Decoding base64 with wrong padding crash DNS
When SshFp.pub_key_entry
is not valid base64, the decoding throws a TypeError
blocking the DNS re2o-service.
A way to fix this, but horrible :
--- a/machines/models.py
+++ b/machines/models.py
@@ -964,9 +964,10 @@ class SshFp(RevMixin, AclMixin, models.Model):
def hash(self):
"""Return the hashess for the pub key with correct id
cf RFC, 1 is sha1 , 2 sha256"""
+ pubkey = base64.b64decode(self.pub_key_entry + "===")
return {
- "1": hashlib.sha1(base64.b64decode(self.pub_key_entry)).hexdigest(),
- "2": hashlib.sha256(base64.b64decode(self.pub_key_entry)).hexdigest(),
+ "1": hashlib.sha1(pubkey).hexdigest(),
+ "2": hashlib.sha256(pubkey).hexdigest(),
}
class Meta: