Details
-
Bug
-
Resolution: Fixed
-
Low
-
6.10.3
-
None
-
2
-
Severity 2 - Major
-
1
-
Description
Issue Summary
Providing a passphrase encrypted by another Bamboo instance can break repositories and cause Bamboo to not start up.
Steps to Reproduce
1. Encode some text by Specs > Bamboo specs encryption dialog
2. Try to create a new repo using the UI with an ssh key for access
3. In the ssh key passphrase field of the created new linked repo UI enter the value from step 1.
Expected Results
Bamboo should invalidate repository creation
Actual Results
It will result in broken repo list and a server that won't start up any more.
The below exception is thrown in the atlassian-bamboo.log file when Bamboo is restarted and the instance will not start up:
2020-04-21 08:02:09,526 INFO \[localhost-startStop-1] \[CachedRepositoryDefinitionManagerImpl] Repository cache initialising... ... 2020-04-21 08:02:10,781 INFO \[localhost-startStop-1] \[SecretEncryptionServiceImpl] Can't decrypt data. It's possible data was encrypted by different cipher. Run Bamboo with system property \-Dbamboo.security.decryption.ignore.errors=true to ignore this error 2020-04-21 08:02:10,782 FATAL \[localhost-startStop-1] \[BambooContainer] Cannot start Bamboo java.lang.RuntimeException: org.bouncycastle.crypto.InvalidCipherTextException: pad block corrupted
Workaround
The repository with the bad encryption will need to be removed from the database (VCS_LOCATION). Please raise a support ticket for further help.
Attachments
Issue Links
- relates to
-
BAM-20969 Can't use encrypted password for docker task credentials
- Gathering Impact
- is cloned as
-
BDEV-15990 Loading...