%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /usr/lib/python2.7/site-packages/salt/wheel/
Upload File :
Create Path :
Current File : //usr/lib/python2.7/site-packages/salt/wheel/key.pyo

�
���^c@@s�dZddlmZmZmZddlZddlZddlZddlm	Z	ddl
ZddlZddl
ZddlZddlmZidd6dd	6Zeje�Zd
�Zd�Zd�Zeed
�Zeed�Zd�Zd�Zeed�Zeed�Zd�Zdd�Z!dd�Z"ddd�Z#ded�Z$ddddd�Z%edd�Z&dS(u?
Wheel system wrapper for the Salt key system to be used in interactions with
the Salt Master programmatically.

The key module for the wheel system is meant to provide an internal interface
for other Salt systems to interact with the Salt Master. The following usage
examples assume that a WheelClient is available:

.. code-block:: python

    import salt.config
    import salt.wheel
    opts = salt.config.master_config('/etc/salt/master')
    wheel = salt.wheel.WheelClient(opts)

Note that importing and using the ``WheelClient`` must be performed on the same
machine as the Salt Master and as the same user that runs the Salt Master,
unless :conf_master:`external_auth` is configured and the user is authorized
to execute wheel functions.

The function documentation starts with the ``wheel`` reference from the code
sample above and use the :py:class:`WheelClient` functions to show how they can
be called from a Python interpreter.

The wheel key functions can also be called via a ``salt`` command at the CLI
using the :mod:`saltutil execution module <salt.modules.saltutil>`.
i(tabsolute_importtprint_functiontunicode_literalsN(tget_key(tcleanulistulist_uprintukey_strcC@stt�}|j|�S(u�
    List all the keys under a named status. Returns a dictionary.

    match
        The type of keys to list. The ``pre``, ``un``, and ``unaccepted``
        options will list unaccepted/unsigned keys. ``acc`` or ``accepted`` will
        list accepted/signed keys. ``rej`` or ``rejected`` will list rejected keys.
        Finally, ``all`` will list all keys.

    .. code-block:: python

        >>> wheel.cmd('key.list', ['accepted'])
        {'minions': ['minion1', 'minion2', 'minion3']}
    (Rt__opts__tlist_status(tmatchtskey((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pytlist_5scC@stt�}|j�S(u�
    List all the keys. Returns a dictionary containing lists of the minions in
    each salt-key category, including ``minions``, ``minions_rejected``,
    ``minions_denied``, etc. Returns a dictionary.

    .. code-block:: python

        >>> wheel.cmd('key.list_all')
        {'local': ['master.pem', 'master.pub'], 'minions_rejected': [],
        'minions_denied': [], 'minions_pre': [],
        'minions': ['minion1', 'minion2', 'minion3']}
    (RRtall_keys(R((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pytlist_allHs
cC@stt�}|j|�S(u1
    List all the keys based on a glob match
    (RRt
name_match(RR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyRYscC@s%tt�}|j|d|d|�S(u
    Accept keys based on a glob match. Returns a dictionary.

    match
        The glob match of keys to accept.

    include_rejected
        To include rejected keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

    include_denied
        To include denied keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

    .. code-block:: python

        >>> wheel.cmd('key.accept', ['minion1'])
        {'minions': ['minion1']}
    tinclude_rejectedtinclude_denied(RRtaccept(RR
RR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyRascC@s(tt�}|jd|d|d|�S(u`
    Accept keys based on a dict of keys. Returns a dictionary.

    match
        The dictionary of keys to accept.

    include_rejected
        To include rejected keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

        .. versionadded:: 2016.3.4

    include_denied
        To include denied keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

        .. versionadded:: 2016.3.4

    Example to move a list of keys from the ``minions_pre`` (pending) directory
    to the ``minions`` (accepted) directory:

    .. code-block:: python

        >>> wheel.cmd('key.accept_dict',
        {
            'minions_pre': [
                'jerry',
                'stuart',
                'bob',
            ],
        })
        {'minions': ['jerry', 'stuart', 'bob']}
    t
match_dictR
R(RRR(RR
RR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pytaccept_dictys"cC@stt�}|j|�S(u-
    Delete keys based on a glob match. Returns a dictionary.

    match
        The glob match of keys to delete.

    .. code-block:: python

        >>> wheel.cmd_async({'fun': 'key.delete', 'match': 'minion1'})
        {'jid': '20160826201244808521', 'tag': 'salt/wheel/20160826201244808521'}
    (RRt
delete_key(RR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pytdelete�scC@stt�}|jd|�S(u�
    Delete keys based on a dict of keys. Returns a dictionary.

    match
        The dictionary of keys to delete.

    .. code-block:: python

        >>> wheel.cmd_async({'fun': 'key.delete_dict',
        'match': {
            'minions': [
                'jerry',
                'stuart',
                'bob',
            ],
        })
        {'jid': '20160826201244808521', 'tag': 'salt/wheel/20160826201244808521'}
    R(RRR(RR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pytdelete_dict�scC@s%tt�}|j|d|d|�S(uM
    Reject keys based on a glob match. Returns a dictionary.

    match
        The glob match of keys to reject.

    include_accepted
        To include accepted keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

    include_denied
        To include denied keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

    .. code-block:: python

        >>> wheel.cmd_async({'fun': 'key.reject', 'match': 'minion1'})
        {'jid': '20160826201244808521', 'tag': 'salt/wheel/20160826201244808521'}
    tinclude_acceptedR(RRtreject(RRRR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyR�scC@s(tt�}|jd|d|d|�S(u
    Reject keys based on a dict of keys. Returns a dictionary.

    match
        The dictionary of keys to reject.

    include_accepted
        To include accepted keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

        .. versionadded:: 2016.3.4

    include_denied
        To include denied keys in the match along with pending keys, set this
        to ``True``. Defaults to ``False``.

        .. versionadded:: 2016.3.4

    .. code-block:: python

        >>> wheel.cmd_async({'fun': 'key.reject_dict',
        'match': {
            'minions': [
                'jerry',
                'stuart',
                'bob',
            ],
        })
        {'jid': '20160826201244808521', 'tag': 'salt/wheel/20160826201244808521'}
    RRR(RRR(RRRR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pytreject_dict�scC@stt�}|j|�S(u_
    Return information about the key. Returns a dictionary.

    match
        The key to return information about.

    .. code-block:: python

        >>> wheel.cmd('key.key_str', ['minion1'])
        {'minions': {'minion1': '-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0B
        ...
        TWugEQpPt\niQIDAQAB\n-----END PUBLIC KEY-----'}}
    (RRtkey_str(RR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyRscC@s5|dkrtd}ntt�}|j||�S(uu
    Return the matching key fingerprints. Returns a dictionary.

    match
        The key for with to retrieve the fingerprint.

    hash_type
        The hash algorithm used to calculate the fingerprint

    .. code-block:: python

        >>> wheel.cmd('key.finger', ['minion1'])
        {'minions': {'minion1': '5d:f6:79:43:5e:d4:42:3f:57:b8:45:a8:7e:a4:6e:ca'}}

    u	hash_typeN(tNoneRRtfinger(Rt	hash_typeR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyRs
cC@s_d}|dkrtd}ntjjjtjjtd|�d|�}ii||6d6S(u$
    Return the fingerprint of the master's public key

    hash_type
        The hash algorithm used to calculate the fingerprint

    .. code-block:: python

        >>> wheel.cmd('key.finger_master')
        {'local': {'master.pub': '5d:f6:79:43:5e:d4:42:3f:57:b8:45:a8:7e:a4:6e:ca'}}
    u
master.pubu	hash_typeupki_dirtsum_typeulocalN(	RRtsalttutilstcryptt
pem_fingertostpathtjoin(Rtkeynametfingerprint((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyt
finger_master.s
"icC@sE|dkr-tjtjd��j�}ntj|�}idd6dd6}tj	j
td||�}dj||j
d� �}tjjj|��&}tjjj|j��|d<WdQXtjjj|��&}tjjj|j��|d<WdQXtjjj�r'tj|d	�ntj|�tj|�|S(
u
    Generate a key pair. No keys are stored on the master. A key pair is
    returned as a dict containing pub and priv keys. Returns a dictionary
    containing the the ``pub`` and ``priv`` keys with their generated values.

    id\_
        Set a name to generate a key pair for use with salt. If not specified,
        a random name will be specified.

    keysize
        The size of the key pair to generate. The size must be ``2048``, which
        is the default, or greater. If set to a value less than ``2048``, the
        key size will be rounded up to ``2048``.

    .. code-block:: python

        >>> wheel.cmd('key.gen')
        {'pub': '-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBC
        ...
        BBPfamX9gGPQTpN9e8HwcZjXQnmg8OrcUl10WHw09SDWLOlnW+ueTWugEQpPt\niQIDAQAB\n
        -----END PUBLIC KEY-----',
        'priv': '-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA42Kf+w9XeZWgguzv
        ...
        QH3/W74X1+WTBlx4R2KGLYBiH+bCCFEQ/Zvcu4Xp4bIOPtRKozEQ==\n
        -----END RSA PRIVATE KEY-----'}

    i uuprivupubupki_diru{0}.pubu.Ni�(Rthashlibtsha512R!turandomt	hexdigestRtfilenameRRtgen_keysRtformattrindexRtfilestfopentstringutilst
to_unicodetreadtplatformt
is_windowstchmodtremove(tid_tkeysizetrettprivtpubtfp_((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pytgenCs !

%%

c	C@s�tj|�}t||�}tjjtdd|�}tjj|�rW|rWiStj	j
j|d��'}|jtj	j
j|d��WdQX|S(u�
    Generate a key pair then accept the public key. This function returns the
    key pair in a dict, only the public key is preserved on the master. Returns
    a dictionary.

    id\_
        The name of the minion for which to generate a key pair.

    keysize
        The size of the key pair to generate. The size must be ``2048``, which
        is the default, or greater. If set to a value less than ``2048``, the
        key size will be rounded up to ``2048``.

    force
        If a public key has already been accepted for the given minion on the
        master, then the gen_accept function will return an empty dictionary
        and not create a new key. This is the default behavior. If ``force``
        is set to ``True``, then the minion's previously accepted key will be
        overwritten.

    .. code-block:: python

        >>> wheel.cmd('key.gen_accept', ['foo'])
        {'pub': '-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBC
        ...
        BBPfamX9gGPQTpN9e8HwcZjXQnmg8OrcUl10WHw09SDWLOlnW+ueTWugEQpPt\niQIDAQAB\n
        -----END PUBLIC KEY-----',
        'priv': '-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA42Kf+w9XeZWgguzv
        ...
        QH3/W74X1+WTBlx4R2KGLYBiH+bCCFEQ/Zvcu4Xp4bIOPtRKozEQ==\n
        -----END RSA PRIVATE KEY-----'}

    We can now see that the ``foo`` minion's key has been accepted by the master:

    .. code-block:: python

        >>> wheel.cmd('key.list', ['accepted'])
        {'minions': ['foo', 'minion1', 'minion2', 'minion3']}
    upki_diruminionsuw+upubN(RtidR>R!R"R#RtisfileRRR/R0twriteR1tto_str(R8R9tforceR:tacc_pathR=((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyt
gen_acceptvs(&cC@s"tt�}|j||||�S(u,
    Generate minion RSA public keypair
    (RRR,(tkeydirR$R9tuserR((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyR,�scC@s%tt�}|j|||||�S(u.
    Generate master public-key-signature
    (RRtgen_keys_signature(R;R<tsignature_pathtauto_createR9R((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyt
gen_signature�s('t__doc__t
__future__RRRR!R'tloggingtsalt.keyRt
salt.cryptRtsalt.utils.crypttsalt.utils.filestsalt.utils.platformtsalt.utils.sanitizersRt__func_alias__t	getLoggert__name__tlogR	RRtFalseRRRRRRRRRR&R>RER,RK(((s2/usr/lib/python2.7/site-packages/salt/wheel/key.pyt<module>s<
			(		%	32

Zerion Mini Shell 1.0