** Description changed: [Impact] Some users have reported problems with corrupted keyrings, both in Gnome and KDE, when newlines are included in the password. This makes all launchpadlib-based apps unusable for affected users. The corruption occurs because launchpadlib attempts to store a multi- line value in the keyring, but the keyring service appears to assume values are single-lined, so chokes when it encounters launchpadlib's entries. [Workaround] Delete the keyring (e.g. via 'seahorse') prior to running a launchpadlib-based script. [Development Fix] - Upstream version 1.9.12 resolves the issue (and another related bug involving unicode data) by base64 encoding the serialized value: + Upstream version 1.9.12 resolves the issue by base64 encoding the serialized value: - Properly handle Unicode passwords if returned by the keyring. - Base 64 encode serialized credentials before putting in keyring/wallet. [Stable Fix] For the SRU to natty and oneiric, it is proposed to cherrypick the encoding change to credentials.py and its associated test code in test_credential_store.py. [Test Case] - 1. Run a launchpadlib client that uses the keyring - 2. [Optional] Open the key in seahorse, (and optionally ensure there is a newline) then close seahorse - 3. Run the same launchlib client a second time - 4. Affected users will see a "ConfigParser.NoOptionError" printed + 1. Before installing the new package, use a launchpadlib client to create a key entry in your keyring. It will be called 'network password'. For example, run 'lp-shell' and after authorization examine lp.me. + 2. Open the keyring with seahorse and examine the password. It should be plaintext and have 'consumer_key' as one of the first entries. Ensure under 'details' it lists the URL for the Launchpad system you accessed above (i.e., product, staging, or qastaging) + 3. Install the updated package. + 4. Run the same launchpadlib client. Ensure that authorization is not required, demonstrating that the stored credentials were used. + 5. Open seahorse and delete the entry for 'network password'. + 6. Run the client again and reauthorize. + 7. Examine the key entry in seahorse. This time it should start with '<B64>' and the rest should be base 64 encoded. + 8. Finally run the client again and ensure authorization is not required. [Regression Potential] Low/none. When there is a corrupted key ring entry, this just reauthorizes and overwrite the old entry, same as if it had expired. [Original Report] Running lp:svammel to do a dry run mass bugfiling against LP, I get prompted to authorize my system to connect to launchpad, which is neat. But on a subsequent invocation of the tool, it fails with: Traceback (most recent call last): File "file-failures.py", line 50, in <module> init(args.serviceroot, 'testing', '~/.launchpadlib/cache/') File "/home/vorlon/devel/linaro/svammel/config.py", line 96, in init set_launchpad(service_root, appid, cachedir) File "/home/vorlon/devel/linaro/svammel/config.py", line 72, in set_launchpad lp = Launchpad.login_with(appid, root, cachedir) File "/usr/lib/pymodules/python2.7/launchpadlib/launchpad.py", line 538, in login_with credential_save_failed, version) File "/usr/lib/pymodules/python2.7/launchpadlib/launchpad.py", line 341, in _authorize_token_and_login authorization_engine.unique_consumer_id) File "/usr/lib/pymodules/python2.7/launchpadlib/credentials.py", line 273, in load return self.do_load(unique_key) File "/usr/lib/pymodules/python2.7/launchpadlib/credentials.py", line 322, in do_load return Credentials.from_string(credential_string) File "/usr/lib/pymodules/python2.7/launchpadlib/credentials.py", line 89, in from_string credentials.load(StringIO(value)) File "/usr/lib/python2.7/dist-packages/lazr/restfulclient/authorize/oauth.py", line 165, in load CREDENTIALS_FILE_VERSION, 'consumer_key') File "/usr/lib/python2.7/ConfigParser.py", line 610, in get raise NoOptionError(option, section) ConfigParser.NoOptionError: No option 'consumer_key' in section: '1' At James Westby's suggestion, I had a peek inside gnome-keyring with seahorse and found this as the 'password' value of the 'network password' token: [1] Presumably there should be a real password here instead. :) People experiencing this problem can work around it by opening their gnome keyring, and deleting the broken password.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/745801 Title: system-based authorization broken in gnome-keyring: NoOptionError: No option 'consumer_key' in section: '1' To manage notifications about this bug go to: https://bugs.launchpad.net/launchpadlib/+bug/745801/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
