allow the service to use fill in a default value from the ssh pub key comment

don't know if this project is meant to be used at all - i made a test capsul following the guide and one tiny hiccup i had - you can only upload an ssh key if you don't put any value in the name field and allow the service to use fill in a default value from the ssh pub key comment

forest commented 2022-05-11 17:51:15 +00:00

Copy Link

This issue would be inside the 3wordchant/capsul-flask:yolocolo docker image -- that docker image I believe comes from https://git.autonomic.zone/3wordchant/capsul-flask

This issue would be inside the `3wordchant/capsul-flask:yolocolo` docker image -- that docker image I believe comes from https://git.autonomic.zone/3wordchant/capsul-flask

forest commented 2022-05-11 17:53:25 +00:00

Copy Link

FWIW the deployed version on capsul.org does not have this issue, or at least I can't seem to reproduce it.

I will say, in the past we have had some issues with SSH keys not being accepted due to the ham-fisted anti-XSS sanitization process. (it uses a regex whitelist )

So it might help if you could post the ssh public key that you tried to upload and the logs / http response produced if any.

FWIW the deployed version on capsul.org does not have this issue, or at least I can't seem to reproduce it. I will say, in the past we have had some issues with SSH keys not being accepted due to the ham-fisted anti-XSS sanitization process. (it uses a regex whitelist ) So it might help if you could post the ssh public key that you tried to upload and the logs / http response produced if any.

nicholas_a_b_ commented 2022-05-11 18:09:38 +00:00

Author

Copy Link

thanks for the reply forest. to clarify this issue came up at https://yolo.servers.coop, which i was testing because i was thinking about self-hosting a capsul-flask instance using abra. i can move the issue over to that linked git if you'd like.

here's some of the logs (lmk if i should get some more detailed logs of something)

request:

:method: POST
:scheme: https
:authority: yolo.servers.coop
:path: /console/keys
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Content-Type: application/x-www-form-urlencoded
Origin: https://yolo.servers.coop
Cookie: session=eyJhY2NvdW50IjoibmJ1cmthQG1hYy5jb20iLCJjc3JmLXRva2VuIjoiQWhKdzNjTlc5Z0tNX3MtbUs0Q0ZIIn0.Ynr1aw.NtaWE_Tey1eZBNGgnDdhwzGztWc
Content-Length: 697
Accept-Language: en-us
Host: yolo.servers.coop
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15
Referer: https://yolo.servers.coop/console/keys
Accept-Encoding: gzip, deflate, br
Connection: keep-alive

request data:

MIME Type: application/x-www-form-urlencoded
method: POST
action: upload_ssh_key
csrf-token: AhJw3cNW9gKM_s-mK4CFH
content: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC+An4psG9Zoz+FYAnJBOMD1f48qPYtYdc8ZzVUOBABe01BewqCXJQx4zjXdyC+CRtbVp54mMkdwG9FrhEIIMNzcwx4T34EzMGydMC0cOhqw7Bxz0S9As7OTm+peiM7Dx8SP8i5WqnvldLoj34WT6b8fTCwXEc2L62ahfGrfjCrudjtnJvXtiNAAQ5vmUsg0aM8DLSsw24hV+oyT4gnuawlUB2g+ry3a/PKWYtuISFrvtN9ubR/RUIEW/THJ9MQ8RDkbVyubWEb3hqTVOrXeQD4Xe91sjlJLGw1ZBMLcNZh2XPYDOVg87bpT8Qm1o39afcYS5cR5iK8ttdLs0MKeM5bulE29bC+uTAuJh21Jk5kZeZ6QGxU9fLup7s+TVyEYYoPFDZQRxbPQ6Caznt1bj0LLpUEynx4eatZF7Mb1AULhz25fen7QEdbs/jf2B3PSfY9GLNF3GYKvJ+h58TsZDf0DHZF+yXAQpKe7koVRkmWYtwxnRnR0Ola14RdCzBi1HU= nicholas@Nicholass-MBP.home
name: abaa

response:

:status: 200
Set-Cookie: session=eyJhY2NvdW50IjoibmJ1cmthQG1hYy5jb20iLCJjc3JmLXRva2VuIjoiQWhKdzNjTlc5Z0tNX3MtbUs0Q0ZIIn0.Ynv6Jw.-KDvhf1n00veXETvmdRQPqmp_KU; HttpOnly; Path=/
Content-Type: text/html; charset=utf-8
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
Date: Wed, 11 May 2022 18:02:15 GMT
X-Frame-Options: SAMEORIGIN
Content-Length: 4376
Vary: Cookie
Server: gunicorn/20.0.4

thanks for the reply forest. to clarify this issue came up at https://yolo.servers.coop, which i was testing because i was thinking about self-hosting a capsul-flask instance using abra. i can move the issue over to that linked git if you'd like. here's some of the logs (lmk if i should get some more detailed logs of something) request: :method: POST :scheme: https :authority: yolo.servers.coop :path: /console/keys Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Content-Type: application/x-www-form-urlencoded Origin: https://yolo.servers.coop Cookie: session=eyJhY2NvdW50IjoibmJ1cmthQG1hYy5jb20iLCJjc3JmLXRva2VuIjoiQWhKdzNjTlc5Z0tNX3MtbUs0Q0ZIIn0.Ynr1aw.NtaWE_Tey1eZBNGgnDdhwzGztWc Content-Length: 697 Accept-Language: en-us Host: yolo.servers.coop User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15 Referer: https://yolo.servers.coop/console/keys Accept-Encoding: gzip, deflate, br Connection: keep-alive request data: MIME Type: application/x-www-form-urlencoded method: POST action: upload_ssh_key csrf-token: AhJw3cNW9gKM_s-mK4CFH content: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC+An4psG9Zoz+FYAnJBOMD1f48qPYtYdc8ZzVUOBABe01BewqCXJQx4zjXdyC+CRtbVp54mMkdwG9FrhEIIMNzcwx4T34EzMGydMC0cOhqw7Bxz0S9As7OTm+peiM7Dx8SP8i5WqnvldLoj34WT6b8fTCwXEc2L62ahfGrfjCrudjtnJvXtiNAAQ5vmUsg0aM8DLSsw24hV+oyT4gnuawlUB2g+ry3a/PKWYtuISFrvtN9ubR/RUIEW/THJ9MQ8RDkbVyubWEb3hqTVOrXeQD4Xe91sjlJLGw1ZBMLcNZh2XPYDOVg87bpT8Qm1o39afcYS5cR5iK8ttdLs0MKeM5bulE29bC+uTAuJh21Jk5kZeZ6QGxU9fLup7s+TVyEYYoPFDZQRxbPQ6Caznt1bj0LLpUEynx4eatZF7Mb1AULhz25fen7QEdbs/jf2B3PSfY9GLNF3GYKvJ+h58TsZDf0DHZF+yXAQpKe7koVRkmWYtwxnRnR0Ola14RdCzBi1HU= nicholas@Nicholass-MBP.home name: abaa response: :status: 200 Set-Cookie: session=eyJhY2NvdW50IjoibmJ1cmthQG1hYy5jb20iLCJjc3JmLXRva2VuIjoiQWhKdzNjTlc5Z0tNX3MtbUs0Q0ZIIn0.Ynv6Jw.-KDvhf1n00veXETvmdRQPqmp_KU; HttpOnly; Path=/ Content-Type: text/html; charset=utf-8 Content-Security-Policy: default-src 'self' X-Content-Type-Options: nosniff Date: Wed, 11 May 2022 18:02:15 GMT X-Frame-Options: SAMEORIGIN Content-Length: 4376 Vary: Cookie Server: gunicorn/20.0.4

Screen Shot 2022-05-11 at 2.04.59 PM.png

12 KiB

forest commented 2022-05-12 16:56:01 +00:00

Copy Link

I think it probably just needs these commits? 9d6fe075b0..961bb4976b

I can't explain why its throwing name is required for that request though. I can't reproduce on capsul.org with that specific key / key name. It's fixed upstream so as soon as yolocolo gets updated it should be all good.

I think it probably just needs these commits? https://git.cyberia.club/cyberia/capsul-flask/compare/9d6fe075b0f1f88a3950a4761e98d77847f16645..961bb4976ba1d4f9d535202835d79f7cc446872e I can't explain why its throwing name is required for that request though. I can't reproduce on capsul.org with that specific key / key name. It's fixed upstream so as soon as yolocolo gets updated it should be all good.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

No results found.

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

3wordchant aadil abra-bot ammaratef45 Apfelwurm appletalk arjan basebuilder Brooke carla cas codegod100 coopcloud decentral1se fauno flancian Frando iexos javielico jmakdah2 kawaiipunk knoflook lambdabundesverband mac-chaffee marlon mayel mirsal moritz nicksellen notplants p4u1 pau renovate-bot ripclap rix sef simon sixsmith stevensting tobias trav val virtualboys wolcen wykwit xynosis yksflip

No Assignees

2 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/capsul#7

No description provided.