From ef04f453e7f0152551c452aa3efe7085ac688807 Mon Sep 17 00:00:00 2001
From: Luke Sneeringer <luke@sneeringer.com>
Date: Tue, 19 Aug 2014 10:38:07 -0400
Subject: [PATCH] Accept and convert SSH creds ending in \u003d.

This commit fixes an issue where copying an SSH credential ending in a
literal "\u003d", which is easy to do in GCE-land, doesn't work.

https://trello.com/c/L7Eowjrn/331-traceback-on-gce-inventory-import
---
 awx/main/models/credential.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/awx/main/models/credential.py b/awx/main/models/credential.py
index 2fa90ceb41..cdde8655c7 100644
--- a/awx/main/models/credential.py
+++ b/awx/main/models/credential.py
@@ -283,6 +283,19 @@ class Credential(PasswordFieldsModel, CommonModelNameNotUnique):
         else:
             ssh_key_data = self.ssh_key_data
         if ssh_key_data:
+            # Sanity check: GCE, in particular, provides JSON-encoded private
+            # keys, which developers will be tempted to copy and paste rather
+            # than JSON decode.
+            #
+            # These end in a unicode-encoded final character that gets double
+            # escaped due to being in a Python 2 bytestring, and that causes
+            # Python's key parsing to barf. Detect this issue and correct it.
+            if r'\u003d' in ssh_key_data:
+                ssh_key_data = ssh_key_data.replace(r'\u003d', '=')
+                self.ssh_key_data = ssh_key_data
+
+            # Validate the private key to ensure that it looks like something
+            # that we can accept.
             self._validate_ssh_private_key(ssh_key_data)
         return self.ssh_key_data # No need to return decrypted version here.