Beispiel #1
0
def convert_sshpubkey_post(entry_attrs):
    pubkeys = entry_attrs.get('ipasshpubkey')
    if not pubkeys:
        return

    newpubkeys = []
    fingerprints = []
    for pubkey in pubkeys:
        try:
            pubkey = SSHPublicKey(pubkey)
        except (ValueError, UnicodeDecodeError):
            continue

        fp = pubkey.fingerprint_hex_sha256()
        comment = pubkey.comment()
        if comment:
            fp = u'%s %s' % (fp, comment)
        fp = u'%s (%s)' % (fp, pubkey.keytype())

        newpubkeys.append(pubkey.openssh())
        fingerprints.append(fp)

    if 'ipasshpubkey' in entry_attrs:
        entry_attrs['ipasshpubkey'] = newpubkeys or None
    if fingerprints:
        entry_attrs['sshpubkeyfp'] = fingerprints
Beispiel #2
0
def convert_sshpubkey_post(entry_attrs):
    pubkeys = entry_attrs.get("ipasshpubkey")
    if not pubkeys:
        return

    newpubkeys = []
    fingerprints = []
    for pubkey in pubkeys:
        try:
            pubkey = SSHPublicKey(pubkey)
        except (ValueError, UnicodeDecodeError):
            continue

        fp = pubkey.fingerprint_hex_md5()
        comment = pubkey.comment()
        if comment:
            fp = u"%s %s" % (fp, comment)
        fp = u"%s (%s)" % (fp, pubkey.keytype())

        newpubkeys.append(pubkey.openssh())
        fingerprints.append(fp)

    if "ipasshpubkey" in entry_attrs:
        entry_attrs["ipasshpubkey"] = newpubkeys or None
    if fingerprints:
        entry_attrs["sshpubkeyfp"] = fingerprints
Beispiel #3
0
def convert_sshpubkey_post(ldap, dn, entry_attrs):
    if 'ipasshpubkey' in entry_attrs:
        pubkeys = entry_attrs['ipasshpubkey']
    else:
        old_entry_attrs = ldap.get_entry(dn, ['ipasshpubkey'])
        pubkeys = old_entry_attrs.get('ipasshpubkey')
    if not pubkeys:
        return

    newpubkeys = []
    fingerprints = []
    for pubkey in pubkeys:
        try:
            pubkey = SSHPublicKey(pubkey)
        except ValueError as UnicodeDecodeError:
            continue

        fp = pubkey.fingerprint_hex_md5()
        comment = pubkey.comment()
        if comment:
            fp = u'%s %s' % (fp, comment)
        fp = u'%s (%s)' % (fp, pubkey.keytype())

        newpubkeys.append(pubkey.openssh())
        fingerprints.append(fp)

    if 'ipasshpubkey' in entry_attrs:
        entry_attrs['ipasshpubkey'] = newpubkeys or None
    if fingerprints:
        entry_attrs['sshpubkeyfp'] = fingerprints
Beispiel #4
0
def validate_sshpubkey_no_options(ugettext, value):
    try:
        pubkey = SSHPublicKey(value)
    except ValueError as UnicodeDecodeError:
        return _('invalid SSH public key')

    if pubkey.has_options():
        return _('options are not allowed')
Beispiel #5
0
def validate_sshpubkey_no_options(ugettext, value):
    try:
        pubkey = SSHPublicKey(value)
    except (ValueError, UnicodeDecodeError):
        return _("invalid SSH public key")

    if pubkey.has_options():
        return _("options are not allowed")
Beispiel #6
0
def sshfp(x):
	"""Transform a public ssh key into the ipa style fingerprint."""
	if type(x) == type([]):
		return [sshfp(i) for i in x]			# recurse

	# this code is the algorithm used in: ipalib/util.py
	pubkey = SSHPublicKey(x)
	fp = pubkey.fingerprint_hex_md5()
	comment = pubkey.comment()
	if comment: fp = u'%s %s' % (fp, comment)
	fp = u'%s (%s)' % (fp, pubkey.keytype())
	return fp
Beispiel #7
0
def validate_sshpubkey(ugettext, value):
    try:
        SSHPublicKey(value)
    except (ValueError, UnicodeDecodeError):
        return _('invalid SSH public key')
    else:
        return None
Beispiel #8
0
def convert_sshpubkey_post(entry_attrs):
    pubkeys = entry_attrs.get('ipasshpubkey')
    if not pubkeys:
        return

    newpubkeys = []
    fingerprints = []
    for pubkey in pubkeys:
        try:
            pubkey = SSHPublicKey(pubkey)
        except (ValueError, UnicodeDecodeError):
            continue

        fp = pubkey.fingerprint_hex_sha256()
        comment = pubkey.comment()
        if comment:
            fp = u'%s %s' % (fp, comment)
        fp = u'%s (%s)' % (fp, pubkey.keytype())

        newpubkeys.append(pubkey.openssh())
        fingerprints.append(fp)

    if 'ipasshpubkey' in entry_attrs:
        entry_attrs['ipasshpubkey'] = newpubkeys or None
    if fingerprints:
        entry_attrs['sshpubkeyfp'] = fingerprints
Beispiel #9
0
def convert_sshpubkey_post(ldap, dn, entry_attrs):
    if 'ipasshpubkey' in entry_attrs:
        pubkeys = entry_attrs['ipasshpubkey']
    else:
        old_entry_attrs = ldap.get_entry(dn, ['ipasshpubkey'])
        pubkeys = old_entry_attrs.get('ipasshpubkey')
    if not pubkeys:
        return

    newpubkeys = []
    fingerprints = []
    for pubkey in pubkeys:
        try:
            pubkey = SSHPublicKey(pubkey)
        except ValueError, UnicodeDecodeError:
            continue

        fp = pubkey.fingerprint_hex_md5()
        comment = pubkey.comment()
        if comment:
            fp = u'%s %s' % (fp, comment)
        fp = u'%s (%s)' % (fp, pubkey.keytype())

        newpubkeys.append(pubkey.openssh())
        fingerprints.append(fp)
Beispiel #10
0
def update_sshfp_record(zone, record, entry_attrs):
    if 'ipasshpubkey' not in entry_attrs:
        return

    pubkeys = entry_attrs['ipasshpubkey'] or ()
    sshfps=[]
    for pubkey in pubkeys:
        try:
            sshfp = SSHPublicKey(pubkey).fingerprint_dns_sha1()
        except ValueError, UnicodeDecodeError:
            continue
        if sshfp is not None:
            sshfps.append(sshfp)
Beispiel #11
0
def normalize_sshpubkey(value):
    return SSHPublicKey(value).openssh()
Beispiel #12
0
def validate_sshpubkey_no_options(ugettext, value):
    try:
        pubkey = SSHPublicKey(value)
    except ValueError, UnicodeDecodeError:
        return _('invalid SSH public key')