%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python2.7/site-packages/salt/
Upload File :
Create Path :
Current File : //lib/python2.7/site-packages/salt/key.pyc

�
���^c@@sdZddlmZmZmZddlZddlZddlZddlZddl	Z	ddl
Z
ddlZddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlZ
ddlmZddl m!Z!m"Z"yddl#Z#Wne$k
r�nXej%e&�Z'd�Z(de)fd��YZ*d	e*fd
��YZ+de)fd��YZ,d
e,fd��YZ-dS(u�
The Salt Key backend API and interface used by the CLI. The Key class can be
used to manage salt keys directly without interfacing with the CLI.
i(tabsolute_importtprint_functiontunicode_literalsN(tsix(tinputtzip_longestcC@s(|ddkrt|�St|�SdS(Nu	transportuzeromqutcp(uzeromqutcp(tKeytRaetKey(topts((s,/usr/lib/python2.7/site-packages/salt/key.pytget_key2s
tKeyCLIcB@s~eZdZidd6dd6dd6dd6Zd	�Zd
�Zd�Zdd�Zdd
�Z	d�Z
d�Zd�ZRS(u#
    Manage key CLI operations
    ulist_statusulistu
delete_keyudeleteugen_keys_signatureu
gen_signatureukey_struprintcC@sw||_tjj|�|_|jddkr=t|_n	t|_|jd�sj|j|�|_nd|_
dS(Nu	transportuzeromqutcpueauth(uzeromqutcp(RtsalttwheeltWheelClienttclientRtkeyRtgettNonetauth(tselfR((s,/usr/lib/python2.7/site-packages/salt/key.pyt__init__Cs		cC@sWxdD]}|j|rPqqW|jd�s|dkrMd|jd<n3|jd�rld|jd<n|j||jd<|jd�r�|jdp�|jd|jd<t|jd<q:|jd	�r:|jdp�|jd|jd<t|jd<q:n7|dkr:|jd|jd<|jd|jd<n|jdd�|jd<dS(Nugen_keysu
gen_signatureulistulist_alluprintu	print_alluacceptu
accept_allurejectu
reject_alludeleteu
delete_allufingeru
finger_allugen_uallumatchu_allu*uinclude_alluinclude_rejecteduinclude_acceptedugen_keys_dirukeydirukeynameuufun(ugen_keysu
gen_signatureulistulist_alluprintu	print_alluacceptu
accept_allurejectu
reject_alludeleteu
delete_allufingeru
finger_allulist_all(Rt
startswithtendswithtFalsetreplace(Rtcmd((s,/usr/lib/python2.7/site-packages/salt/key.pyt_update_optsOsB

!!cC@s�|jr
dSi}|jddk}|jdr�d|jkr�yZtjjjtjj|jdd�d��&}tjj	j
|j��|d<WdQXWq�tk
r�|jd|d<q�Xnd|kr�d|kr�|jdr�tjj
|j�}|j|jd�}|jdrb|rb|j|jd|�}|rb|jdd�|d<qbn|sytjd	�iS|j|�|jd|d<q�n<tjjj�|d
<tjjj|d
|j|�|d<||_dS(Nueauthuutokenucachediru	.root_keyurukeyumktokenuAuthentication faileduuser(RRRtutilstfilestfopentostpathtjointstringutilst
to_unicodetreadlinetIOErrortResolvertclit	token_cliRtlogterrortupdatetusertget_specific_usertmastertget_master_key(Rtlowtskip_perm_errorstfp_tresolvertresttok((s,/usr/lib/python2.7/site-packages/salt/key.pyt
_init_authvs8	
1)
%
	

&cC@s�tjjj|�}|dkr�g}|jr�xTtt|j�t|jpQd��D](\}}|j|j	j
||��qXWn|ddd�}n|jdkr�i}ntjj
||�\}}||fS(Ni����((RRtargstget_function_argspecRRtreversedtdefaultstappendRRtkeywordstminiontload_args_and_kwargs(RtfunR6targspectargtdefaulttkwargs((s,/usr/lib/python2.7/site-packages/salt/key.pyt_get_args_kwargs�s	"#		cC@sh|jjd�s�|jj||�}t|j|�}|j||�\}}|||�}t|t�r�d|kr�|dkr�|jdd�n|Sdj
|�}|jj|}|j||�\}}i|d6|d6|d6}|j
�|j|j�|jj|�}|d	d
}t|t�rdd|krd|dkrd|jdd�n|S(
Nueauthulocalufingeru
finger_allukey.{0}ufunuargukwargudataureturn(ufingeru
finger_all(ufingeru
finger_all(RRtCLI_KEY_MAPtgetattrRRCt
isinstancetdicttpopRtformatRt	functionsR5R*Rtcmd_sync(RRR6R>RBtrettfstrR/((s,/usr/lib/python2.7/site-packages/salt/key.pyt_run_cmd�s0

cC@s|jd�r|Si}|jj|krH||jj||jj<n|jdr�t|j|jj��r�||jj||jj<n|jdr�t|j|jj��r�||jj||jj<n|jdrt|j|jj��r||jj||jj<n|S(Nudeleteuinclude_accepteduinclude_rejecteduinclude_denied(	RRtPENDRtboolRtACCtREJtDEN(RRRLtkeys((s,/usr/lib/python2.7/site-packages/salt/key.pyt_filter_ret�s(((cC@s�dg}|jdr&|jd�n|jdrC|jd�n|jdr`|jd�nt|�dkr|d	}n#d
jdj|d �|d�}d
j||�}t|�dS(Nu
unaccepteduinclude_accepteduaccepteduinclude_rejectedurejecteduinclude_deniedudeniediiu
{0} or {1}u, i����u/The key glob '{0}' does not match any {1} keys.(RR:tlenRIR tprint(RRtmatchtstatuseststat_strtmsg((s,/usr/lib/python2.7/site-packages/salt/key.pyt_print_no_match�s	



#cC@s�|j�|jd}d	}d	}yU|dkr�|jd�}t|t�sptjj|dd|j�|S|j	||�}|s�|j
||jd�d	Std
j|j
d���tjj|dd|j�|jjdt�s_yL|jd�r td
�}|s;d}q;ntd�}|s;d}nWq_tk
r[td��q_Xn||jd<|jjdd	�|}n|d	ks�|j�jd�rw|j|�}|dkr#|dkr�|}nx�|j�D]6}x-|D]%}tdj||j
d���q�Wq�Wqwt|t�rQtjj|dd|j�qwtjji|d6dd|j�nWnYtjjk
r�}dj|�}|jjdt�s�tjj|d|j�q�nX|S(u+
        Run the logic for saltkey
        ufunuaccepturejectudeleteu
name_matchukeyRumatchNu)The following keys are going to be {0}ed:ueuyesuProceed? [N/y] unuProceed? [n/Y] uyu
Exiting on CTRL-cu
match_dictuKey for minion {0} {1}ed.ureturnu{0}uquietunested(uaccepturejectudelete(uaccepturejectudelete(RRRRNRFRGRtoutputtdisplay_outputRUR\RWRItrstripRRRRtKeyboardInterruptt
SystemExitRHtlowertvaluest
exceptionst
SaltException(RRtveriRLtlist_rettminionsR<texc((s,/usr/lib/python2.7/site-packages/salt/key.pytrun�s^




	!	
* N(
t__name__t
__module__t__doc__RDRRR5RRCRNRUR\Rj(((s,/usr/lib/python2.7/site-packages/salt/key.pyR
9s

		'	("		tMultiKeyCLIcB@s�eZdZd�Zd�Zd�Zd�Zeed�Zeed�Z	d�Z
d�Zeed	�Zeed
�Z
d�Zd�Zd
�Zd�Zd�ZRS(u3
    Manage multiple key backends from the CLI
    cC@s�t|d<tt|�j|�t|d�tj|�}tj|�}i|_d|d<t|�|jd<d|d<t|�|jd<dS(Nu__multi_keyukeyuzeromqu	transportuZMQ Keysuraetu	RAET Keys(tTruetsuperRnRtdelattrtcopyRTR
(RRtzoptstropts((s,/usr/lib/python2.7/site-packages/salt/key.pyR2s

	

cG@s<x5|jD]*}t|�t|j||�|�q
WdS(u=
        Call the given function on all backend keys
        N(RTRWRE(RR>R6tkback((s,/usr/lib/python2.7/site-packages/salt/key.pyt	_call_all?s
cC@s|jd|�dS(Nulist_status(Rv(Rtstatus((s,/usr/lib/python2.7/site-packages/salt/key.pytlist_statusGscC@s|jd�dS(Nulist_all(Rv(R((s,/usr/lib/python2.7/site-packages/salt/key.pytlist_allJscC@s|jd|||�dS(Nuaccept(Rv(RRXtinclude_rejectedtinclude_denied((s,/usr/lib/python2.7/site-packages/salt/key.pytacceptMscC@s|jd||�dS(Nu
accept_all(Rv(RRzR{((s,/usr/lib/python2.7/site-packages/salt/key.pyt
accept_allPscC@s|jd|�dS(Nudelete(Rv(RRX((s,/usr/lib/python2.7/site-packages/salt/key.pytdeleteSscC@s|jd�dS(Nu
delete_all(Rv(R((s,/usr/lib/python2.7/site-packages/salt/key.pyt
delete_allVscC@s|jd|||�dS(Nureject(Rv(RRXtinclude_acceptedR{((s,/usr/lib/python2.7/site-packages/salt/key.pytrejectYscC@s|jd||�dS(Nu
reject_all(Rv(RR�R{((s,/usr/lib/python2.7/site-packages/salt/key.pyt
reject_all\scC@s|jd|�dS(Nu	print_key(Rv(RRX((s,/usr/lib/python2.7/site-packages/salt/key.pyt	print_key_scC@s|jd�dS(Nu	print_all(Rv(R((s,/usr/lib/python2.7/site-packages/salt/key.pyt	print_allbscC@s|jd||�dS(Nufinger(Rv(RRXt	hash_type((s,/usr/lib/python2.7/site-packages/salt/key.pytfingerescC@s|jd|�dS(Nu
finger_all(Rv(RR�((s,/usr/lib/python2.7/site-packages/salt/key.pyt
finger_allhscC@s|jd�dS(Nuprep_signature(Rv(R((s,/usr/lib/python2.7/site-packages/salt/key.pytprep_signatureks(RkRlRmRRvRxRyRR|R}R~RR�R�R�R�R�R�R�(((s,/usr/lib/python2.7/site-packages/salt/key.pyRn.s 	
									RcB@sLeZdZdZdZdZdZdd�Zd�Z	d�Z
ddddd�Zd	�Ze
dd
�Zdd�Zd�Ze
d
�Zd�Zd�Zd�Zd�Zd�Zd�Zd�Zdde
e
d�Zd�Zddde
d�Zd�Zd�Zdde
e
d�Zd�Zdd�Z dd�Z!RS(u6
    The object that encapsulates saltkey actions
    uminionsuminions_preuminions_rejecteduminions_deniedc
C@s�||_|jjdd�}|tjjjkr^dj|�}tj|�t	|��ntjj
j||d|dd|dtd|�|_
tjj
j|jjd	�|j�|_dS(
Nu__roleuu!Invalid application kind = '{0}'.usock_diru	transportRtlistentio_loopusigning_key_pass(RRRRtkindst
APPL_KINDSRIR(R)t
ValueErrorteventt	get_eventRtsdbtsdb_gett
passphrase(RRR�tkindtemsg((s,/usr/lib/python2.7/site-packages/salt/key.pyRxs	

cC@s�tjj|jd|j�}tjj|jd|j�}tjj|jd|j�}tjj|jd|j�}||||fS(u8
        Return the minion keys directory paths
        upki_dir(RRR RRQRORRRS(Rtminions_acceptedtminions_pretminions_rejectedtminions_denied((s,/usr/lib/python2.7/site-packages/salt/key.pyt_check_minions_directories�scC@s�|s5d|jkr%|jd}q5|jd}n|scd|jkrZ|jd}qcd}n|sy|jd}n||||fS(Nugen_keys_dirupki_dirugen_keysuminionukeysize(R(RtkeydirtkeynametkeysizeR+((s,/usr/lib/python2.7/site-packages/salt/key.pyt_get_key_attrs�s	cC@si|j||||�\}}}}tjj|||||j�tjjjtjj	||d��S(u4
        Generate minion RSA public keypair
        u.pub(
R�Rtcrypttgen_keysR�Rt
pem_fingerRRR (RR�R�R�R+((s,/usr/lib/python2.7/site-packages/salt/key.pyR��scC@stjj||||j�S(u6
        Generate master public-key-signature
        (RR�t
gen_signatureR�(Rtprivkeytpubkeytsig_path((s,/usr/lib/python2.7/site-packages/salt/key.pyR��sc
C@s�|r(tjj|�sXdj|�Sn0|jddd}tjj|�rX|}n|r�tjj|�s�dj|�Sn0|jddd}tjj|�r�|}n|sM|rFtjd|jd|jd�tjj	|jd|jd|p
|jd	|jj
d
�|j�|jdd|jdd}qMdSn|sWd
Stjd|�tjd|�|r�tjj|�s�tjd|�q�n
|jd}|d|jd}t
|j�}	|	j|||�S(u6
        Generate master public-key-signature
        uPublic-key {0} does not existupki_diru/u
master.pubuPrivate-key {0} does not existumaster_sign.pemu+Generating new signing key-pair .%s.* in %sumaster_sign_key_nameukeysizeuuseru.pemuNo usable private-key founduNo usable public-key founduUsing public-key %suUsing private-key %su"target directory %s does not existumaster_pubkey_signature(RRtisfileRIRR(tdebugRR�R�RR�tisdirR	R�(
Rtprivtpubtsignature_pathtauto_createR�tmpubtmprivt	sign_pathtskey((s,/usr/lib/python2.7/site-packages/salt/key.pytgen_keys_signature�sF		

#
cC@s�|dkrg}n|j�}g}x*tj|�D]\}}|j|�q7W|jjdt�s�tj	j
|jd|j�}tj	j|�r$x�tj
|�D]s}||kr�||kr�y tjtj	j
||��Wqttfk
r}tjd||�q�qXq�q�Wntjj|j�}	|	j|j�}
|
r�xH|
D]=}||krX||krX|	jdj|j|��qXqXWq�ndS(u�
        Check the minion cache to make sure that old minion data is cleared

        Optionally, pass in a list of minions which should have their caches
        preserved. To preserve all caches, set __opts__['preserve_minion_cache']
        upreserve_minion_cacheucachediru2Key: Delete cache for %s got OSError/IOError: %s 
u{0}/{1}N(Rt	list_keysRt	iteritemstextendRRRRRR RQR�tlistdirtshutiltrmtreetOSErrorR$R(twarningRtcachetfactorytlisttflushRI(Rtpreserve_minionsRTRhRtvaltm_cacheR<texR�tclist((s,/usr/lib/python2.7/site-packages/salt/key.pytcheck_minion_cache�s0	 	
cC@s0tjjtjj|jdd��s,tStS(u~
        Log if the master is not running

        :rtype: bool
        :return: Whether or not the master is running
        usock_dirupublish_pull.ipc(RRtexistsR RRRo(R((s,/usr/lib/python2.7/site-packages/salt/key.pytcheck_masters		
c	C@s<|r|j�}n|j�}i}d|krWt|tj�rW|jd�}nx�tj|�D]�\}}x�tjj	j
|�D]�}t|t�r�x�|D]E}tj||�r�||kr�g||<n||j
|�q�q�Wq�tj||�r�||krg||<n||j
|�q�q�WqgW|S(uY
        Accept a glob which to match the of a key and return the key's location
        u,(tall_keysR�RFRtstring_typestsplitR�RRtdatatsorted_ignorecaseR�tfnmatchR:(	RRXtfulltmatchesRLRwRTRt
match_item((s,/usr/lib/python2.7/site-packages/salt/key.pyt
name_match"s&


cC@s�i}|j�}x�tj|�D]�\}}x�tjjj|�D]o}xf|j|j|j	|j
fD]F}|ritj|j
|g�|�ri|j|g�j|�qiqiWqDWq"W|S(uh
        Accept a dictionary of keys and return the current state of the
        specified keys
        (R�RR�RRR�R�RQRORRRSR�tfilterRt
setdefaultR:(Rt
match_dictRLtcur_keysRwRTRR�((s,/usr/lib/python2.7/site-packages/salt/key.pyt
dict_match<s%$(cC@s�igd6}x�tjjjtj|jd��D]i}|jd�sW|jd�r3tjj	|jd|�}tjj
|�r�|dj|�q�q3q3W|S(u-
        Return a dict of local keys
        ulocalupki_diru.pubu.pem(RRR�R�RR�RRRR R�R:(RRLtfn_R((s,/usr/lib/python2.7/site-packages/salt/key.pyt
local_keysJs
,cC@sg}|j�}i}x�|D]�}|dkr7qng|tjj|�<y�x�tjjjtj	|��D]h}|j
d�sotjjtjj||��r�|tjj|�j
tjjj|��q�qoqoWWqttfk
r�qqXqW|S(uK
        Return a dict of managed keys and what the key status are
        u.N(R�RRRtbasenameRRR�R�R�RR�R R:R!R"R�R$(Rtkey_dirsRLtdir_R�((s,/usr/lib/python2.7/site-packages/salt/key.pyR�Vs 
%!$cC@s#|j�}|j|j��|S(u4
        Merge managed keys with local keys
        (R�R*R�(RRT((s,/usr/lib/python2.7/site-packages/salt/key.pyR�tscC@s�|j�\}}}}i}|jd�r�g|tjj|�<x�tjjjtj	|��D]Y}|jd�sbtjj
tjj||��r�|tjj|�j|�q�qbqbWn |jd�s�|jd�rug|tjj|�<x�tjjjtj	|��D]Y}|jd�stjj
tjj||��rn|tjj|�j|�qnqqWnm|jd�rg|tjj|�<xEtjjjtj	|��D]Y}|jd�s�tjj
tjj||��r|tjj|�j|�qq�q�Wn�|jd�r�|dk	r�g|tjj|�<x�tjjjtj	|��D]Y}|jd�sitjj
tjj||��r�|tjj|�j|�q�qiqiWn|jd�r�|j�S|S(	uD
        Return a dict of managed keys under a named status
        uaccu.upreuunurejudenuallN(R�RRRR�RRR�R�R�R�R R:RR�(RRXtacctpretrejtdenRLR�((s,/usr/lib/python2.7/site-packages/salt/key.pyRx|s:%!*%!*%!*%!*
c	C@s�i}x�tj|j|��D]�\}}i||<x�tjjj|�D]i}tjj	|j
d||�}tjjj|d��*}tjj
j|j��|||<WdQXqKWqW|S(uI
        Return the specified public key or keys based on a glob
        upki_dirurN(RR�R�RRR�R�RRR RRRR!R"tread(RRXRLRwRTRRR1((s,/usr/lib/python2.7/site-packages/salt/key.pytkey_str�s%
1c	C@s�i}x�tj|j��D]�\}}i||<x�tjjj|�D]i}tjj	|j
d||�}tjjj|d��*}tjj
j|j��|||<WdQXqHWqW|S(u0
        Return all managed key strings
        upki_dirurN(RR�R�RRR�R�RRR RRRR!R"R�(RRLRwRTRRR1((s,/usr/lib/python2.7/site-packages/salt/key.pytkey_str_all�s"
1c
	C@s}|dk	r|j|�}n*|dk	rBt|t�rB|}ni}|jg}|rm|j|j�n|r�|j|j�nx�|D]�}x�|j|g�D]�}y�t	j
tjj
|jd||�tjj
|jd|j|��itd6dd6|d6}	|jj|	tjjjdd��Wq�ttfk
rNq�Xq�Wq�W|dk	rp|j|�S|j|�S(	u�
        Accept public keys. If "match" is passed, it is evaluated as a glob.
        Pre-gathered matches can also be passed via "match_dict".
        upki_diruresultuacceptuactuidtprefixukeyN(RR�RFRGROR:RRRSRR�tmoveRRR RRQRoR�t
fire_eventRRttagifyR$R�R�(
RRXR�RzR{R�tkeydirsR�Rteload((s,/usr/lib/python2.7/site-packages/salt/key.pyR|�s>	
	
	



cC@s�|j�}x�||jD]�}y�tjtjj|jd|j|�tjj|jd|j|��it	d6dd6|d6}|j
j|tj
j
jdd��Wqttfk
r�qXqW|j�S(u(
        Accept all keys in pre
        upki_diruresultuacceptuactuidR�ukey(R�ROR�R�RRR RRQRoR�R�RRR�R$R�(RRTRR�((s,/usr/lib/python2.7/site-packages/salt/key.pyR}�s(	
	



c	C@s!|dk	r|j|�}n*|dk	rBt|t�rB|}ni}x9tj|�D](\}}x|D]}y�|r�|jjd�tkr�t	d�q�y,t
jjd|j�}	|	j
|d�Wq�t
jjk
r�t	dj|��q�Xntjtjj|jd||��itd6dd	6|d
6}
|jj|
t
jjjdd��Wqkttfk
r{qkXqkWqXW|jjd
�tkr�|jd|jdg��n
|j�|jjd�r�t
jj|jd|jd�n|dk	r|j|�S|j|�S(u�
        Delete public keys. If "match" is passed, it is evaluated as a glob.
        Pre-gathered matches can also be passed via "match_dict".

        To preserve the master caches of minions who are matched, set preserve_minions
        urotate_aes_keyu�Immediate auth revocation specified but AES key rotation not allowed. Minion will not be disconnected until the master AES key is rotated.tmoptsusaltutil.revoke_authu�Cannot contact Salt master. Connection for {0} will remain up until master AES key is rotated or auth is revoked with 'saltutil.revoke_auth'.upki_diruresultudeleteuactuidR�ukeyupreserve_minionsR�uminionsucachediruuserN( RR�RFRGRR�RRRRWRRtget_local_clientt	cmd_asyncRdtSaltClientErrorRIRtremoveRR RoR�R�RR�R�R$R�R�tdropfileR�(RRXR�R�trevoke_authR�RwRTRRR�((s,/usr/lib/python2.7/site-packages/salt/key.pyt
delete_key�s@	

	&


$cC@s�|j�}x�tj|j��D]�\}}x�||jD]�}yjtjtjj|jd||��it	d6dd6|d6}|j
j|tj
j
jdd��Wq<ttfk
r�q<Xq<Wq"W|j�|j�S(u(
        Delete all denied keys
        upki_diruresultudeleteuactuidR�ukey(R�RR�RSRR�RR RRoR�R�RRR�R�R$R�(RRTRwRR�((s,/usr/lib/python2.7/site-packages/salt/key.pyt
delete_den1s"&


cC@sx�tj|j��D]�\}}x�|D]�}yjtjtjj|jd||��itd6dd6|d6}|j	j
|tjj	j
dd��Wq)ttfk
r�q)Xq)WqW|j�|jjd�r�tjj|jd	|jd
�n|j�S(u!
        Delete all keys
        upki_diruresultudeleteuactuidR�ukeyurotate_aes_keyucachediruuser(RR�R�RR�RR RRoR�R�RRR�R�R$R�RR�R�(RRwRTRR�((s,/usr/lib/python2.7/site-packages/salt/key.pyRDs"
&


$c
	C@s�|dk	r|j|�}n*|dk	rBt|t�rB|}ni}|jg}|rm|j|j�n|r�|j|j�nx�|D]�}x�|j|g�D]�}y�t	j
tjj
|jd||�tjj
|jd|j|��itd6dd6|d6}	|jj|	tjjjdd��Wq�ttfk
rNq�Xq�Wq�W|j�|jjd�r�tjj|jd	|jd
�n|dk	r�|j|�S|j|�S(u�
        Reject public keys. If "match" is passed, it is evaluated as a glob.
        Pre-gathered matches can also be passed via "match_dict".
        upki_diruresulturejectuactuidR�ukeyurotate_aes_keyucachediruuserN(RR�RFRGROR:RQRSRR�R�RRR RRRRoR�R�RRR�R$R�R�R�R�R�(
RRXR�R�R{R�R�R�RR�((s,/usr/lib/python2.7/site-packages/salt/key.pyR�XsD	
	
	




$cC@s|j�}x�||jD]�}y�tjtjj|jd|j|�tjj|jd|j|��it	d6dd6|d6}|j
j|tj
j
jdd��Wqttfk
r�qXqW|j�|jjd�r
tjj|jd	|jd
�n|j�S(u(
        Reject all keys in pre
        upki_diruresulturejectuactuidR�ukeyurotate_aes_keyucachediruuser(R�ROR�R�RRR RRRRoR�R�RRR�R$R�R�RR�R�(RRTRR�((s,/usr/lib/python2.7/site-packages/salt/key.pyR��s.	
	




$c	C@s�|dkrtd}n|j|t�}i}x�tj|�D]�\}}i||<x{|D]s}|dkr�tjj|j	d|�}ntjj|j	d||�}t
jjj
|d|�|||<q^WqAW|S(u<
        Return the fingerprint for a specified key
        u	hash_typeulocalupki_dirtsum_typeN(Rt__opts__R�RoRR�RRR RRRR�R�(	RRXR�R�RLRwRTRR((s,/usr/lib/python2.7/site-packages/salt/key.pyR��s


+cC@s�|dkrtd}ni}x�tj|j��D]�\}}i||<x{|D]s}|dkr�tjj|jd|�}ntjj|jd||�}t	j
jj|d|�|||<qRWq5W|S(u2
        Return fingerprints for all keys
        u	hash_typeulocalupki_dirR�N(
RR�RR�R�RRR RRRR�R�(RR�RLRwRTRR((s,/usr/lib/python2.7/site-packages/salt/key.pyR��s
"

+N("RkRlRmRQRORRRSRRR�R�R�R�RR�R�R�R�R�R�R�R�RxR�R�R|R}R�R�RR�R�R�R�(((s,/usr/lib/python2.7/site-packages/salt/key.pyRosB	
				9 						"		)	0		,	RcB@sCeZdZdZdZdZdZd�Zd�Z	e
d�Zddddd�Zd�Z
d	�Zd
�Zd�Zd�Zd
�Zd�Zdde
e
d�Zd�Zddde
d�Zd�Zdde
e
d�Zd�Zdd�Zdd�Zd�Zed�Zd�Zd�Zd�Z d�Z!RS(u+
    Manage keys from the raet backend
    uacceptedupendingurejectedcC@sGtj||�tjjj|j�|_tjj	|j�|_
dS(N(RRRtdaemonst	masterapitAutoKeyRtauto_keytpayloadtSerialtserial(RR((s,/usr/lib/python2.7/site-packages/salt/key.pyR�scC@smtjj|jd|j�}tjj|jd|j�}tjj|jd|j�}|||dfS(u8
        Return the minion keys directory paths
        upki_dirN(RRR RRQRORRR(RtacceptedR�trejected((s,/usr/lib/python2.7/site-packages/salt/key.pyR��sc	C@s�|j�}g}x*tj|�D]\}}|j|�q"Wtjj|jdd�}|jjdt	�s�tjj
|�r�x�tj|�D]s}||kr�||kr�y tj
tjj||��Wqttfk
r}tjd||�q�qXq�q�Wtjj|j�}	|	j|j�}
|
r�xH|
D]=}||kr=||kr=|	jdj|j|��q=q=Wq�q�n|jjdd�}|tjjjkr�dj|�}tj|d	�t|��n|jjd
d�}
|
s!d}tj|d	�t|��ndj|
|�}tjj|jdd
|d�}tjj
|�r�x"tj|�D]}tjj|�\}}|dkr�qwn|jd�\}}}|sw|dkr�qwntjj||�}tjj j!|d��~}|dkr,tjj"j#|�}n|dkrJt$j#|�}ntjj%j&|d�}
|
|krtj'|�nWdQXqwWndS(uU
        Check the minion cache to make sure that old minion data is cleared
        ucachediruminionsupreserve_minion_cacheu6RaetKey: Delete cache for %s got OSError/IOError: %s 
u{0}/{1}u__roleuu!Invalid application kind = '{0}'.u
uiduInvalid id.u{0}_{1}uraeturemoteu.jsonu.msgpacku.uestateurburoleN(u.jsonu.msgpack((R�RR�R�RRR RRRR�R�R�R�R�R$R(R�RR�R�R�RQR�RIRR�R�R)R�tsplitextt	partitionRRtjsontloadtmsgpackR!R"R�(RR�RTRhRR�R�R<R�R�R�R�R�troletnamet
road_cachetroadtroottextR�tsepRR1R�((s,/usr/lib/python2.7/site-packages/salt/key.pyR��sl 	
,	c	C@sqddl}|jj�}|j||||�\}}}}djtjj||��}|j|d�dS(uG
        Use libnacl to generate and safely save a private key
        iNu{0}.keyumsgpack(	tlibnacl.dualtdualt
DualSecretR�RIRRR tsave(	RR�R�R�R+tlibnacltd_keyt_R((s,/usr/lib/python2.7/site-packages/salt/key.pyR�scC@stS(uN
        Log if the master is not running
        NOT YET IMPLEMENTED
        (Ro(R((s,/usr/lib/python2.7/site-packages/salt/key.pyR�)scC@sSigd6}tjj|jdd�}tjj|�rO|dj|�n|S(u-
        Return a dict of local keys
        ulocalupki_diru	local.key(RRR RR�R:(RRLR�((s,/usr/lib/python2.7/site-packages/salt/key.pyR�0s

c
C@s[|j�\}}}}tjj||�}tjj||�}	tjj||�}
tjjj|�}tjjj|�}i|d6|d6|d6}|jdr�tjj	j
|d��'}|j|jj
|��|jSWdQXntjj|
�rtjd�|jStjj|�r�tjj	j
|d��}|jj|j��}WdQX|d|kr�|d|kr�|jStjd	�|jSn�tjj|	�r�|jj|�}
|jj|�}tjj	j
|	d��}|jj|j��}WdQX|d|krs|d|krs|
rR|j|�tjd
�|jS|rl|j|�|jS|jStjd�|jSn|jj|�}
|jj|�}|jdr�|}|j}nL|r�|}|j}n4|
r
|
}tjd
�|j}n|	}|j}tjj	j
|d��$}|j|jj
|��|SWdQXdS(u
        Accepts the minion id, device id, curve public and verify keys.
        If the key is not present, put it in pending and return "pending",
        If the key has been accepted return "accepted"
        if the key should be rejected, return "rejected"
        u	minion_idupubuverifyu	open_modeuw+bNu)Rejection Reason: Keys already rejected.
urbu1Rejection Reason: Keys not match prior accepted.
u&Rejection Reason: Auto reject pended.
u/Rejection Reason: Keys not match prior pended.
uauto_acceptu#Rejection Reason: Auto reject new.
(R�RRR RRR!tto_strRRRtwriteR�tdumpsRQR�R(R�RRtloadsR�R�tcheck_autorejecttcheck_autosignR�R|RO(Rt	minion_idR�tverifyR�R�R�Rtacc_pathtpre_pathtrej_pathtkeydataR1tauto_rejectt	auto_signtw_pathRL((s,/usr/lib/python2.7/site-packages/salt/key.pyRw:sr


 

 






	cC@sttjj|jd||�}tjjj|d��7}|jj	|j
��}dj|d|d�SWdQXdS(ud
        Return the key string in the form of:

        pub: <pub>
        verify: <verify>
        upki_dirurbupub: {0}
verify: {1}upubuverifyN(RRR RRRRRR�RR�RI(RRRwRR1R((s,/usr/lib/python2.7/site-packages/salt/key.pyt_get_key_str�scC@sftjjj|d��9}|jj|j��}dj|d|d�}WdQXtj	|�j
�S(u9
        Return a sha256 kingerprint for the key
        urbupub: {0}
verify: {1}upubuverifyN(RRRRR�RR�RIthashlibtsha256t	hexdigest(RRR1RR((s,/usr/lib/python2.7/site-packages/salt/key.pyt_get_key_finger�scC@swi}xjtj|j|��D]P\}}i||<x7tjjj|�D] }|j||�|||<qKWqW|S(uI
        Return the specified public key or keys based on a glob
        (RR�R�RRR�R�R(RRXRLRwRTR((s,/usr/lib/python2.7/site-packages/salt/key.pyR��s%
"cC@sti}xgtj|j��D]P\}}i||<x7tjjj|�D] }|j||�|||<qHWqW|S(u0
        Return all managed key strings
        (RR�R�RRR�R�R(RRLRwRTR((s,/usr/lib/python2.7/site-packages/salt/key.pyR��s"
"c		C@s=|dk	r|j|�}n*|dk	rBt|t�rB|}ni}|jg}|rm|j|j�n|r�|j|j�nx�|D]�}x}|j|g�D]i}yIt	j
tjj
|jd||�tjj
|jd|j|��Wq�ttfk
rq�Xq�Wq�W|dk	r0|j|�S|j|�S(u�
        Accept public keys. If "match" is passed, it is evaluated as a glob.
        Pre-gathered matches can also be passed via "match_dict".
        upki_dirN(RR�RFRGROR:RRRSRR�R�RRR RRQR$R�R�(	RRXR�RzR{R�R�R�R((s,/usr/lib/python2.7/site-packages/salt/key.pyR|�s4	
	
	
cC@s�|j�}x{||jD]l}yLtjtjj|jd|j|�tjj|jd|j|��Wqt	t
fk
r�qXqW|j�S(u(
        Accept all keys in pre
        upki_dir(R�ROR�R�RRR RRQR$R�(RRTR((s,/usr/lib/python2.7/site-packages/salt/key.pyR}�s	
	
c
	C@s�|d
k	r|j|�}n*|d
k	rBt|t�rB|}ni}x�tj|�D]�\}}x�|D]�}|r�|jjd�tkr�t	d�q�y,t
jjd|j�}	|	j
|d�Wq�t
jjk
r�t	dj|��q�Xny*tjtjj|jd||��Wqkttfk
r;qkXqkWqXW|jjd�tkr{|jd|jd	g��n
|j�|d
k	r�|j|�S|j|�S(u�
        Delete public keys. If "match" is passed, it is evaluated as a glob.
        Pre-gathered matches can also be passed via "match_dict".
        urotate_aes_keyu�Immediate auth revocation specified but AES key rotation not allowed. Minion will not be disconnected until the master AES key is rotated.R�usaltutil.revoke_authu�Cannot contact Salt master. Connection for {0} will remain up until master AES key is rotated or auth is revoked with 'saltutil.revoke_auth'.upki_dirupreserve_minionsR�uminionsN(RR�RFRGRR�RRRRWRRR�R�RdR�RIRR�RR R�R$RoR�R�(
RRXR�R�R�R�RwRTRR((s,/usr/lib/python2.7/site-packages/salt/key.pyR��s2		

	*
cC@s�xxtj|j��D]a\}}xR|D]J}y*tjtjj|jd||��Wq)tt	fk
rrq)Xq)WqW|j
�|j�S(u!
        Delete all keys
        upki_dir(RR�R�RR�RR RR�R$R�(RRwRTR((s,/usr/lib/python2.7/site-packages/salt/key.pyRs"
*
c		C@sG|dk	r|j|�}n*|dk	rBt|t�rB|}ni}|jg}|rm|j|j�n|r�|j|j�nx�|D]�}x}|j|g�D]i}yIt	j
tjj
|jd||�tjj
|jd|j|��Wq�ttfk
rq�Xq�Wq�W|j�|dk	r:|j|�S|j|�S(u�
        Reject public keys. If "match" is passed, it is evaluated as a glob.
        Pre-gathered matches can also be passed via "match_dict".
        upki_dirN(RR�RFRGROR:RQRSRR�R�RRR RRRR$R�R�R�(	RRXR�R�R{R�R�R�R((s,/usr/lib/python2.7/site-packages/salt/key.pyR�"s6	
	
	

cC@s�|j�}x{||jD]l}yLtjtjj|jd|j|�tjj|jd|j|��Wqt	t
fk
r�qXqW|j�|j�S(u(
        Reject all keys in pre
        upki_dir(R�ROR�R�RRR RRRR$R�R�(RRTR((s,/usr/lib/python2.7/site-packages/salt/key.pyR�Gs 	
	

c	C@s�|dkrtd}n|j|t�}i}x�tj|�D]�\}}i||<xo|D]g}|dkr�tjj|j	d|�}ntjj|j	d||�}|j
|�|||<q^WqAW|S(u<
        Return the fingerprint for a specified key
        u	hash_typeulocalupki_dirN(RR�R�RoRR�RRR RR (	RRXR�R�RLRwRTRR((s,/usr/lib/python2.7/site-packages/salt/key.pyR�]s


cC@s�|dkrtd}ni}x�tj|j��D]�\}}i||<xo|D]g}|dkr�tjj|jd|�}ntjj|jd||�}|j	|�|||<qRWq5W|S(u2
        Return fingerprints for all keys
        u	hash_typeulocalupki_dirN(
RR�RR�R�RRR RR (RR�RLRwRTRR((s,/usr/lib/python2.7/site-packages/salt/key.pyR�ps
"

cC@spi}xctj|j��D]L\}}x=|D]5}|j||�}|r/||d<|||<q/q/WqW|S(u6
        Return a dict of all remote key data
        u
acceptance(RR�R�tread_remote(RR�RwtmidstmidR((s,/usr/lib/python2.7/site-packages/salt/key.pytread_all_remote�s"

cC@sptjj|jd||�}tjj|�s5iStjjj|d��}|j	j
|j��SWdQXdS(u0
        Read in a remote key of status
        upki_dirurbN(RRR RR�RRRRR�RR�(RRRwRR1((s,/usr/lib/python2.7/site-packages/salt/key.pyR!�s
cC@smtjj|jdd�}tjj|�s2iStjjj|d��}|j	j
|j��SWdQXdS(uf
        Read in the local private keys, return an empy dict if the keys do not
        exist
        upki_diru	local.keyurbN(RRR RR�RRRRR�RR�(RRR1((s,/usr/lib/python2.7/site-packages/salt/key.pyt
read_local�s
cC@s�i|d6|d6}tjj|jdd�}tjjjd���tjj|�rutj	|t
jt
jB�ntjjj
|d��3}|j|jj|��tj	|t
j�WdQXWdQXdS(uM
        Write the private key and the signing key to a file on disk
        uprivusignupki_diru	local.keyi�uw+N(RRR RRRRt	set_umaskR�tchmodtstattS_IWUSRtS_IRUSRRRR�R(RR�tsignRRR1((s,/usr/lib/python2.7/site-packages/salt/key.pytwrite_local�s

cC@sBtjj|jdd�}tjj|�r>tj|�ndS(u3
        Delete the local private key file
        upki_diru	local.keyN(RRR RR�R�(RR((s,/usr/lib/python2.7/site-packages/salt/key.pytdelete_local�scC@s3|jd}tjj|�r/tj|�ndS(u2
        Delete the private key directory
        upki_dirN(RRRR�R�R�(RR((s,/usr/lib/python2.7/site-packages/salt/key.pytdelete_pki_dir�s
N("RkRlRmRQRORRRRSRR�RR�R�R�R�RwRR R�R�R|R}R�RR�R�R�R�R$R!R%R,R-R.(((s,/usr/lib/python2.7/site-packages/salt/key.pyR�sB			>
		
	H				$	'	
%		
			(.Rmt
__future__RRRRRrR(R�R�Rtloggingt
salt.cacheRtsalt.clientt
salt.crypttsalt.daemons.masterapitsalt.exceptionstsalt.miniontsalt.utils.argstsalt.utils.crypttsalt.utils.datatsalt.utils.eventtsalt.utils.filestsalt.utils.jsontsalt.utils.kindstsalt.utils.mastertsalt.utils.sdbtsalt.utils.stringutilstsalt.utils.usertsalt.extRtsalt.ext.six.movesRRR�tImportErrort	getLoggerRkR(R	tobjectR
RnRR(((s,/usr/lib/python2.7/site-packages/salt/key.pyt<module>sN
	�A��Z

Zerion Mini Shell 1.0