diff options
author | Sol Jerome <solj@ices.utexas.edu> | 2010-03-25 21:10:13 +0000 |
---|---|---|
committer | Sol Jerome <solj@ices.utexas.edu> | 2010-03-25 17:19:44 -0500 |
commit | f7cdad6b141b86eeb6e52c0ba590f475d166aa65 (patch) | |
tree | b22fd3a8538e4db0da2bdb27068963c8f519e90c /src | |
parent | 5d3338b5da94a1e884ca5328bfa3df8cc2107e3b (diff) | |
download | bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.gz bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.bz2 bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.zip |
SSHbase: Generate known_hosts file in consistent order (Patch from Lee Loucks)
From Ticket #869:
Because the order of a python set is dependent on the order of the hash
of entries of that set, the get_skn method generates a entries in the
ssh_known_hosts with the names ordered according to their has instead of
a consistent (from the user point of view) order. Some entries are IP,
hostname and other entries are hostname, IP.
This patch corrects that.
Signed-off-by: Sol Jerome <solj@ices.utexas.edu>
git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5793 ce84e21b-d406-0410-9b95-82705330c041
Diffstat (limited to 'src')
-rw-r--r-- | src/lib/Server/Plugins/SSHbase.py | 63 |
1 files changed, 32 insertions, 31 deletions
diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py index d66a458ca..4e26001c1 100644 --- a/src/lib/Server/Plugins/SSHbase.py +++ b/src/lib/Server/Plugins/SSHbase.py @@ -64,7 +64,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, '/etc/ssh/ssh_host_key': self.build_hk, '/etc/ssh/ssh_host_key.pub': self.build_hk}} self.ipcache = {} - self.namecache = {} + self.namecache = {} self.__skn = False def get_skn(self): @@ -82,7 +82,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, names[cmeta.hostname] = set([cmeta.hostname]) names[cmeta.hostname].update(cmeta.aliases) newnames = set() - newips = set() + newips = set() for name in names[cmeta.hostname]: newnames.add(name.split('.')[0]) try: @@ -91,14 +91,15 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, continue names[cmeta.hostname].update(newnames) names[cmeta.hostname].update(cmeta.addresses) - names[cmeta.hostname].update(newips) - # TODO: Only perform reverse lookups on IPs if an option is set. - if True: - for ip in newips: - try: - names[cmeta.hostname].update(self.get_namecache_entry(ip)) - except: - continue + names[cmeta.hostname].update(newips) + # TODO: Only perform reverse lookups on IPs if an option is set. + if True: + for ip in newips: + try: + names[cmeta.hostname].update(self.get_namecache_entry(ip)) + except: + continue + names[cmeta.hostname] = sorted(names[cmeta.hostname]) # now we have our name cache pubkeys = [pubk for pubk in self.entries.keys() \ if pubk.find('.pub.H_') != -1] @@ -170,27 +171,27 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin, raise socket.gaierror def get_namecache_entry(self, cip): - '''build a cache of name lookups from client IP addresses''' - if cip in self.namecache: - # lookup cached name from IP - if self.namecache[cip]: - return self.namecache[cip] - else: - raise socket.gaierror - else: - # add an entry that has not been cached - try: - rvlookup = socket.gethostbyaddr(cip) - if rvlookup[0]: - self.namecache[cip] = [rvlookup[0]] - else: - self.namecache[cip] = [] - self.namecache[cip].extend(rvlookup[1]) - return self.namecache[cip] - except socket.gaierror: - self.namecache[cip] = False - self.logger.error("Failed to find any names associated with IP address %s" % cip) - raise + '''build a cache of name lookups from client IP addresses''' + if cip in self.namecache: + # lookup cached name from IP + if self.namecache[cip]: + return self.namecache[cip] + else: + raise socket.gaierror + else: + # add an entry that has not been cached + try: + rvlookup = socket.gethostbyaddr(cip) + if rvlookup[0]: + self.namecache[cip] = [rvlookup[0]] + else: + self.namecache[cip] = [] + self.namecache[cip].extend(rvlookup[1]) + return self.namecache[cip] + except socket.gaierror: + self.namecache[cip] = False + self.logger.error("Failed to find any names associated with IP address %s" % cip) + raise def build_skn(self, entry, metadata): '''This function builds builds a host specific known_hosts file''' |