def convert_sshpubkey_post(entry_attrs): pubkeys = entry_attrs.get('ipasshpubkey') if not pubkeys: return newpubkeys = [] fingerprints = [] for pubkey in pubkeys: try: pubkey = SSHPublicKey(pubkey) except (ValueError, UnicodeDecodeError): continue fp = pubkey.fingerprint_hex_sha256() comment = pubkey.comment() if comment: fp = u'%s %s' % (fp, comment) fp = u'%s (%s)' % (fp, pubkey.keytype()) newpubkeys.append(pubkey.openssh()) fingerprints.append(fp) if 'ipasshpubkey' in entry_attrs: entry_attrs['ipasshpubkey'] = newpubkeys or None if fingerprints: entry_attrs['sshpubkeyfp'] = fingerprints
def convert_sshpubkey_post(entry_attrs): pubkeys = entry_attrs.get("ipasshpubkey") if not pubkeys: return newpubkeys = [] fingerprints = [] for pubkey in pubkeys: try: pubkey = SSHPublicKey(pubkey) except (ValueError, UnicodeDecodeError): continue fp = pubkey.fingerprint_hex_md5() comment = pubkey.comment() if comment: fp = u"%s %s" % (fp, comment) fp = u"%s (%s)" % (fp, pubkey.keytype()) newpubkeys.append(pubkey.openssh()) fingerprints.append(fp) if "ipasshpubkey" in entry_attrs: entry_attrs["ipasshpubkey"] = newpubkeys or None if fingerprints: entry_attrs["sshpubkeyfp"] = fingerprints
def convert_sshpubkey_post(ldap, dn, entry_attrs): if 'ipasshpubkey' in entry_attrs: pubkeys = entry_attrs['ipasshpubkey'] else: old_entry_attrs = ldap.get_entry(dn, ['ipasshpubkey']) pubkeys = old_entry_attrs.get('ipasshpubkey') if not pubkeys: return newpubkeys = [] fingerprints = [] for pubkey in pubkeys: try: pubkey = SSHPublicKey(pubkey) except ValueError as UnicodeDecodeError: continue fp = pubkey.fingerprint_hex_md5() comment = pubkey.comment() if comment: fp = u'%s %s' % (fp, comment) fp = u'%s (%s)' % (fp, pubkey.keytype()) newpubkeys.append(pubkey.openssh()) fingerprints.append(fp) if 'ipasshpubkey' in entry_attrs: entry_attrs['ipasshpubkey'] = newpubkeys or None if fingerprints: entry_attrs['sshpubkeyfp'] = fingerprints
def validate_sshpubkey_no_options(ugettext, value): try: pubkey = SSHPublicKey(value) except ValueError as UnicodeDecodeError: return _('invalid SSH public key') if pubkey.has_options(): return _('options are not allowed')
def validate_sshpubkey_no_options(ugettext, value): try: pubkey = SSHPublicKey(value) except (ValueError, UnicodeDecodeError): return _("invalid SSH public key") if pubkey.has_options(): return _("options are not allowed")
def sshfp(x): """Transform a public ssh key into the ipa style fingerprint.""" if type(x) == type([]): return [sshfp(i) for i in x] # recurse # this code is the algorithm used in: ipalib/util.py pubkey = SSHPublicKey(x) fp = pubkey.fingerprint_hex_md5() comment = pubkey.comment() if comment: fp = u'%s %s' % (fp, comment) fp = u'%s (%s)' % (fp, pubkey.keytype()) return fp
def validate_sshpubkey(ugettext, value): try: SSHPublicKey(value) except (ValueError, UnicodeDecodeError): return _('invalid SSH public key') else: return None
def convert_sshpubkey_post(ldap, dn, entry_attrs): if 'ipasshpubkey' in entry_attrs: pubkeys = entry_attrs['ipasshpubkey'] else: old_entry_attrs = ldap.get_entry(dn, ['ipasshpubkey']) pubkeys = old_entry_attrs.get('ipasshpubkey') if not pubkeys: return newpubkeys = [] fingerprints = [] for pubkey in pubkeys: try: pubkey = SSHPublicKey(pubkey) except ValueError, UnicodeDecodeError: continue fp = pubkey.fingerprint_hex_md5() comment = pubkey.comment() if comment: fp = u'%s %s' % (fp, comment) fp = u'%s (%s)' % (fp, pubkey.keytype()) newpubkeys.append(pubkey.openssh()) fingerprints.append(fp)
def update_sshfp_record(zone, record, entry_attrs): if 'ipasshpubkey' not in entry_attrs: return pubkeys = entry_attrs['ipasshpubkey'] or () sshfps=[] for pubkey in pubkeys: try: sshfp = SSHPublicKey(pubkey).fingerprint_dns_sha1() except ValueError, UnicodeDecodeError: continue if sshfp is not None: sshfps.append(sshfp)
def normalize_sshpubkey(value): return SSHPublicKey(value).openssh()
def validate_sshpubkey_no_options(ugettext, value): try: pubkey = SSHPublicKey(value) except ValueError, UnicodeDecodeError: return _('invalid SSH public key')