SSHbase: Generate known_hosts file in consistent order (Patch from Lee Loucks)

From Ticket #869: Because the order of a python set is dependent on the order of the hash of entries of that set, the get_skn method generates a entries in the ssh_known_hosts with the names ordered according to their has instead of a consistent (from the user point of view) order. Some entries are IP, hostname and other entries are hostname, IP. This patch corrects that. Signed-off-by: Sol Jerome <solj@ices.utexas.edu> git-svn-id: https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2@5793 ce84e21b-d406-0410-9b95-82705330c041
author: Sol Jerome <solj@ices.utexas.edu> 2010-03-25 21:10:13 +0000
committer: Sol Jerome <solj@ices.utexas.edu> 2010-03-25 17:19:44 -0500
commit: f7cdad6b141b86eeb6e52c0ba590f475d166aa65 (patch)
tree: b22fd3a8538e4db0da2bdb27068963c8f519e90c /src
parent: 5d3338b5da94a1e884ca5328bfa3df8cc2107e3b (diff)
download: bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.gz
bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.bz2
bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.zip
1 files changed, 32 insertions, 31 deletions
diff --git a/src/lib/Server/Plugins/SSHbase.py b/src/lib/Server/Plugins/SSHbase.py
index d66a458ca..4e26001c1 100644
--- a/src/lib/Server/Plugins/SSHbase.py
+++ b/src/lib/Server/Plugins/SSHbase.py
@@ -64,7 +64,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
                          '/etc/ssh/ssh_host_key': self.build_hk,
                          '/etc/ssh/ssh_host_key.pub': self.build_hk}}
         self.ipcache = {}
-	self.namecache = {}
+        self.namecache = {}
         self.__skn = False
 
     def get_skn(self):
@@ -82,7 +82,7 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
                 names[cmeta.hostname] = set([cmeta.hostname])
                 names[cmeta.hostname].update(cmeta.aliases)
                 newnames = set()
-		newips = set()
+                newips = set()
                 for name in names[cmeta.hostname]:
                     newnames.add(name.split('.')[0])
                     try:
@@ -91,14 +91,15 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
                         continue
                 names[cmeta.hostname].update(newnames)
                 names[cmeta.hostname].update(cmeta.addresses)
-		names[cmeta.hostname].update(newips)
-		# TODO: Only perform reverse lookups on IPs if an option is set.
-		if True:
-		    for ip in newips:
-			try:
-			    names[cmeta.hostname].update(self.get_namecache_entry(ip))
-			except:
-			    continue
+                names[cmeta.hostname].update(newips)
+                # TODO: Only perform reverse lookups on IPs if an option is set.
+                if True:
+                    for ip in newips:
+                        try:
+                            names[cmeta.hostname].update(self.get_namecache_entry(ip))
+                        except:
+                            continue
+                names[cmeta.hostname] = sorted(names[cmeta.hostname])
             # now we have our name cache
             pubkeys = [pubk for pubk in self.entries.keys() \
                        if pubk.find('.pub.H_') != -1]
@@ -170,27 +171,27 @@ class SSHbase(Bcfg2.Server.Plugin.Plugin,
                 raise socket.gaierror
 
     def get_namecache_entry(self, cip):
-	'''build a cache of name lookups from client IP addresses'''
-	if cip in self.namecache:
-	    # lookup cached name from IP
-	    if self.namecache[cip]:
-		return self.namecache[cip]
-	    else:
-		raise socket.gaierror
-	else:
-	    # add an entry that has not been cached
-	    try:
-		rvlookup = socket.gethostbyaddr(cip)
-		if rvlookup[0]:
-		    self.namecache[cip] = [rvlookup[0]]
-		else:
-		    self.namecache[cip] = []
-		self.namecache[cip].extend(rvlookup[1])
-		return self.namecache[cip]
-	    except socket.gaierror:
-		self.namecache[cip] = False
-		self.logger.error("Failed to find any names associated with IP address %s" % cip)
-		raise
+        '''build a cache of name lookups from client IP addresses'''
+        if cip in self.namecache:
+            # lookup cached name from IP
+            if self.namecache[cip]:
+                return self.namecache[cip]
+            else:
+                raise socket.gaierror
+        else:
+            # add an entry that has not been cached
+            try:
+                rvlookup = socket.gethostbyaddr(cip)
+                if rvlookup[0]:
+                    self.namecache[cip] = [rvlookup[0]]
+                else:
+                    self.namecache[cip] = []
+                self.namecache[cip].extend(rvlookup[1])
+                return self.namecache[cip]
+            except socket.gaierror:
+                self.namecache[cip] = False
+                self.logger.error("Failed to find any names associated with IP address %s" % cip)
+                raise
 
     def build_skn(self, entry, metadata):
         '''This function builds builds a host specific known_hosts file'''
author	Sol Jerome <solj@ices.utexas.edu>	2010-03-25 21:10:13 +0000
committer	Sol Jerome <solj@ices.utexas.edu>	2010-03-25 17:19:44 -0500
commit	f7cdad6b141b86eeb6e52c0ba590f475d166aa65 (patch)
tree	b22fd3a8538e4db0da2bdb27068963c8f519e90c /src
parent	5d3338b5da94a1e884ca5328bfa3df8cc2107e3b (diff)
download	bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.gz bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.tar.bz2 bcfg2-f7cdad6b141b86eeb6e52c0ba590f475d166aa65.zip