def BuildStructures(self, metadata):
"""Build structures for client described by metadata."""
ret = lxml.etree.Element("Independent", version='2.0')
fragments = reduce(lambda x, y: x + y,
[base.Match(metadata) for base
in list(self.entries.values())], [])
[ret.append(copy.copy(frag)) for frag in fragments]
return [ret]
def GetStructures(self, metadata):
"""Get all structures for client specified by metadata."""
structures = reduce(lambda x, y: x + y,
[struct.BuildStructures(metadata)
for struct in self.structures], [])
sbundles = [b.get('name') for b in structures if b.tag == 'Bundle']
missing = [b for b in metadata.bundles if b not in sbundles]
if missing:
self.logger.error("Client %s configuration missing bundles: %s" %
(metadata.hostname, ':'.join(missing)))
return structures
def get_skn(self):
"""Build memory cache of the ssh known hosts file."""
if not self.__skn:
# if no metadata is registered yet, defer
if len(self.core.metadata.query.all()) == 0:
self.__skn = False
return self.__skn
skn = [s.data.decode().rstrip()
for s in list(self.static.values())]
mquery = self.core.metadata.query
# build hostname cache
names = dict()
for cmeta in mquery.all():
names[cmeta.hostname] = set([cmeta.hostname])
names[cmeta.hostname].update(cmeta.aliases)
newnames = set()
newips = set()
for name in names[cmeta.hostname]:
newnames.add(name.split('.')[0])
try:
newips.add(self.get_ipcache_entry(name)[0])
except:
continue
names[cmeta.hostname].update(newnames)
names[cmeta.hostname].update(cmeta.addresses)
names[cmeta.hostname].update(newips)
# TODO: Only perform reverse lookups on IPs if an option is set.
if True:
for ip in newips:
try:
names[cmeta.hostname].update(self.get_namecache_entry(ip))
except:
continue
names[cmeta.hostname] = sorted(names[cmeta.hostname])
pubkeys = [pubk for pubk in list(self.entries.keys())
if pubk.endswith('.pub')]
pubkeys.sort()
for pubkey in pubkeys:
for entry in sorted(self.entries[pubkey].entries.values(),
key=lambda e: e.specific.hostname or e.specific.group):
specific = entry.specific
hostnames = []
if specific.hostname and specific.hostname in names:
hostnames = names[specific.hostname]
elif specific.group:
hostnames = \
reduce(lambda x, y: x + y,
[names[cmeta.hostname]
for cmeta in \
mquery.by_groups([specific.group])], [])
elif specific.all:
# a generic key for all hosts? really?
hostnames = reduce(lambda x, y: x + y,
list(names.values()), [])
if not hostnames:
if specific.hostname:
key = specific.hostname
ktype = "host"
elif specific.group:
key = specific.group
ktype = "group"
else:
# user has added a global SSH key, but
# have no clients yet. don't warn about
# this.
continue
if key not in self.badnames:
self.badnames[key] = True
self.logger.info("Ignoring key for unknown %s %s" %
(ktype, key))
continue
skn.append("%s %s" % (','.join(hostnames),
entry.data.rstrip()))
self.__skn = "\n".join(skn) + "\n"
return self.__skn
