Current File : //lib/python2.7/site-packages/cloudinit/ssh_util.pyc
�
oB�]c@sddlZddlZddlmZddlmZeje�ZdZ	d)Z
dZdefd��YZ
defd��YZd�Zd�Zd�Zd�Ze	d �Zdd!�Zd"efd#��YZd$�Zd%�Zd&�Ze	d'�Zd(�ZdS(*i����N(tlog(tutils/etc/ssh/sshd_configtdsatecdsasecdsa-sha2-nistp256s(ecdsa-sha2-nistp256-cert-v01@openssh.comsecdsa-sha2-nistp384s(ecdsa-sha2-nistp384-cert-v01@openssh.comsecdsa-sha2-nistp521s(ecdsa-sha2-nistp521-cert-v01@openssh.comted25519trsasrsa-sha2-256srsa-sha2-512sssh-dsssssh-dss-cert-v01@openssh.comsssh-ed25519s ssh-ed25519-cert-v01@openssh.comsssh-rsasssh-rsa-cert-v01@openssh.coms�no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"$DISABLE_USER\".';echo;sleep 10"tAuthKeyLinecBs/eZddddd�Zd�Zd�ZRS(cCs1||_||_||_||_||_dS(N(tbase64tcommenttoptionstkeytypetsource(tselfRR
RRR	((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt__init__3s
				cCs|jo|jS(N(RR
(R((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytvalid;scCs�g}|jr"|j|j�n|jr>|j|j�n|jrZ|j|j�n|jrv|j|j�n|s�|jSdj|�SdS(Nt (R	tappendR
RRRtjoin(Rttoks((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt__str__>s				N(t__name__t
__module__tNoneR
RR(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR2s	tAuthKeyLineParsercBs#eZdZd�Zdd�ZRS(s�
    AUTHORIZED_KEYS FILE FORMAT
     AuthorizedKeysFile specifies the file containing public keys for public
     key authentication; if none is specified, the default is
     ~/.ssh/authorized_keys.  Each line of the file contains one key (empty
     (because of the size of the public key encoding) up to a limit of 8 kilo-
     bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16
     kilobits.  You don't want to type them in; instead, copy the
     identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it.

     sshd enforces a minimum RSA key modulus size for protocol 1 and protocol
     2 keys of 768 bits.

     The options (if present) consist of comma-separated option specifica-
     tions.  No spaces are permitted, except within double quotes.  The fol-
     lowing option specifications are supported (note that option keywords are
     case-insensitive):
    cCs�t}d}x�|t|�kr�|s7||dkr�||}|dt|�kre|d}Pn||d}|dkr�|dkr�|d}n|dkr�|}n|d}qW|d|!}||j�}||fS(s�
        The options (if present) consist of comma-separated option specifica-
         tions.  No spaces are permitted, except within double quotes.
         Note that option keywords are case-insensitive.
        iRs	is\t"(Rs	(tFalsetlentlstrip(RtenttquotedtitcurctnextcR	tremain((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt_extract_optionsbs"




cCs�|jd�}|jd�s0|j�dkr:t|�Sd�}|j�}y||�\}}}Wnotk
r�|j|�\}	}
|dkr�|	}ny||
�\}}}Wq�tk
r�t|�SXnXt|d|d|d|d|�S(	Ns
t#tcSs�|jdd�}t|�dkr=tdt|���n|dtkrdtd|d��nt|�dkr�|jd�n|S(NisTo few fields: %sisInvalid keytype %sR$(tsplitRRt	TypeErrortVALID_KEY_TYPESR(RR((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt
parse_ssh_key�sR
RRR	(trstript
startswithtstripRR&R"R(Rtsrc_lineR	tlineR(RR
RRtkeyoptsR!((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse}s"!
	
	
N(RRt__doc__R"RR/(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRNs	cCs�g}t�}g}x�|D]�}yUtjj|�rvtj|�j�}x'|D]}|j|j|��qSWnWqt	t
fk
r�tjtd|�qXqW|S(NsError reading lines from %s(
RtostpathtisfileRt	load_filet
splitlinesRR/tIOErrortOSErrortlogexctLOG(tfnamestlinestparsertcontentstfnameR-((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse_authorized_keys�s	

!c	Cstg|D]}|j�r
|^q
�}x�tdt|��D]t}||}|j�scqAnxE|D]=}|j|jkrj|}||kr�|j|�q�qjqjW|||<qAWx|D]}|j|�q�Wg|D]}t|�^q�}|jd�dj|�S(NiR$s
(	tlistRtrangeRRtremoveRtstrR(	told_entriestkeystktto_addRRtkeytbR;((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytupdate_authorized_keys�s +



cCsOtj|�}|s |jr3td|��ntjj|jd�|fS(Ns"Unable to get ssh info for user %rs.ssh(tpwdtgetpwnamtpw_dirtRuntimeErrorR1R2R(tusernametpw_ent((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytusers_ssh_info�sc	Cs�d|fd|fdf}|s*d}n|j�}g}xk|D]c}x&|D]\}}|j||�}qPW|jd�s�tjj||�}n|j|�qCW|S(Ns%hs%us%%t%s%h/.ssh/authorized_keyst/(s%%RR(R%treplaceR*R1R2RR(	tvaluethomedirROtmacrostpathstrenderedR2tmacrotfield((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytrender_authorizedkeysfile_paths�s	
c
Cs�t|�\}}tjj|d�}g}tj|dt��ty1t|�}t|j	dd�|j
|�}Wn;ttfk
r�||d<tj
tdt|d�nXWdQX|t|�fS(Ntauthorized_keyst	recursivetauthorizedkeysfiles%h/.ssh/authorized_keysishFailed extracting 'AuthorizedKeysFile' in ssh config from %r, using 'AuthorizedKeysFile' file %r instead(RQR1R2RRtSeLinuxGuardtTruetparse_ssh_config_mapR\tgetRMR6R7R8R9tDEF_SSHD_CFGR?(ROt
sshd_cfg_filetssh_dirRPtdefault_authorizedkeys_filetauth_key_fnstssh_cfg((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytextract_authorized_keys�s
c	Cs$t|�\}}tjj|�sStj|dd�tj||j|j�nt	�}g}x0|D](}|j
|jt|�d|��qiWt
|�\}}	tj|dt��bt|	|�}
tjtjj|�dd�tj||
dd�tj||j|j�WdQXdS(Ntmodei�R	R^i�(RQR1R2tisdirRt
ensure_dirt	chownbyidtpw_uidtpw_gidRRR/RCRjR`RaRJtdirnamet
write_file(REROR	RftpwentR<tkey_entriesRFtauth_key_fntauth_key_entriestcontent((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytsetup_user_keyss	
&tSshdConfigLinecBs/eZddd�Zed��Zd�ZRS(cCs||_||_||_dS(N(R-t_keyRU(RR-RFtv((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR
s		cCs |jdkrdS|jj�S(N(RzRtlower(R((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRHscCsV|jdkrt|j�St|j�}|jrN|dt|j�7}n|SdS(NR(RzRRCR-RU(RR{((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR#s
	N(RRRR
tpropertyRHR(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRyscCs/tjj|�sgSttj|�j��S(N(R1R2R3tparse_ssh_config_linesRR4R5(R>((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse_ssh_config-scCs�g}x�|D]�}|j�}|s5|jd�rN|jt|��q
ny|jdd�\}}Wn)tk
r�|jdd�\}}nX|jt|||��q
W|S(NR#it=(R+R*RRyR%Rt
ValueError(R;tretR-RHtval((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR~3s

cCsPt|�}|siSi}x-|D]%}|js8q#n|j||j<q#W|S(N(RRHRU(R>R;R�R-((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRbFs
	cCsvt|�}td|d|�}|rftj|djg|D]}t|�^q=�ddt�nt|�dkS(s�Read fname, and update if changes are necessary.

    @param updates: dictionary of desired values {Option: value}
    @return: boolean indicating if an update was done.R;tupdatess
t	copy_modei(Rtupdate_ssh_config_linesRRrRRCRaR(R�R>R;tchangedtl((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytupdate_ssh_configRs9c
Cs�t�}g}tg|j�D]}|j�|f^q�}x�t|dd�D]�\}}|jsnqSn|j|krS||j}||}	|j|�|j|	kr�tj	d|||	�q�|j
|�tj	d|||j|	�|	|_qSqSWt|�t|�kr�xq|j�D]`\}}	||krEq'n|j
|�|j
t
d||	��tj	dt|�||	�q'Wn|S(s�Update the ssh config lines per updates.

    @param lines: array of SshdConfigLine.  This array is updated in place.
    @param updates: dictionary of desired values {Option: value}
    @return: A list of keys in updates that were changed.tstartis$line %d: option %s already set to %ss#line %d: option %s updated %s -> %sR$s line %d: option %s added with %s(tsettdictRER|t	enumerateRHtaddRUR9tdebugRRtitemsRy(
R;R�tfoundR�RFtcasemapRR-RHRU((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR�_s4	1	


	

	(RRsecdsa-sha2-nistp256s(ecdsa-sha2-nistp256-cert-v01@openssh.comsecdsa-sha2-nistp384s(ecdsa-sha2-nistp384-cert-v01@openssh.comsecdsa-sha2-nistp521s(ecdsa-sha2-nistp521-cert-v01@openssh.comRRsrsa-sha2-256srsa-sha2-512sssh-dsssssh-dss-cert-v01@openssh.comsssh-ed25519s ssh-ed25519-cert-v01@openssh.comsssh-rsasssh-rsa-cert-v01@openssh.com(R1RKt	cloudinitRtloggingRt	getLoggerRR9RdR'tDISABLE_USER_OPTStobjectRRR?RJRQR\RjRRxRyRR~RbR�R�(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt<module>	sLU