Details
-
Bug
-
Status: Resolved (View Workflow)
-
Critical
-
Resolution: Duplicate
Description
It seems that when you use the Test option to verify the credentials some errors are logged by Jenkins but you still get a success result. Based on the logs I suppose that these are really serious errors:
Jul 22, 2016 3:57:10 PM org.eclipse.jetty.util.log.JavaUtilLog warn WARNING: Header is too large >8192 Jul 22, 2016 3:57:10 PM org.eclipse.jetty.util.log.JavaUtilLog warn WARNING: badMessage: 413 for HttpChannelOverHttp@7b0d79d2{r=0,c=false,a=IDLE,uri=/descriptorByName/hudson.plugins.ec2.AmazonEC2Cloud/checkPrivateKey?value=-----BEGIN%20RSA%20PRIVATE%20KEY-----%0..........(censored-private-key-content)......................%3D%3D%0A-----END%20RSA%20PRIVATE%20KEY-----}
Not to add that displaying a private RSA key in the logs or in the UI is a serious security issue.
Attachments
Issue Links
- duplicates
-
-
- Open
-
- is related to
-
-
- Resolved
-
Activity
| Field | Original Value | New Value |
|---|---|---|
| Workflow | JNJira [ 173629 ] | JNJira + In-Review [ 185243 ] |
| Link |
This issue is related to |
Michael Fowler
made changes -
| Link | This issue duplicates JENKINS-25046 [ JENKINS-25046 ] |
Michael Fowler
made changes -
| Resolution | Fixed [ 1 ] | |
| Status | Open [ 1 ] | Resolved [ 5 ] |
Michael Fowler
made changes -
| Resolution | Fixed [ 1 ] | |
| Status | Resolved [ 5 ] | Reopened [ 4 ] |
Michael Fowler
made changes -
| Resolution | Duplicate [ 3 ] | |
| Status | Reopened [ 4 ] | Resolved [ 5 ] |
