[JIRA] [credentials-plugin] (JENKINS-31521) Private SSH keys: Form too large

2 views
Skip to first unread message

philipp.tusch@huf-group.com (JIRA)

unread,
Nov 12, 2015, 7:06:01 AM11/12/15
to jenkinsc...@googlegroups.com
Philipp Tusch created an issue
 
Jenkins / Bug JENKINS-31521
Private SSH keys: Form too large
Issue Type: Bug Bug
Assignee: stephenconnolly
Components: credentials-plugin
Created: 12/Nov/15 12:05 PM
Environment: OS: Windows Server 2008 R2
Java: 1.8.0_20-b26
Jenkins: 52.0
Credentials: 1.24
Firefox: 43.0b1
Labels: plugin jenkins
Priority: Minor Minor
Reporter: Philipp Tusch

Hello everyone,

it seems like the Plugin causes some issues.
But before, some background.

I try to add a bunch of ssh keys into Jenkins for automatically deployment and commits.
The Credentials plugin is perfect for this.

So I add a few keys into the settings.
After I added a good amount of keys (around 30) with a key length of 4096 and had to realize that there is a limitation. It is set to 200000. I'm surpassing the limit with those keys and I'm stuck.
I have a few workarounds for this:

  • Use smaller keys (less security and the problem persists when I add more keys)
  • Use the Jenkin's ~/.ssh folder (I can not see the keys in Jenkins then which is painful for comparison)

Both solutions are not optimal and have their downsides.
Another attempt on the programming aspect could be to add a form for each domain. The problem still exists with this.
Maybe it's possible to raise the form limit?
One thing I think would be great is to upload the ssh keys into the Jenkins UI and place them into the Jenkin's ~/.ssh folder using the web. But let me see them in the web U so I can compare them easily.

I hope this explanation is good enough.
If you want to reproduce, just add a bunch of keys into the Credentials Plugin (ssh username with private key) and click on save. You'll see the error.

Best regards,
Philipp Tusch

Informations:
OS: Windows Server 2008 R2
Java: 1.8.0_20-b26
Jenkins: 52.0
Credentials: 1.24

The error:
`A problem occurred while processing the request. Please check our bug tracker to see if a similar problem has already been reported. If it is already reported, please vote and put a comment on it to let us gauge the impact of the problem. If you think this is a new issue, please file a new issue. When you file an issue, make sure to add the entire stack trace, along with the version of Jenkins and relevant plugins. The users list might be also useful in understanding what has happened.`

Stacktrace:
`javax.servlet.ServletException: java.lang.IllegalStateException: Form too large 212110>200000
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:796)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
at org.kohsuke.stapler.MetaClass$13.dispatch(MetaClass.java:411)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494)
at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:123)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:49)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:142)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:370)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:960)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:1021)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:865)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.lang.IllegalStateException: Form too large 212110>200000
at org.eclipse.jetty.server.Request.extractParameters(Request.java:352)
at org.eclipse.jetty.server.Request.getParameter(Request.java:790)
at javax.servlet.ServletRequestWrapper.getParameter(ServletRequestWrapper.java:184)
at org.kohsuke.stapler.RequestImpl.getSubmittedForm(RequestImpl.java:898)
at com.cloudbees.plugins.credentials.SystemCredentialsProvider.doConfigSubmit(SystemCredentialsProvider.java:434)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298)
at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161)
at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96)
at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:121)
at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
... 62 more`
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265)
Atlassian logo

jglick@cloudbees.com (JIRA)

unread,
Nov 18, 2015, 6:13:01 PM11/18/15
to jenkinsc...@googlegroups.com
Jesse Glick commented on Bug JENKINS-31521
 
Re: Private SSH keys: Form too large

Probably resolved by the fix of

JENKINS-20327 .

stephenconnolly@java.net (JIRA)

unread,
May 20, 2016, 5:08:02 PM5/20/16
to jenkinsc...@googlegroups.com
stephenconnolly closed an issue as Won't Do
 

Credentials 2.0 has dropped the single page configure screen in favour of enhanced management UX
Change By: stephenconnolly
Status: Open Closed
Resolution: Won't Do
Reply all
Reply to author
Forward
0 new messages