summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorSol Jerome <solj@ices.utexas.edu>2010-03-25 21:10:13 +0000
committerSol Jerome <solj@ices.utexas.edu>2010-03-25 17:19:44 -0500
commitf7cdad6b141b86eeb6e52c0ba590f475d166aa65 (patch)
treeb22fd3a8538e4db0da2bdb27068963c8f519e90c /src
parent5d3338b5da94a1e884ca5328bfa3df8cc2107e3b (diff)
downloadbcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.gz
bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.bz2
bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.zip
SSHbase: Generate known_hosts file in consistent order (Patch from Lee Loucks)
From Ticket #869: Because the order of a python set is dependent on the order of the hash of entries of that set, the get_skn method generates a entries in the ssh_known_hosts with the names ordered according to their has instead of a consistent (from the user point of view) order. Some entries are IP, hostname and other entries are hostname, IP. This patch corrects that. Signed-off-by: Sol Jerome <solj@ices.utexas.edu> git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5793 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'src')
-rw-r--r--src/lib/Server/Plugins/SSHbase.py63
1 files changed, 32 insertions, 31 deletions
diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py
index d66a458ca..4e26001c1 100644
--- a/src/lib/Server/Plugins/SSHbase.py
+++ b/src/lib/Server/Plugins/SSHbase.py
@@ -64,7 +64,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
'/etc/ssh/ssh_host_key': self.build_hk,
'/etc/ssh/ssh_host_key.pub': self.build_hk}}
self.ipcache = {}
- self.namecache = {}
+ self.namecache = {}
self.__skn = False
def get_skn(self):
@@ -82,7 +82,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
names[cmeta.hostname] = set([cmeta.hostname])
names[cmeta.hostname].update(cmeta.aliases)
newnames = set()
- newips = set()
+ newips = set()
for name in names[cmeta.hostname]:
newnames.add(name.split('.')[0])
try:
@@ -91,14 +91,15 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
continue
names[cmeta.hostname].update(newnames)
names[cmeta.hostname].update(cmeta.addresses)
- names[cmeta.hostname].update(newips)
- # TODO: Only perform reverse lookups on IPs if an option is set.
- if True:
- for ip in newips:
- try:
- names[cmeta.hostname].update(self.get_namecache_entry(ip))
- except:
- continue
+ names[cmeta.hostname].update(newips)
+ # TODO: Only perform reverse lookups on IPs if an option is set.
+ if True:
+ for ip in newips:
+ try:
+ names[cmeta.hostname].update(self.get_namecache_entry(ip))
+ except:
+ continue
+ names[cmeta.hostname] = sorted(names[cmeta.hostname])
# now we have our name cache
pubkeys = [pubk for pubk in self.entries.keys() \
if pubk.find('.pub.H_') != -1]
@@ -170,27 +171,27 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
raise socket.gaierror
def get_namecache_entry(self, cip):
- '''build a cache of name lookups from client IP addresses'''
- if cip in self.namecache:
- # lookup cached name from IP
- if self.namecache[cip]:
- return self.namecache[cip]
- else:
- raise socket.gaierror
- else:
- # add an entry that has not been cached
- try:
- rvlookup = socket.gethostbyaddr(cip)
- if rvlookup[0]:
- self.namecache[cip] = [rvlookup[0]]
- else:
- self.namecache[cip] = []
- self.namecache[cip].extend(rvlookup[1])
- return self.namecache[cip]
- except socket.gaierror:
- self.namecache[cip] = False
- self.logger.error("Failed to find any names associated with IP address %s" % cip)
- raise
+ '''build a cache of name lookups from client IP addresses'''
+ if cip in self.namecache:
+ # lookup cached name from IP
+ if self.namecache[cip]:
+ return self.namecache[cip]
+ else:
+ raise socket.gaierror
+ else:
+ # add an entry that has not been cached
+ try:
+ rvlookup = socket.gethostbyaddr(cip)
+ if rvlookup[0]:
+ self.namecache[cip] = [rvlookup[0]]
+ else:
+ self.namecache[cip] = []
+ self.namecache[cip].extend(rvlookup[1])
+ return self.namecache[cip]
+ except socket.gaierror:
+ self.namecache[cip] = False
+ self.logger.error("Failed to find any names associated with IP address %s" % cip)
+ raise
def build_skn(self, entry, metadata):
'''This function builds builds a host specific known_hosts file'''