diff options
| author | Bryan McLellan <btm@opscode.com> | 2012-12-06 09:39:10 -0800 |
|---|---|---|
| committer | Bryan McLellan <btm@opscode.com> | 2012-12-06 09:44:58 -0800 |
| commit | c0f1fcc0c88fa1f27ad8eb95b5ea368c3722507f (patch) | |
| tree | 2ae93381eb96eab958c5eb8c85b2bb12a8298365 | |
| parent | d3b126b1f0237cc092f686a622013c87a2a21ddf (diff) | |
| download | ohai-btm/OHAI-402.tar.gz | |
OHAI-402: Use a single ssh_host_key plugin for all platformsbtm/OHAI-402
- Add support to read sshd_config for HostKey location
- Otherwise look in the reasonable places
| -rw-r--r-- | lib/ohai/plugins/aix/ssh_host_key.rb | 26 | ||||
| -rw-r--r-- | lib/ohai/plugins/darwin/ssh_host_key.rb | 25 | ||||
| -rw-r--r-- | lib/ohai/plugins/freebsd/ssh_host_key.rb | 26 | ||||
| -rw-r--r-- | lib/ohai/plugins/hpux/ssh_host_key.rb | 26 | ||||
| -rw-r--r-- | lib/ohai/plugins/linux/ssh_host_key.rb | 26 | ||||
| -rw-r--r-- | lib/ohai/plugins/netbsd/ssh_host_key.rb | 26 | ||||
| -rw-r--r-- | lib/ohai/plugins/openbsd/ssh_host_key.rb | 26 | ||||
| -rw-r--r-- | lib/ohai/plugins/solaris2/ssh_host_key.rb | 31 | ||||
| -rw-r--r-- | lib/ohai/plugins/ssh_host_key.rb | 63 | ||||
| -rw-r--r-- | spec/ohai/plugins/ssh_host_keys_spec.rb | 77 |
10 files changed, 140 insertions, 212 deletions
diff --git a/lib/ohai/plugins/aix/ssh_host_key.rb b/lib/ohai/plugins/aix/ssh_host_key.rb deleted file mode 100644 index f1347828..00000000 --- a/lib/ohai/plugins/aix/ssh_host_key.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new - -keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1] -keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1] diff --git a/lib/ohai/plugins/darwin/ssh_host_key.rb b/lib/ohai/plugins/darwin/ssh_host_key.rb deleted file mode 100644 index a9eb9458..00000000 --- a/lib/ohai/plugins/darwin/ssh_host_key.rb +++ /dev/null @@ -1,25 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new -keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh_host_dsa_key.pub").split[1] -keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh_host_rsa_key.pub").split[1]
\ No newline at end of file diff --git a/lib/ohai/plugins/freebsd/ssh_host_key.rb b/lib/ohai/plugins/freebsd/ssh_host_key.rb deleted file mode 100644 index f1347828..00000000 --- a/lib/ohai/plugins/freebsd/ssh_host_key.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new - -keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1] -keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1] diff --git a/lib/ohai/plugins/hpux/ssh_host_key.rb b/lib/ohai/plugins/hpux/ssh_host_key.rb deleted file mode 100644 index 0eaa92d8..00000000 --- a/lib/ohai/plugins/hpux/ssh_host_key.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new - -keys[:ssh][:host_dsa_public] = IO.read("/opt/ssh/etc/ssh_host_dsa_key.pub").split[1] -keys[:ssh][:host_rsa_public] = IO.read("/opt/ssh/etc/ssh_host_rsa_key.pub").split[1] diff --git a/lib/ohai/plugins/linux/ssh_host_key.rb b/lib/ohai/plugins/linux/ssh_host_key.rb deleted file mode 100644 index f1347828..00000000 --- a/lib/ohai/plugins/linux/ssh_host_key.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new - -keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1] -keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1] diff --git a/lib/ohai/plugins/netbsd/ssh_host_key.rb b/lib/ohai/plugins/netbsd/ssh_host_key.rb deleted file mode 100644 index f1347828..00000000 --- a/lib/ohai/plugins/netbsd/ssh_host_key.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new - -keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1] -keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1] diff --git a/lib/ohai/plugins/openbsd/ssh_host_key.rb b/lib/ohai/plugins/openbsd/ssh_host_key.rb deleted file mode 100644 index f1347828..00000000 --- a/lib/ohai/plugins/openbsd/ssh_host_key.rb +++ /dev/null @@ -1,26 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new - -keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1] -keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1] diff --git a/lib/ohai/plugins/solaris2/ssh_host_key.rb b/lib/ohai/plugins/solaris2/ssh_host_key.rb deleted file mode 100644 index eae1dd9e..00000000 --- a/lib/ohai/plugins/solaris2/ssh_host_key.rb +++ /dev/null @@ -1,31 +0,0 @@ -# -# Author:: Adam Jacob (<adam@opscode.com>) -# Copyright:: Copyright (c) 2008 Opscode, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -provides "keys/ssh" - -require_plugin "keys" - -keys[:ssh] = Mash.new - -if File.exists?("/etc/ssh/ssh_host_dsa_key.pub") - keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1] - keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1] -else - keys[:ssh][:host_dsa_public] = IO.read("/var/ssh/ssh_host_dsa_key.pub").split[1] - keys[:ssh][:host_rsa_public] = IO.read("/var/ssh/ssh_host_rsa_key.pub").split[1] -end diff --git a/lib/ohai/plugins/ssh_host_key.rb b/lib/ohai/plugins/ssh_host_key.rb new file mode 100644 index 00000000..f1624a89 --- /dev/null +++ b/lib/ohai/plugins/ssh_host_key.rb @@ -0,0 +1,63 @@ +# +# Author:: Bryan McLellan <btm@opscode.com> +# Copyright:: Copyright (c) 2012 Opscode, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +provides "keys/ssh" +require_plugin "keys" + +keys[:ssh] = Mash.new + +def is_dsa_or_rsa?(file) + case IO.read(file).split[0] + when "ssh-dss" + "dsa" + when "ssh-rsa" + "rsa" + else + nil + end +end + +sshd_config = if File.exists?("/etc/ssh/sshd_config") + "/etc/ssh/sshd_config" + elsif File.exists?("/etc/sshd_config") + # Darwin + "/etc/sshd_config" + else + Ohai::Log.debug("Failed to find sshd configuration file") + nil + end + +if sshd_config + File.open(sshd_config) do |conf| + conf.each_line do |line| + if line.match(/^hostkey\s/i) + pub_file = "#{line.split[1]}.pub" + key_type = is_dsa_or_rsa?(pub_file) + keys[:ssh]["host_#{key_type}_public"] = IO.read(pub_file).split[1] unless key_type.nil? + end + end + end +else + if keys[:ssh][:host_dsa_public].nil? && File.exists?("/etc/ssh/ssh_host_dsa_key.pub") + keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1] + end + + if keys[:ssh][:host_rsa_public].nil? && File.exists?("/etc/ssh/ssh_host_rsa_key.pub") + keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1] + end +end diff --git a/spec/ohai/plugins/ssh_host_keys_spec.rb b/spec/ohai/plugins/ssh_host_keys_spec.rb new file mode 100644 index 00000000..c102dd24 --- /dev/null +++ b/spec/ohai/plugins/ssh_host_keys_spec.rb @@ -0,0 +1,77 @@ +# +# Author:: Bryan McLellan <btm@opscode.com> +# Copyright:: Copyright (c) 2012 Opscode, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require File.expand_path(File.join(File.dirname(__FILE__), '..', '..', '/spec_helper.rb')) + +describe Ohai::System, "ssh_host_key plugin" do + + before(:each) do + @ohai = Ohai::System.new + @ohai[:keys] = Mash.new + @ohai.stub(:require_plugin).and_return(true) + + # Avoid using the real from_file to load the plugin => less stubbing required + @ohai.extend(SimpleFromFile) + + File.stub(:exists?).with("/etc/ssh/sshd_config").and_return(true) + sshd_config_file =<<EOS +# HostKeys for protocol version 2 +HostKey /etc/ssh/ssh_host_rsa_key +HostKey /etc/ssh/ssh_host_dsa_key +EOS + File.stub(:open).with("/etc/ssh/sshd_config").and_yield(sshd_config_file) + File.stub(:exists?).and_return(true) + File.stub(:exists?).with("/etc/ssh/ssh_host_dsa_key.pub").and_return(true) + File.stub(:exists?).with("/etc/ssh/ssh_host_rsa_key.pub").and_return(true) + + # Ensure we can still use IO.read + io_read = IO.method(:read) + IO.stub(:read) { |file| io_read.call(file) } + + # Return fake public key files so we don't have to go digging for them in unit tests + @dsa_key = "ssh-dss AAAAB3NzaC1kc3MAAACBAMHlT02xN8kietxPfhcb98xHueTzKCOTz6dZlP/dmKILHrQOAExuSEeNiA2uvmhHNVQvs/cBsRiDxgSKux3ie2q8+MB6vHCiSpSkoPjrL75iT57YDilCB4/sytt6IJpj+H42wRDWTX0/QRybMHUvmnmEL0cwZXykSvrIum0BKB6hAAAAFQDsi6WUCClhtZIiTY9uh8eAre+SbQAAAIEAgNnuw0uEuqtcVif+AYd/bCZvL9FPqg7DrmTkamNEcVinhUGwsPGJTLJf+o5ens1X4RzQoi1R6Y6zCTL2FN/hZgINJNO0z9BN402wWrZmQd+Vb1U5DyDtveuvipqyQS+fm9neRwdLuv36Fc9f9nkZ7YHpkGPJp+yJpG4OoeREhwgAAACBAIf9kKLf2XiXnlByzlJ2Naa55d/hp2E059VKCRsBS++xFKYKvSqjnDQBFiMtAUhb8EdTyBGyalqOgqogDQVtwHfTZWZwqHAhry9aM06y92Eu/xSey4tWjKeknOsnRe640KC4zmKDBRTrjjkuAdrKPN9k3jl+OCc669JHlIfo6kqf oppa" + @rsa_key = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuhcVXV+nNapkyUC5p4TH1ymRxUjtMBKqYWmwyI29gVFnUNeHkKFHWon0KFeGJP2Rm8BfTiZa9ER9e8pRr4Nd+z1C1o0kVoxEEfB9tpSdTlpk1GG83D94l57fij8THRVIwuCEosViUlg1gDgC4SpxbqfdBkUN2qyf6JDOh7t2QpYh7berpDEWeBpb7BKdLEDT57uw7ijKzSNyaXqq8KkB9I+UFrRwpuos4W7ilX+PQ+mWLi2ZZJfTYZMxxVS+qJwiDtNxGCRwTOQZG03kI7eLBZG+igupr0uD4o6qeftPOr0kxgjoPU4nEKvYiGq8Rqd2vYrhiaJHLk9QB6xStQvS3Q== oppa" + IO.stub(:read).with("/etc/ssh/ssh_host_dsa_key.pub").and_return(@dsa_key) + IO.stub(:read).with("/etc/ssh/ssh_host_rsa_key.pub").and_return(@rsa_key) + end + + shared_examples "loads keys" do + it "reads the key and sets the dsa attribute correctly" do + @ohai._require_plugin("ssh_host_key") + @ohai[:keys][:ssh][:host_dsa_public].should eql(@dsa_key.split[1]) + end + + it "reads the key and sets the rsa attribute correctly" do + @ohai._require_plugin("ssh_host_key") + @ohai[:keys][:ssh][:host_rsa_public].should eql(@rsa_key.split[1]) + end + end + + context "when an sshd_config exists" do + it_behaves_like "loads keys" + end + + context "when an sshd_config can not be found" do + before do + File.stub(:exists?).with("/etc/ssh/sshd_config").and_return(false) + File.stub(:exists?).with("/etc/sshd_config").and_return(false) + end + + it_behaves_like "loads keys" + end +end |