oB]c@s ddlZddlZddlmZddlmZejeZdZ d)Z dZ de fdYZ de fdYZdZdZdZdZe d Zdd!Zd"e fd#YZd$Zd%Zd&Ze d'Zd(ZdS(*iN(tlog(tutils/etc/ssh/sshd_configtdsatecdsasecdsa-sha2-nistp256s(ecdsa-sha2-nistp256-cert-v01@openssh.comsecdsa-sha2-nistp384s(ecdsa-sha2-nistp384-cert-v01@openssh.comsecdsa-sha2-nistp521s(ecdsa-sha2-nistp521-cert-v01@openssh.comted25519trsas rsa-sha2-256s rsa-sha2-512sssh-dsssssh-dss-cert-v01@openssh.coms ssh-ed25519s ssh-ed25519-cert-v01@openssh.comsssh-rsasssh-rsa-cert-v01@openssh.comsno-port-forwarding,no-agent-forwarding,no-X11-forwarding,command="echo 'Please login as the user \"$USER\" rather than the user \"$DISABLE_USER\".';echo;sleep 10"t AuthKeyLinecBs/eZdddddZdZdZRS(cCs1||_||_||_||_||_dS(N(tbase64tcommenttoptionstkeytypetsource(tselfR R RRR ((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt__init__3s     cCs|jo|jS(N(RR (R ((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytvalid;scCsg}|jr"|j|jn|jr>|j|jn|jrZ|j|jn|jrv|j|jn|s|jSdj|SdS(Nt (R tappendR RRR tjoin(R ttoks((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt__str__>s    N(t__name__t __module__tNoneR RR(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR2s tAuthKeyLineParsercBs#eZdZdZddZRS(s AUTHORIZED_KEYS FILE FORMAT AuthorizedKeysFile specifies the file containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys. Each line of the file contains one key (empty (because of the size of the public key encoding) up to a limit of 8 kilo- bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 kilobits. You don't want to type them in; instead, copy the identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it. sshd enforces a minimum RSA key modulus size for protocol 1 and protocol 2 keys of 768 bits. The options (if present) consist of comma-separated option specifica- tions. No spaces are permitted, except within double quotes. The fol- lowing option specifications are supported (note that option keywords are case-insensitive): cCst}d}x|t|kr|s7||dkr||}|dt|kre|d}Pn||d}|dkr|dkr|d}n|dkr| }n|d}qW|d|!}||j}||fS(s The options (if present) consist of comma-separated option specifica- tions. No spaces are permitted, except within double quotes. Note that option keywords are case-insensitive. iRs is\t"(Rs (tFalsetlentlstrip(R tenttquotedtitcurctnextcR tremain((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt_extract_optionsbs"      c Cs|jd}|jds0|jdkr:t|Sd}|j}y||\}}}Wnotk r|j|\} } |dkr| }ny|| \}}}Wqtk rt|SXnXt|d|d|d|d|S( Ns t#tcSs|jdd}t|dkr=tdt|n|dtkrdtd|dnt|dkr|jdn|S(NisTo few fields: %sisInvalid keytype %sR$(tsplitRRt TypeErrortVALID_KEY_TYPESR(RR((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt parse_ssh_keysR RRR (trstript startswithtstripRR&R"R( R tsrc_lineR tlineR(RR RRtkeyoptsR!((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse}s"!       N(RRt__doc__R"RR/(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRNs cCsg}t}g}x|D]}yUtjj|rvtj|j}x'|D]}|j|j|qSWnWqt t fk rtj t d|qXqW|S(NsError reading lines from %s( RtostpathtisfileRt load_filet splitlinesRR/tIOErrortOSErrortlogexctLOG(tfnamestlinestparsertcontentstfnameR-((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse_authorized_keyss   !c Cstg|D]}|jr |^q }xtdt|D]t}||}|jscqAnxE|D]=}|j|jkrj|}||kr|j|qqjqjW|||((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytparse_ssh_config-scCsg}x|D]}|j}| s5|jdrN|jt|q ny|jdd\}}Wn)tk r|jdd\}}nX|jt|||q W|S(NR#it=(R+R*RRyR%Rt ValueError(R;tretR-RHtval((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR~3s   cCsPt|}|siSi}x-|D]%}|js8q#n|j||jR;RR-((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyRbFs   cCsvt|}td|d|}|rftj|djg|D]}t|^q=ddtnt|dkS(sRead fname, and update if changes are necessary. @param updates: dictionary of desired values {Option: value} @return: boolean indicating if an update was done.R;tupdatess t copy_modei(Rtupdate_ssh_config_linesRRrRRCRaR(RR>R;tchangedtl((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pytupdate_ssh_configRs  9c Cst}g}tg|jD]}|j|f^q}xt|ddD]\}}|jsnqSn|j|krS||j}||} |j||j| krtj d||| q|j |tj d|||j| | |_qSqSWt |t |krxq|j D]`\}} ||krEq'n|j ||j t d|| tj dt ||| q'Wn|S(sUpdate the ssh config lines per updates. @param lines: array of SshdConfigLine. This array is updated in place. @param updates: dictionary of desired values {Option: value} @return: A list of keys in updates that were changed.tstartis$line %d: option %s already set to %ss#line %d: option %s updated %s -> %sR$s line %d: option %s added with %s(tsettdictRER|t enumerateRHtaddRUR9tdebugRRtitemsRy( R;RtfoundRRFtcasemapRR-RHRU((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyR_s4 1          (RRsecdsa-sha2-nistp256s(ecdsa-sha2-nistp256-cert-v01@openssh.comsecdsa-sha2-nistp384s(ecdsa-sha2-nistp384-cert-v01@openssh.comsecdsa-sha2-nistp521s(ecdsa-sha2-nistp521-cert-v01@openssh.comRRs rsa-sha2-256s rsa-sha2-512sssh-dsssssh-dss-cert-v01@openssh.coms ssh-ed25519s ssh-ed25519-cert-v01@openssh.comsssh-rsasssh-rsa-cert-v01@openssh.com(R1RKt cloudinitRtloggingRt getLoggerRR9RdR'tDISABLE_USER_OPTStobjectRRR?RJRQR\RjRRxRyRR~RbRR(((s6/usr/lib/python2.7/site-packages/cloudinit/ssh_util.pyt sL  U