ó oBú]c@s ddlZddlZddlmZddlmZejeƒZdZ d)Z dZ de fd„ƒYZ de fd„ƒYZd„Zd„Zd„Zd„Ze d „Zdd!„Zd"e fd#„ƒYZd$„Zd%„Zd&„Ze d'„Zd(„ZdS(*iÿÿÿÿN(tlog(tutils/etc/ssh/sshd_configtdsatecdsasecdsa-sha2-nistp256s(ecdsa-sha2-nistp256-cert-v01@openssh.comsecdsa-sha2-nistp384s(ecdsa-sha2-nistp384-cert-v01@openssh.comsecdsa-sha2-nistp521s(ecdsa-sha2-nistp521-cert-v01@openssh.comted25519trsas rsa-sha2-256s rsa-sha2-512sssh-dsssssh-dss-cert-v01@openssh.coms ssh-ed25519s ssh-ed25519-cert-v01@openssh.comsssh-rsasssh-rsa-cert-v01@openssh.coms¢no-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"$DISABLE_USER\".';echo;sleep 10"t AuthKeyLinecBs/eZddddd„Zd„Zd„ZRS(cCs1||_||_||_||_||_dS(N(tbase64tcommenttoptionstkeytypetsource(tselfR R RRR ((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt__init__3s     cCs|jo|jS(N(RR (R ((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytvalid;scCs”g}|jr"|j|jƒn|jr>|j|jƒn|jrZ|j|jƒn|jrv|j|jƒn|sƒ|jSdj|ƒSdS(Nt (R tappendR RRR tjoin(R ttoks((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt__str__>s    N(t__name__t __module__tNoneR RR(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR2s tAuthKeyLineParsercBs#eZdZd„Zdd„ZRS(s‚ AUTHORIZED_KEYS FILE FORMAT AuthorizedKeysFile specifies the file containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys. Each line of the file contains one key (empty (because of the size of the public key encoding) up to a limit of 8 kilo- bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 kilobits. You don't want to type them in; instead, copy the identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it. sshd enforces a minimum RSA key modulus size for protocol 1 and protocol 2 keys of 768 bits. The options (if present) consist of comma-separated option specifica- tions. No spaces are permitted, except within double quotes. The fol- lowing option specifications are supported (note that option keywords are case-insensitive): cCsãt}d}x­|t|ƒkr»|s7||dkr»||}|dt|ƒkre|d}Pn||d}|dkr˜|dkr˜|d}n|dkr®| }n|d}qW|d|!}||jƒ}||fS(s× The options (if present) consist of comma-separated option specifica- tions. No spaces are permitted, except within double quotes. Note that option keywords are case-insensitive. iRs is\t"(Rs (tFalsetlentlstrip(R tenttquotedtitcurctnextcR tremain((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt_extract_optionsbs"      c Csü|jdƒ}|jdƒs0|jƒdkr:t|ƒSd„}|jƒ}y||ƒ\}}}Wnotk rÙ|j|ƒ\} } |dkr¢| }ny|| ƒ\}}}WqÚtk rÕt|ƒSXnXt|d|d|d|d|ƒS( Ns t#tcSsŠ|jddƒ}t|ƒdkr=tdt|ƒƒ‚n|dtkrdtd|dƒ‚nt|ƒdkr†|jdƒn|S(NisTo few fields: %sisInvalid keytype %sR$(tsplitRRt TypeErrortVALID_KEY_TYPESR(RR((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt parse_ssh_keyƒsR RRR (trstript startswithtstripRR&R"R( R tsrc_lineR tlineR(RR RRtkeyoptsR!((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse}s"!       N(RRt__doc__R"RR/(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRNs cCs¬g}tƒ}g}x|D]ˆ}yUtjj|ƒrvtj|ƒjƒ}x'|D]}|j|j|ƒƒqSWnWqt t fk r£tj t d|ƒqXqW|S(NsError reading lines from %s( RtostpathtisfileRt load_filet splitlinesRR/tIOErrortOSErrortlogexctLOG(tfnamestlinestparsertcontentstfnameR-((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse_authorized_keys£s   !c Cstg|D]}|jƒr |^q ƒ}x‹tdt|ƒƒD]t}||}|jƒscqAnxE|D]=}|j|jkrj|}||kr§|j|ƒq§qjqjW|||((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse_ssh_config-scCs·g}xª|D]¢}|jƒ}| s5|jdƒrN|jt|ƒƒq ny|jddƒ\}}Wn)tk r•|jddƒ\}}nX|jt|||ƒƒq W|S(NR#it=(R+R*RRyR%Rt ValueError(R;tretR-RHtval((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR~3s   cCsPt|ƒ}|siSi}x-|D]%}|js8q#n|j||jR;R‚R-((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRbFs   cCsvt|ƒ}td|d|ƒ}|rftj|djg|D]}t|ƒ^q=ƒddtƒnt|ƒdkS(s©Read fname, and update if changes are necessary. @param updates: dictionary of desired values {Option: value} @return: boolean indicating if an update was done.R;tupdatess t copy_modei(Rtupdate_ssh_config_linesRRrRRCRaR(R„R>R;tchangedtl((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytupdate_ssh_configRs  9c Cs’tƒ}g}tg|jƒD]}|jƒ|f^qƒ}x¿t|ddƒD]«\}}|jsnqSn|j|krS||j}||} |j|ƒ|j| krÉtj d||| ƒqþ|j |ƒtj d|||j| ƒ| |_qSqSWt |ƒt |ƒkrŽxq|j ƒD]`\}} ||krEq'n|j |ƒ|j t d|| ƒƒtj dt |ƒ|| ƒq'Wn|S(sðUpdate the ssh config lines per updates. @param lines: array of SshdConfigLine. This array is updated in place. @param updates: dictionary of desired values {Option: value} @return: A list of keys in updates that were changed.tstartis$line %d: option %s already set to %ss#line %d: option %s updated %s -> %sR$s line %d: option %s added with %s(tsettdictRER|t enumerateRHtaddRUR9tdebugRRtitemsRy( R;R„tfoundR‡RFtcasemapRR-RHRU((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR†_s4 1          (RRsecdsa-sha2-nistp256s(ecdsa-sha2-nistp256-cert-v01@openssh.comsecdsa-sha2-nistp384s(ecdsa-sha2-nistp384-cert-v01@openssh.comsecdsa-sha2-nistp521s(ecdsa-sha2-nistp521-cert-v01@openssh.comRRs rsa-sha2-256s rsa-sha2-512sssh-dsssssh-dss-cert-v01@openssh.coms ssh-ed25519s ssh-ed25519-cert-v01@openssh.comsssh-rsasssh-rsa-cert-v01@openssh.com(R1RKt cloudinitRtloggingRt getLoggerRR9RdR'tDISABLE_USER_OPTStobjectRRR?RJRQR\RjRRxRyRR~RbR‰R†(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt sL  U