core: ssh private_key_path overwrites insecure key [GH-5632]

2015-07-06 16:17:54 -06:00 · 2015-07-06 16:17:54 -06:00 · 341534299d
parent d89d4341e0
commit 341534299d
3 changed files with 13 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -56,6 +56,7 @@ BUG FIXES:
  - core: escape curl urls and authentication [GH-5677]
  - core: fix crash if a value is missing for CLI arguments [GH-5550]
  - core: retry SSH key generation for transient RSA errors [GH-5056]
+  - core: `ssh.private_key_path` will override the insecure key [GH-5632]
  - core/cli: fix box checksum validation [GH-4665, GH-5221]
  - core/windows: allow Windows UNC paths to allow more than 256
      characters [GH-4815]
--- a/lib/vagrant/machine.rb
+++ b/lib/vagrant/machine.rb
@ -444,7 +444,7 @@ module Vagrant
      end

      # If we have a private key in our data dir, then use that
-      if @data_dir
+      if @data_dir && !@config.ssh.private_key_path
        data_private_key = @data_dir.join("private_key")
        if data_private_key.file?
          info[:private_key_path] = [data_private_key.to_s]
--- a/test/unit/vagrant/machine_test.rb
+++ b/test/unit/vagrant/machine_test.rb
@ -667,6 +667,17 @@ describe Vagrant::Machine do
        expect(instance.ssh_info[:password]).to eql("")
      end

+      it "should return the private key in the Vagrantfile if the data dir exists" do
+        provider_ssh_info[:private_key_path] = nil
+        instance.config.ssh.private_key_path = "/foo"
+
+        instance.data_dir.join("private_key").open("w+") do |f|
+          f.write("hey")
+        end
+
+        expect(instance.ssh_info[:private_key_path]).to eql(["/foo"])
+      end
+
      context "with no data dir" do
        let(:base)     { true }
        let(:data_dir) { nil }