Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug Report: Ansible-vault errors with "Odd-length string" #9963

Closed
mxxcon opened this issue Jan 8, 2015 · 7 comments

Comments

@mxxcon
Copy link
Contributor

commented Jan 8, 2015

Ansible Version:
1.8.2

Environment:
Cygwin

Summary:
I have a vaulted file created on another system. On that system it works without any problems.
However, when I run it on my local system I get the following error.

Steps To Reproduce:
Run ansible-vault --debug view vars/vaulted_vars.yml

Expected Results:
Display content of the file.

Actual Results:

$» ansible-vault --debug view vars/vaulted_vars.yml
Vault password:
Traceback (most recent call last):
  File "/usr/bin/ansible-vault", line 225, in main
    fn(args, options, parser)
  File "/usr/bin/ansible-vault", line 172, in execute_view
    this_editor.view_file()
  File "/usr/lib/python2.7/site-packages/ansible/utils/vault.py", line 280, in view_file
    dec_data = this_vault.decrypt(tmpdata)
  File "/usr/lib/python2.7/site-packages/ansible/utils/vault.py", line 136, in decrypt
    data = this_cipher.decrypt(data, self.password)
  File "/usr/lib/python2.7/site-packages/ansible/utils/vault.py", line 545, in decrypt
    data = unhexlify(data)
TypeError: Odd-length string

ERROR: Odd-length string
$»

It doesn't matter if I enter a correct password or not or simply press enter, it always errors out.

@bcoca bcoca added P3 labels Jan 9, 2015
@bcoca

This comment has been minimized.

Copy link
Member

commented Jan 9, 2015

could you give us a minimal example that creates this error? are both machines windows? could it be a line ending issue?

@mxxcon

This comment has been minimized.

Copy link
Contributor Author

commented Jan 9, 2015

On Mac and Linux it works fine. File was checked out from git.
I'll try to re-encrypt the file directly in Cygwin to see if hashes are different

@mxxcon

This comment has been minimized.

Copy link
Contributor Author

commented Jan 10, 2015

Alright, @bcoca it does look like line ending issue, and more specifically seems to be caused by SourceTree's version of git.
If I checkout vaulted file using SourceTree I get

$» file vaulted_vars.yml
vaulted_vars.yml: ASCII text, with CRLF line terminators

And it generates that Odd-length string error

However, if I check it out using plain Cygwin git(.exe), I get

$» file vaulted_vars.yml
vaulted_vars.yml: ASCII text

This file works fine.

It would be nice if ansible-vault was more tolerant of these differences and worked with both types of line endings.

@bcoca

This comment has been minimized.

Copy link
Member

commented Jan 10, 2015

I'm closing this issue because encryption in general is (on purpose) very finicky about changes in the data and should complain about them. Also we do not support windows as an ansible master (not even with cygwin), only recently as a target with the win_* modules.

I'm glad you found the source of your problems and this ticket will probably help others in the future but I'm very reticent to change vault to play with line endings as this can create more problems than it solves.

@bcoca bcoca closed this Jan 10, 2015
@mxxcon

This comment has been minimized.

Copy link
Contributor Author

commented Jan 10, 2015

I can understand if it complains about mangled data, but failing on line breaks is a bit extreme on the "fail fast, fail early" mindset.
I don't know vault files' structure, but I'd love to see ansible-vault files completely ignore line breaks.
Or maybe at least fail more gracefully with a more descriptive error message?

@AaronTraas

This comment has been minimized.

Copy link

commented Jan 12, 2015

I agree with @mxxcon that it should at least detect whether CR/LF is happening on the file and fail with a descriptive error message. I get that cygwin isn't a supported platform, but at least pointing people in the right direction would be a good thing.

Also, what about this scenario: a developer on Windows is checking in code, and a dev ops guy is checking the code out on a Linux box to run Ansible playbooks to deploy said code. What happens if the developer is using an IDE that auto-changes every file it touches to Windows-style text and then commits it? Again, full support for CR/LF would be great, but almost as good would be an error message so the dev ops guy would know what the error is and can both manually fix it and scold the developer for using a crap IDE and poor Git settings.

@stephenconnolly1

This comment has been minimized.

Copy link

commented Jul 19, 2017

This is a highly annoying bug. I'm trying to use docker-machine to host an ansible container. Setting everything to LF at source and still getting issues. Surely you should be able to strip out all line ending chars before decrypting?

@ansibot ansibot added bug and removed bug_report labels Mar 6, 2018
@ansible ansible locked and limited conversation to collaborators Apr 25, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
5 participants
You can’t perform that action at this time.