Jean Mousinho created GUACAMOLE-594: ---------------------------------------
Summary: Import Private Key is Failing Key: GUACAMOLE-594 URL: https://issues.apache.org/jira/browse/GUACAMOLE-594 Project: Guacamole Issue Type: Bug Components: guacd Affects Versions: 0.9.14 Reporter: Jean Mousinho Hi, I was trying to use private key in the basic user authentication and was failing. After some debugging I found that it is reading the key from XML but adding a new line character at the beginning, so when it tries to compare with RSA/DSA headers it fails. I added the following code just for debugging purposes in common-ssh/key.c {code:c} /* Otherwise, unsupported type */ else { printf("Unsupported/invalid private key!\n"); key->private_key_length = length+1; key->private_key = malloc(length+1); memcpy(key->private_key, data, length); key->private_key[length] = '\0'; printf("Key data:\n%s",key->private_key); BIO_free(key_bio); return NULL; } {code} With the following user-mapping.xml extract: {code:c} <param name="private-key">-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,2EEB73462EA53EFFB1AF2EF62440CEB8 ... {code} It gives me: {code} guacd[19414]: DEBUG: Re-attempting private key import (WITH passphrase) key data: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,2EEB73462EA53EFFB1AF2EF62440CEB8 ... {code} To fix it I simply discard the newline character if there is one in common-ssl/user.c {code:c} int guac_common_ssh_user_import_key(guac_common_ssh_user* user, char* private_key, char* passphrase) { /* Free existing private key, if present */ if (user->private_key != NULL) guac_common_ssh_key_free(user->private_key); + /* Skip extra newline if there is one */ + if ( *private_key == '\n' ) + private_key += 1; /* Attempt to read key without passphrase if none given */ if (passphrase == NULL) user->private_key = guac_common_ssh_key_alloc(private_key, strlen(private_key), ""); /* Otherwise, use provided passphrase */ else user->private_key = guac_common_ssh_key_alloc(private_key, strlen(private_key), passphrase); /* Fail if key could not be read */ return user->private_key == NULL; } {code} I might be doing something wrong, if yes, please let me know. Thanks. -- This message was sent by Atlassian JIRA (v7.6.3#76005)