|
|
|
|
@ -207,73 +207,17 @@ class Connection(ConnectionBase):
|
|
|
|
|
stdin.close()
|
|
|
|
|
return (p.returncode, stdout, stderr)
|
|
|
|
|
|
|
|
|
|
def not_in_host_file(self, host):
|
|
|
|
|
if 'USER' in os.environ:
|
|
|
|
|
user_host_file = os.path.expandvars("~${USER}/.ssh/known_hosts")
|
|
|
|
|
else:
|
|
|
|
|
user_host_file = "~/.ssh/known_hosts"
|
|
|
|
|
user_host_file = os.path.expanduser(user_host_file)
|
|
|
|
|
|
|
|
|
|
host_file_list = []
|
|
|
|
|
host_file_list.append(user_host_file)
|
|
|
|
|
host_file_list.append("/etc/ssh/ssh_known_hosts")
|
|
|
|
|
host_file_list.append("/etc/ssh/ssh_known_hosts2")
|
|
|
|
|
|
|
|
|
|
hfiles_not_found = 0
|
|
|
|
|
for hf in host_file_list:
|
|
|
|
|
if not os.path.exists(hf):
|
|
|
|
|
hfiles_not_found += 1
|
|
|
|
|
continue
|
|
|
|
|
try:
|
|
|
|
|
host_fh = open(hf)
|
|
|
|
|
except IOError as e:
|
|
|
|
|
hfiles_not_found += 1
|
|
|
|
|
continue
|
|
|
|
|
else:
|
|
|
|
|
data = host_fh.read()
|
|
|
|
|
host_fh.close()
|
|
|
|
|
|
|
|
|
|
for line in data.split("\n"):
|
|
|
|
|
if line is None or " " not in line:
|
|
|
|
|
continue
|
|
|
|
|
tokens = line.split()
|
|
|
|
|
if not tokens:
|
|
|
|
|
continue
|
|
|
|
|
|
|
|
|
|
if isinstance(tokens, list) and tokens: # skip invalid hostlines
|
|
|
|
|
if tokens[0].find(self.HASHED_KEY_MAGIC) == 0:
|
|
|
|
|
# this is a hashed known host entry
|
|
|
|
|
try:
|
|
|
|
|
(kn_salt,kn_host) = tokens[0][len(self.HASHED_KEY_MAGIC):].split("|",2)
|
|
|
|
|
hash = hmac.new(kn_salt.decode('base64'), digestmod=sha1)
|
|
|
|
|
hash.update(host)
|
|
|
|
|
if hash.digest() == kn_host.decode('base64'):
|
|
|
|
|
return False
|
|
|
|
|
except:
|
|
|
|
|
# invalid hashed host key, skip it
|
|
|
|
|
continue
|
|
|
|
|
else:
|
|
|
|
|
# standard host file entry
|
|
|
|
|
if host in tokens[0]:
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
if (hfiles_not_found == len(host_file_list)):
|
|
|
|
|
self._display.vvv("EXEC previous known host file not found for {0}".format(host))
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def lock_host_keys(self, lock):
|
|
|
|
|
|
|
|
|
|
if C.HOST_KEY_CHECKING and self.not_in_host_file(self.host):
|
|
|
|
|
if lock:
|
|
|
|
|
action = fcntl.LOCK_EX
|
|
|
|
|
else:
|
|
|
|
|
action = fcntl.LOCK_UN
|
|
|
|
|
|
|
|
|
|
# lock around the initial SSH connectivity so the user prompt about whether to add
|
|
|
|
|
# the host to known hosts is not intermingled with multiprocess output.
|
|
|
|
|
# FIXME: move the locations of these lock files, same as init above, these came from runner, probably need to be in task_executor
|
|
|
|
|
# fcntl.lockf(self.process_lockfile, action)
|
|
|
|
|
# fcntl.lockf(self.output_lockfile, action)
|
|
|
|
|
# lock around the initial SSH connectivity so the user prompt about
|
|
|
|
|
# whether to add the host to known hosts is not intermingled with
|
|
|
|
|
# multiprocess output.
|
|
|
|
|
#
|
|
|
|
|
# This is a noop for now, pending further investigation. The lock file
|
|
|
|
|
# should be opened in TaskQueueManager and passed down through the
|
|
|
|
|
# PlayContext.
|
|
|
|
|
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
def exec_command(self, *args, **kwargs):
|
|
|
|
|
"""
|
|
|
|
|
|
James Cammarata
9 years ago