[Python-modules-commits] [junos-eznc] 07/07: d/patches: add patch to make SSH work with keys and agent
Vincent Bernat
bernat at moszumanska.debian.org
Sun Nov 12 18:41:08 UTC 2017
This is an automated email from the git hooks/post-receive script.
bernat pushed a commit to annotated tag debian/2.1.7-1
in repository junos-eznc.
commit e41b3deec32155a7d8b1e3c31352f608cf625e83
Author: Vincent Bernat <vincent at bernat.im>
Date: Sun Nov 12 19:34:45 2017 +0100
d/patches: add patch to make SSH work with keys and agent
This is https://github.com/Juniper/py-junos-eznc/pull/648. Upstream
seem to not understand how agent should work.
---
debian/changelog | 1 +
...ide-the-key-if-it-comes-from-the-SSH-conf.patch | 48 ++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 50 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index ddafda6..c55cbae 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,7 @@ junos-eznc (2.1.7-1) unstable; urgency=medium
* d/control: bump Standards-Version.
* d/control: add Python 3 package.
* d/control: add build-dependencies on python*-serial.
+ * d/patches: add patch to make SSH work with keys and agent.
-- Vincent Bernat <bernat at debian.org> Sun, 12 Nov 2017 19:15:05 +0100
diff --git a/debian/patches/0001-Do-not-provide-the-key-if-it-comes-from-the-SSH-conf.patch b/debian/patches/0001-Do-not-provide-the-key-if-it-comes-from-the-SSH-conf.patch
new file mode 100644
index 0000000..406268a
--- /dev/null
+++ b/debian/patches/0001-Do-not-provide-the-key-if-it-comes-from-the-SSH-conf.patch
@@ -0,0 +1,48 @@
+From: Vincent Bernat <vincent at bernat.im>
+Date: Fri, 13 Jan 2017 20:12:01 +0100
+Subject: Do not provide the key if it comes from the SSH configuration
+
+This is a followup of #628 where this change was initially pushed but
+reverted because I didn't remember why I did it. Before #628, when an
+identity is provided in the SSH configuration, it was not copied in
+`_conf_ssh_private_key_file` due to a bug. After fixing the bug in #628,
+the key is now copied.
+
+However, the SSH configuration is provided to the `connect()` method
+which will use it if needed. Therefore, this is not needed. Moreover, if
+the key is provided by an agent and/or encrypted, this won't work as,
+later in the code, `allow_agent` will be set to `False` due to the
+presence of a private key.
+---
+ lib/jnpr/junos/device.py | 5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py
+index 09ac26e..6e98791 100644
+--- a/lib/jnpr/junos/device.py
++++ b/lib/jnpr/junos/device.py
+@@ -404,7 +404,6 @@ class _Connection(object):
+ self._hostname = found.get('hostname', self._hostname)
+ self._port = found.get('port', self._port)
+ self._conf_auth_user = found.get('user')
+- self._conf_ssh_private_key_file = found.get('identityfile')
+ return sshconf_path
+
+ def display_xml_rpc(self, command, format='xml'):
+@@ -1141,15 +1140,13 @@ class Device(_Connection):
+ # user will default to $USER
+ self._auth_user = os.getenv('USER')
+ self._conf_auth_user = None
+- self._conf_ssh_private_key_file = None
+ # user can get updated by ssh_config
+ self._ssh_config = kvargs.get('ssh_config')
+ self._sshconf_lkup()
+ # but if user or private key is explicit from call, then use it.
+ self._auth_user = kvargs.get('user') or self._conf_auth_user or \
+ self._auth_user
+- self._ssh_private_key_file = kvargs.get('ssh_private_key_file') \
+- or self._conf_ssh_private_key_file
++ self._ssh_private_key_file = kvargs.get('ssh_private_key_file')
+ self._auth_password = kvargs.get(
+ 'password') or kvargs.get('passwd')
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..4c019b6
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-Do-not-provide-the-key-if-it-comes-from-the-SSH-conf.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/junos-eznc.git
More information about the Python-modules-commits
mailing list