-
-
Notifications
You must be signed in to change notification settings - Fork 131
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
eyaml decrypt adds newline #270
Comments
Here's an even simpler case:
|
For what it's worth, the Puppet It kinda feels like somebody noticed extra newlines being added at some point in the past, and "fixed" it in the wrong place?
The original file ends with a newline, and the encrypted value ends with a newline, but the string returned by the Other examples I found while testing this:Normal string WITHOUT trailing newline. This looks more or less like what I was expecting, with no newline between
Normal string WITH trailing newline. Here I was expecting to see a newline between
|
Necroing this as at least on my installation this still happens and has caused some hair pulling this morning - but this seems like the last place this is discussed by my googling. The somewhat terrible but functional way I've been dealing with the inconsistency (and the fact that SSH private keys have to have that newline) is to force
becomes
I can't say I've dug into the rules for how newlines come across from Puppet lookup - but I'm guessing its stripped the trailing newline by some default rules way-way back in the parser. This block format forces that newline to appear - regardless of the content type (ie: encrypted Sensitive strings or just regular old strings) |
Pretty sure that "eyaml decrypt" is wrongly emitting newline.
if we take base64-encoded encrypted value and decode it with openssl, we get correct result:
no newline, as expected.
Even more clear example:
so it decrypts properly w/o \n, it just adds \n when emitting, even if input does not contain ending \n
unfortunately, it does that also when output is not terminal, ie. to the file, which breaks binary files.
The text was updated successfully, but these errors were encountered: