-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"Error in your post" response with blank fields when adding key via GPG + curl (Yubikey) #2098
Comments
I will look into it but no guarantees I can get to it right away. On Tuesday, February 23, 2016, Pavel Kirkovsky [email protected]
|
I think it's fixed, give it a whirl? |
Nope, same error. |
The same error, meaning an empty error output? or does the error output show? If you could, can you send me the full post so I can repro the issue? You can use PGP or saltpack. It's all public with the exception of your session cookie, which the site operators know anyways. Thanks |
Yes, I got the same exact "Error in your post" with blank fields response as seen in my initial report. Another point of interest: I repeated the curl command about 5-6 times before before the website told me it timed out, and on one of the tries got a "Success!" message. All other attempts failed with that same blank error message. Did you want me to post the entire command & output here or in an email? |
An email is better, so you don't leak your session cookie. Thank you! |
Email sent. |
Gah, my bad. I forgot to push my code live. The corrected error-output code should be live now. The error, I'm guessing from the server logs, would say that there's a bad input, error 'Bad base64 string'. Meaning it could be the post was truncated and the base64 body of the key or sig wasn't 4-byte aligned. |
Great, it looks like errors are showing up now! I sent some intentionally malformed API requests and got these back:
Thanks for looking into this, Max. |
No worries, thanks for your bug report. We previously showed the first error type but weren't properly showing the error type in the second case, since it goes through a different code path (input parameter checking) that never even got to the |
I just tried to verify my private key, and I'm getting the same error as the OP. (Not sure if this'll help, but I'm on CentOS 7, 64 bit)
|
try to debug it a bit, maybe by seeing what the intermediate values are |
If I manually resolve the input for curl
But, if I change any other part of the message, the error is either the same as before, or I get session/csrf token errors (which I expect). Thanks for the help so far! Also, should I move this to a new ticket, or send it through email since there may be session info? |
I have managed to make this work on my Ubuntu machine, so I'm going to consider this closed for me. |
Signing a public key using the generated command line script (command line with [bash + GPG + cURL] option on keybase) fails on OS X (Mojave 10.14.4) with the |
@john-n-smith Are you using bash? What is your |
Yes, I'm using bash. |
Do you see any errors from gpg? Could you run and post the |
That part of the command succeeds with:
|
What is your curl version? Should be at least |
A workaround (as long as your public key isn't very very large) is to replace the "@-" in the generated script with the public key block at the end. So something like
|
I'm trying to add my key using the GPG/curl method, but after submitting the curl request I get a GPG pinentry dialog (for the Yubikey PIN) followed by a blank error:
I suspect this is related to currently unresolved issues #1598, #1822, and #1885. It would be helpful to provide a useful error message to "hardcore mode" users in the interim.
The text was updated successfully, but these errors were encountered: