Signed Commits with SSH Key Crash ~/commits Site (OD-1269)

Nico Jeske opened 3 years ago

Description

When attempting to view the ~/commits site for a repository containing commits signed with an SSH key, the site crashes.

Steps to Reproduce

Create a Git repository with commits signed using an SSH key.
Navigate to the ~/commits site for that repository.
Observe the site crash.

Expected Behavior

The ~/commits site should load and display signed commits without crashing, regardless of whether the commits are signed with an SSH key.

Actual Behavior

The ~/commits site crashes when attempting to load commits signed with an SSH key.

Additional Information

Example repository: https://github.com/nicojeske/bug
The user has provided an error log (attached) and an example repository to help diagnose the issue.

Attachments

Example repository with a signed commit
Error

Error

org.apache.wicket.WicketRuntimeException: Error attaching this container for rendering: [Fragment [Component id = 2]]
	at org.apache.wicket.MarkupContainer.onBeforeRenderChildren(MarkupContainer.java:1838)
	at org.apache.wicket.Component.onBeforeRender(Component.java:3921)
	at org.apache.wicket.Component.internalBeforeRender(Component.java:950)
	at org.apache.wicket.Component.beforeRender(Component.java:1018)
	at org.apache.wicket.MarkupContainer.onBeforeRenderChildren(MarkupContainer.java:1826)
	at org.apache.wicket.Component.onBeforeRender(Component.java:3921)
	at org.apache.wicket.markup.repeater.AbstractRepeater.onBeforeRender(AbstractRepeater.java:143)
	at org.apache.wicket.Component.internalBeforeRender(Component.java:950)
	at org.apache.wicket.Component.beforeRender(Component.java:1018)
	at org.apache.wicket.MarkupContainer.onBeforeRenderChildren(MarkupContainer.java:1826)
	at org.apache.wicket.Component.onBeforeRender(Component.java:3921)
	at io.onedev.server.web.component.commit.list.CommitListPanel$10.onBeforeRender(CommitListPanel.java:390)
	at org.apache.wicket.Component.internalBeforeRender(Component.java:950)
	at org.apache.wicket.Component.beforeRender(Component.java:1018)
	at org.apache.wicket.MarkupContainer.onBeforeRenderChildren(MarkupContainer.java:1826)
	at org.apache.wicket.Component.onBeforeRender(Component.java:3921)
	at io.onedev.server.web.component.commit.list.CommitListPanel.onBeforeRender(CommitListPanel.java:685)
	at org.apache.wicket.Component.internalBeforeRender(Component.java:950)
	at org.apache.wicket.Component.beforeRender(Component.java:1018)
	at org.apache.wicket.MarkupContainer.onBeforeRenderChildren(MarkupContainer.java:1826)
	at org.apache.wicket.Component.onBeforeRender(Component.java:3921)
	at org.apache.wicket.Page.onBeforeRender(Page.java:801)
	at io.onedev.server.web.page.base.BasePage.onBeforeRender(BasePage.java:297)
	at org.apache.wicket.Component.internalBeforeRender(Component.java:950)
	at org.apache.wicket.Component.beforeRender(Component.java:1018)
	at org.apache.wicket.Component.internalPrepareForRender(Component.java:2236)
	at org.apache.wicket.Page.internalPrepareForRender(Page.java:242)
	at org.apache.wicket.Component.render(Component.java:2327)
	at org.apache.wicket.Page.renderPage(Page.java:1018)
	at org.apache.wicket.request.handler.render.WebPageRenderer.renderPage(WebPageRenderer.java:124)
	at org.apache.wicket.request.handler.render.WebPageRenderer.respond(WebPageRenderer.java:236)
	at org.apache.wicket.core.request.handler.RenderPageRequestHandler.respond(RenderPageRequestHandler.java:175)
	at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:917)
	at org.apache.wicket.request.RequestHandlerStack.execute(RequestHandlerStack.java:64)
	at org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:274)
	at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:231)
	at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:302)
	at org.apache.wicket.protocol.ws.AbstractUpgradeFilter.processRequestCycle(AbstractUpgradeFilter.java:70)
	at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:203)
	at org.apache.wicket.protocol.http.WicketServlet.doGet(WicketServlet.java:137)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:687)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at io.onedev.server.web.DefaultWicketServlet.service(DefaultWicketServlet.java:43)
	at io.onedev.server.web.DefaultWicketServlet$$EnhancerByGuice$$160177084.GUICE$TRAMPOLINE(<generated>)
	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:74)
	at io.onedev.server.persistence.SessionInterceptor$1.call(SessionInterceptor.java:23)
	at io.onedev.server.persistence.DefaultSessionManager.call(DefaultSessionManager.java:90)
	at io.onedev.server.persistence.SessionInterceptor.invoke(SessionInterceptor.java:18)
	at com.google.inject.internal.InterceptorStackCallback$InterceptedMethodInvocation.proceed(InterceptorStackCallback.java:75)
	at com.google.inject.internal.InterceptorStackCallback.invoke(InterceptorStackCallback.java:55)
	at io.onedev.server.web.DefaultWicketServlet$$EnhancerByGuice$$160177084.service(<generated>)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
	at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626)
	at com.google.inject.servlet.DefaultFilterPipeline.dispatch(DefaultFilterPipeline.java:47)
	at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:133)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at io.onedev.server.git.GoGetFilter.doFilter(GoGetFilter.java:87)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at io.onedev.server.git.GitLfsFilter.doFilter(GitLfsFilter.java:489)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at io.onedev.server.git.GitFilter.doFilter(GitFilter.java:382)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:61)
	at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
	at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:154)
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
	at org.apache.shiro.web.servlet.AdviceFilter.executeChain(AdviceFilter.java:108)
	at org.apache.shiro.web.servlet.AdviceFilter.doFilterInternal(AdviceFilter.java:137)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:154)
	at org.apache.shiro.web.servlet.ProxiedFilterChain.doFilter(ProxiedFilterChain.java:66)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.executeChain(AbstractShiroFilter.java:458)
	at org.apache.shiro.web.servlet.AbstractShiroFilter$1.call(AbstractShiroFilter.java:373)
	at org.apache.shiro.subject.support.SubjectCallable.doCall(SubjectCallable.java:90)
	at org.apache.shiro.subject.support.SubjectCallable.call(SubjectCallable.java:83)
	at org.apache.shiro.subject.support.DelegatingSubject.execute(DelegatingSubject.java:387)
	at org.apache.shiro.web.servlet.AbstractShiroFilter.doFilterInternal(AbstractShiroFilter.java:370)
	at org.apache.shiro.web.servlet.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:154)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at io.onedev.server.jetty.DisableTraceFilter.doFilter(DisableTraceFilter.java:28)
	at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
	at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:763)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
	at org.eclipse.jetty.server.Server.handle(Server.java:516)
	at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388)
	at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
	at org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
	at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.RuntimeException: java.io.IOException: invalid armor header
	at io.onedev.server.git.GitUtils.verify(GitUtils.java:697)
	at io.onedev.server.git.GitUtils.verifyCommitSignature(GitUtils.java:631)
	at io.onedev.server.git.GitUtils.verifySignature(GitUtils.java:638)
	at io.onedev.server.web.component.gitsignature.GitSignaturePanel$1.load(GitSignaturePanel.java:27)
	at io.onedev.server.web.component.gitsignature.GitSignaturePanel$1.load(GitSignaturePanel.java:23)
	at org.apache.wicket.model.LoadableDetachableModel.getObject(LoadableDetachableModel.java:137)
	at io.onedev.server.web.component.gitsignature.GitSignaturePanel.onConfigure(GitSignaturePanel.java:78)
	at org.apache.wicket.Component.configure(Component.java:1056)
	at org.apache.wicket.Component.internalBeforeRender(Component.java:941)
	at org.apache.wicket.Component.beforeRender(Component.java:1018)
	at org.apache.wicket.MarkupContainer.onBeforeRenderChildren(MarkupContainer.java:1826)
	... 115 more
Caused by: java.io.IOException: invalid armor header
	at org.bouncycastle.bcpg.ArmoredInputStream.parseHeaders(Unknown Source)
	at org.bouncycastle.bcpg.ArmoredInputStream.<init>(Unknown Source)
	at org.bouncycastle.bcpg.ArmoredInputStream.<init>(Unknown Source)
	at org.bouncycastle.openpgp.PGPUtil.getDecoderStream(Unknown Source)
	at io.onedev.server.git.GitUtils.parseSignature(GitUtils.java:648)
	at io.onedev.server.git.GitUtils.verify(GitUtils.java:665)
	... 125 more

OneDev referenced from other issue 3 years ago

Support to verify commit signed with ssh key (OD-1270)

Released
Robin Shen commented 3 years ago

Thanks for the detailed report. The commits page crash issue will be fixed in next patch release. Meanwhile, I filed another improvement request to support to verify ssh signed commit just as pgp signing do.
OneDev changed state to 'Closed' 3 years ago
Previous Value Current Value
Open

Closed
OneDev commented 3 years ago

State changed as code fixing the issue is committed (561a2924)
OneDev changed state to 'Released' 3 years ago
Previous Value Current Value
Closed

Released
OneDev commented 3 years ago

State changed as build #3505 is successful
OneDev referenced from other issue 3 years ago

Regression - commits signed with SSH key crash the commits page (OD-1355)

Released
Login to comment

Previous Value	Current Value
Open	Closed

Previous Value	Current Value
Closed	Released

Type	Bug
Priority	Major
Assignee	Robin Shen
Affected Versions	8.0.9

Issue Votes (0)

Watchers (4)

Reference

OD-1269