From c0f1fcc0c88fa1f27ad8eb95b5ea368c3722507f Mon Sep 17 00:00:00 2001
From: Bryan McLellan <btm@opscode.com>
Date: Thu, 6 Dec 2012 09:39:10 -0800
Subject: OHAI-402: Use a single ssh_host_key plugin for all platforms

- Add support to read sshd_config for HostKey location
- Otherwise look in the reasonable places
---
 lib/ohai/plugins/aix/ssh_host_key.rb      | 26 -----------
 lib/ohai/plugins/darwin/ssh_host_key.rb   | 25 ----------
 lib/ohai/plugins/freebsd/ssh_host_key.rb  | 26 -----------
 lib/ohai/plugins/hpux/ssh_host_key.rb     | 26 -----------
 lib/ohai/plugins/linux/ssh_host_key.rb    | 26 -----------
 lib/ohai/plugins/netbsd/ssh_host_key.rb   | 26 -----------
 lib/ohai/plugins/openbsd/ssh_host_key.rb  | 26 -----------
 lib/ohai/plugins/solaris2/ssh_host_key.rb | 31 -------------
 lib/ohai/plugins/ssh_host_key.rb          | 63 +++++++++++++++++++++++++
 spec/ohai/plugins/ssh_host_keys_spec.rb   | 77 +++++++++++++++++++++++++++++++
 10 files changed, 140 insertions(+), 212 deletions(-)
 delete mode 100644 lib/ohai/plugins/aix/ssh_host_key.rb
 delete mode 100644 lib/ohai/plugins/darwin/ssh_host_key.rb
 delete mode 100644 lib/ohai/plugins/freebsd/ssh_host_key.rb
 delete mode 100644 lib/ohai/plugins/hpux/ssh_host_key.rb
 delete mode 100644 lib/ohai/plugins/linux/ssh_host_key.rb
 delete mode 100644 lib/ohai/plugins/netbsd/ssh_host_key.rb
 delete mode 100644 lib/ohai/plugins/openbsd/ssh_host_key.rb
 delete mode 100644 lib/ohai/plugins/solaris2/ssh_host_key.rb
 create mode 100644 lib/ohai/plugins/ssh_host_key.rb
 create mode 100644 spec/ohai/plugins/ssh_host_keys_spec.rb

diff --git a/lib/ohai/plugins/aix/ssh_host_key.rb b/lib/ohai/plugins/aix/ssh_host_key.rb
deleted file mode 100644
index f1347828..00000000
--- a/lib/ohai/plugins/aix/ssh_host_key.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-
-keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1]
-keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1]
diff --git a/lib/ohai/plugins/darwin/ssh_host_key.rb b/lib/ohai/plugins/darwin/ssh_host_key.rb
deleted file mode 100644
index a9eb9458..00000000
--- a/lib/ohai/plugins/darwin/ssh_host_key.rb
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh_host_dsa_key.pub").split[1]
-keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh_host_rsa_key.pub").split[1]
\ No newline at end of file
diff --git a/lib/ohai/plugins/freebsd/ssh_host_key.rb b/lib/ohai/plugins/freebsd/ssh_host_key.rb
deleted file mode 100644
index f1347828..00000000
--- a/lib/ohai/plugins/freebsd/ssh_host_key.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-
-keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1]
-keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1]
diff --git a/lib/ohai/plugins/hpux/ssh_host_key.rb b/lib/ohai/plugins/hpux/ssh_host_key.rb
deleted file mode 100644
index 0eaa92d8..00000000
--- a/lib/ohai/plugins/hpux/ssh_host_key.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-
-keys[:ssh][:host_dsa_public] = IO.read("/opt/ssh/etc/ssh_host_dsa_key.pub").split[1]
-keys[:ssh][:host_rsa_public] = IO.read("/opt/ssh/etc/ssh_host_rsa_key.pub").split[1]
diff --git a/lib/ohai/plugins/linux/ssh_host_key.rb b/lib/ohai/plugins/linux/ssh_host_key.rb
deleted file mode 100644
index f1347828..00000000
--- a/lib/ohai/plugins/linux/ssh_host_key.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-
-keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1]
-keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1]
diff --git a/lib/ohai/plugins/netbsd/ssh_host_key.rb b/lib/ohai/plugins/netbsd/ssh_host_key.rb
deleted file mode 100644
index f1347828..00000000
--- a/lib/ohai/plugins/netbsd/ssh_host_key.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-
-keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1]
-keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1]
diff --git a/lib/ohai/plugins/openbsd/ssh_host_key.rb b/lib/ohai/plugins/openbsd/ssh_host_key.rb
deleted file mode 100644
index f1347828..00000000
--- a/lib/ohai/plugins/openbsd/ssh_host_key.rb
+++ /dev/null
@@ -1,26 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-
-keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1]
-keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1]
diff --git a/lib/ohai/plugins/solaris2/ssh_host_key.rb b/lib/ohai/plugins/solaris2/ssh_host_key.rb
deleted file mode 100644
index eae1dd9e..00000000
--- a/lib/ohai/plugins/solaris2/ssh_host_key.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-#
-# Author:: Adam Jacob (<adam@opscode.com>)
-# Copyright:: Copyright (c) 2008 Opscode, Inc.
-# License:: Apache License, Version 2.0
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-provides "keys/ssh"
-
-require_plugin "keys"
-
-keys[:ssh] = Mash.new
-
-if File.exists?("/etc/ssh/ssh_host_dsa_key.pub")
-  keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1]
-  keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1]
-else
-  keys[:ssh][:host_dsa_public] = IO.read("/var/ssh/ssh_host_dsa_key.pub").split[1]
-  keys[:ssh][:host_rsa_public] = IO.read("/var/ssh/ssh_host_rsa_key.pub").split[1]
-end
diff --git a/lib/ohai/plugins/ssh_host_key.rb b/lib/ohai/plugins/ssh_host_key.rb
new file mode 100644
index 00000000..f1624a89
--- /dev/null
+++ b/lib/ohai/plugins/ssh_host_key.rb
@@ -0,0 +1,63 @@
+#
+# Author:: Bryan McLellan <btm@opscode.com>
+# Copyright:: Copyright (c) 2012 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+provides "keys/ssh"
+require_plugin "keys"
+
+keys[:ssh] = Mash.new
+
+def is_dsa_or_rsa?(file)
+  case IO.read(file).split[0]
+  when "ssh-dss"
+    "dsa"
+  when "ssh-rsa"
+    "rsa"
+  else
+    nil
+  end
+end
+
+sshd_config = if File.exists?("/etc/ssh/sshd_config")
+                "/etc/ssh/sshd_config"
+              elsif File.exists?("/etc/sshd_config")
+                # Darwin
+                "/etc/sshd_config"
+              else
+                Ohai::Log.debug("Failed to find sshd configuration file")
+                nil
+              end
+
+if sshd_config
+  File.open(sshd_config) do |conf|
+    conf.each_line do |line|
+      if line.match(/^hostkey\s/i)
+        pub_file = "#{line.split[1]}.pub"
+        key_type = is_dsa_or_rsa?(pub_file)
+        keys[:ssh]["host_#{key_type}_public"] = IO.read(pub_file).split[1] unless key_type.nil?
+      end
+    end
+  end
+else
+  if keys[:ssh][:host_dsa_public].nil? && File.exists?("/etc/ssh/ssh_host_dsa_key.pub")
+    keys[:ssh][:host_dsa_public] = IO.read("/etc/ssh/ssh_host_dsa_key.pub").split[1]
+  end
+
+  if keys[:ssh][:host_rsa_public].nil? && File.exists?("/etc/ssh/ssh_host_rsa_key.pub")
+    keys[:ssh][:host_rsa_public] = IO.read("/etc/ssh/ssh_host_rsa_key.pub").split[1]
+  end
+end
diff --git a/spec/ohai/plugins/ssh_host_keys_spec.rb b/spec/ohai/plugins/ssh_host_keys_spec.rb
new file mode 100644
index 00000000..c102dd24
--- /dev/null
+++ b/spec/ohai/plugins/ssh_host_keys_spec.rb
@@ -0,0 +1,77 @@
+#
+# Author:: Bryan McLellan <btm@opscode.com>
+# Copyright:: Copyright (c) 2012 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#     http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require File.expand_path(File.join(File.dirname(__FILE__), '..', '..', '/spec_helper.rb'))
+
+describe Ohai::System, "ssh_host_key plugin" do
+
+  before(:each) do
+    @ohai = Ohai::System.new
+    @ohai[:keys] = Mash.new
+    @ohai.stub(:require_plugin).and_return(true)
+
+    # Avoid using the real from_file to load the plugin => less stubbing required
+    @ohai.extend(SimpleFromFile)
+
+    File.stub(:exists?).with("/etc/ssh/sshd_config").and_return(true)
+    sshd_config_file =<<EOS
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+EOS
+    File.stub(:open).with("/etc/ssh/sshd_config").and_yield(sshd_config_file)
+    File.stub(:exists?).and_return(true)
+    File.stub(:exists?).with("/etc/ssh/ssh_host_dsa_key.pub").and_return(true)
+    File.stub(:exists?).with("/etc/ssh/ssh_host_rsa_key.pub").and_return(true)
+
+    # Ensure we can still use IO.read
+    io_read = IO.method(:read)
+    IO.stub(:read) { |file| io_read.call(file) }
+
+    # Return fake public key files so we don't have to go digging for them in unit tests
+    @dsa_key = "ssh-dss AAAAB3NzaC1kc3MAAACBAMHlT02xN8kietxPfhcb98xHueTzKCOTz6dZlP/dmKILHrQOAExuSEeNiA2uvmhHNVQvs/cBsRiDxgSKux3ie2q8+MB6vHCiSpSkoPjrL75iT57YDilCB4/sytt6IJpj+H42wRDWTX0/QRybMHUvmnmEL0cwZXykSvrIum0BKB6hAAAAFQDsi6WUCClhtZIiTY9uh8eAre+SbQAAAIEAgNnuw0uEuqtcVif+AYd/bCZvL9FPqg7DrmTkamNEcVinhUGwsPGJTLJf+o5ens1X4RzQoi1R6Y6zCTL2FN/hZgINJNO0z9BN402wWrZmQd+Vb1U5DyDtveuvipqyQS+fm9neRwdLuv36Fc9f9nkZ7YHpkGPJp+yJpG4OoeREhwgAAACBAIf9kKLf2XiXnlByzlJ2Naa55d/hp2E059VKCRsBS++xFKYKvSqjnDQBFiMtAUhb8EdTyBGyalqOgqogDQVtwHfTZWZwqHAhry9aM06y92Eu/xSey4tWjKeknOsnRe640KC4zmKDBRTrjjkuAdrKPN9k3jl+OCc669JHlIfo6kqf oppa"
+    @rsa_key = "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAuhcVXV+nNapkyUC5p4TH1ymRxUjtMBKqYWmwyI29gVFnUNeHkKFHWon0KFeGJP2Rm8BfTiZa9ER9e8pRr4Nd+z1C1o0kVoxEEfB9tpSdTlpk1GG83D94l57fij8THRVIwuCEosViUlg1gDgC4SpxbqfdBkUN2qyf6JDOh7t2QpYh7berpDEWeBpb7BKdLEDT57uw7ijKzSNyaXqq8KkB9I+UFrRwpuos4W7ilX+PQ+mWLi2ZZJfTYZMxxVS+qJwiDtNxGCRwTOQZG03kI7eLBZG+igupr0uD4o6qeftPOr0kxgjoPU4nEKvYiGq8Rqd2vYrhiaJHLk9QB6xStQvS3Q== oppa"
+    IO.stub(:read).with("/etc/ssh/ssh_host_dsa_key.pub").and_return(@dsa_key)
+    IO.stub(:read).with("/etc/ssh/ssh_host_rsa_key.pub").and_return(@rsa_key)
+  end
+
+  shared_examples "loads keys" do
+    it "reads the key and sets the dsa attribute correctly" do
+      @ohai._require_plugin("ssh_host_key")
+      @ohai[:keys][:ssh][:host_dsa_public].should eql(@dsa_key.split[1])
+    end
+  
+    it "reads the key and sets the rsa attribute correctly" do
+      @ohai._require_plugin("ssh_host_key")
+      @ohai[:keys][:ssh][:host_rsa_public].should eql(@rsa_key.split[1])
+    end
+  end
+
+  context "when an sshd_config exists" do
+    it_behaves_like "loads keys"
+  end
+
+  context "when an sshd_config can not be found" do
+    before do
+      File.stub(:exists?).with("/etc/ssh/sshd_config").and_return(false)
+      File.stub(:exists?).with("/etc/sshd_config").and_return(false)
+    end
+
+    it_behaves_like "loads keys"
+  end
+end
-- 
cgit v1.2.1