From 01f45bdde7d09c1ad98d71178b1ee2362059b570 Mon Sep 17 00:00:00 2001 From: rsmekala Date: Tue, 19 Mar 2019 15:06:55 +0530 Subject: [PATCH 1/6] Added new option allow_agent --- lib/jnpr/junos/device.py | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py index 12fcfadb6..25983752e 100644 --- a/lib/jnpr/junos/device.py +++ b/lib/jnpr/junos/device.py @@ -1109,6 +1109,10 @@ def __init__(self, *vargs, **kvargs): :param bool normalize: *OPTIONAL* default is ``False``. If ``True`` then the XML returned by :meth:`execute` will have whitespace normalized + + :param bool allow_agent: + *OPTIONAL* default is ``False``. If ``True`` then the + SSH config file is not parsed by Pyez and passed down to ncclient """ # ---------------------------------------- @@ -1123,6 +1127,7 @@ def __init__(self, *vargs, **kvargs): self._normalize = kvargs.get('normalize', False) self._auto_probe = kvargs.get('auto_probe', self.__class__.auto_probe) self._fact_style = kvargs.get('fact_style', 'new') + self.allow_agent = kvargs.get('allow_agent', False) if self._fact_style != 'new': warnings.warn('fact-style %s will be removed in a future ' 'release.' % @@ -1155,10 +1160,14 @@ def __init__(self, *vargs, **kvargs): self._ssh_config = kvargs.get('ssh_config') self._sshconf_lkup() # but if user or private key is explicit from call, then use it. - self._auth_user = kvargs.get('user') or self._conf_auth_user or \ - self._auth_user - self._ssh_private_key_file = kvargs.get('ssh_private_key_file') \ - or self._conf_ssh_private_key_file + if self.allow_agent is True: + self._auth_user = kvargs.get('user') + self._ssh_private_key_file = kvargs.get('ssh_private_key_file') + else: + self._auth_user = kvargs.get('user') or self._conf_auth_user or \ + self._auth_user + self._ssh_private_key_file = kvargs.get('ssh_private_key_file') \ + or self._conf_ssh_private_key_file self._auth_password = kvargs.get( 'password') or kvargs.get('passwd') From 4c4150c4a3e30447c4187ad52981a9344128b843 Mon Sep 17 00:00:00 2001 From: rsmekala Date: Wed, 27 Mar 2019 11:04:43 +0530 Subject: [PATCH 2/6] Added note about allow_agent behavior --- lib/jnpr/junos/device.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py index 25983752e..27e142c42 100644 --- a/lib/jnpr/junos/device.py +++ b/lib/jnpr/junos/device.py @@ -1113,6 +1113,10 @@ def __init__(self, *vargs, **kvargs): :param bool allow_agent: *OPTIONAL* default is ``False``. If ``True`` then the SSH config file is not parsed by Pyez and passed down to ncclient + + .. note:: + value of allow_agent may change to ``True``, in case the user passes + ``False`` without specifying **passwd** or **ssh_private_key_file** """ # ---------------------------------------- From 979de73bd06edf98454169ef8adabde9e7372a07 Mon Sep 17 00:00:00 2001 From: rsmekala Date: Thu, 28 Mar 2019 11:15:28 +0530 Subject: [PATCH 3/6] Modify allow_agent behavior --- lib/jnpr/junos/device.py | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py index 27e142c42..b41f207d8 100644 --- a/lib/jnpr/junos/device.py +++ b/lib/jnpr/junos/device.py @@ -1111,12 +1111,11 @@ def __init__(self, *vargs, **kvargs): XML returned by :meth:`execute` will have whitespace normalized :param bool allow_agent: - *OPTIONAL* default is ``False``. If ``True`` then the - SSH config file is not parsed by Pyez and passed down to ncclient - - .. note:: - value of allow_agent may change to ``True``, in case the user passes - ``False`` without specifying **passwd** or **ssh_private_key_file** + *OPTIONAL* If ``True`` then the SSH config file is not parsed by PyEZ + and passed down to ncclient. If ``False`` then the SSH config file will + be parsed by PyEZ. If option is not provided will fallback to default + behavior. This option is passed down to the ncclient as is, if it is + present in the kwargs. """ # ---------------------------------------- @@ -1131,7 +1130,7 @@ def __init__(self, *vargs, **kvargs): self._normalize = kvargs.get('normalize', False) self._auto_probe = kvargs.get('auto_probe', self.__class__.auto_probe) self._fact_style = kvargs.get('fact_style', 'new') - self.allow_agent = kvargs.get('allow_agent', False) + self.allow_agent = kvargs.get('allow_agent') if self._fact_style != 'new': warnings.warn('fact-style %s will be removed in a future ' 'release.' % @@ -1164,7 +1163,7 @@ def __init__(self, *vargs, **kvargs): self._ssh_config = kvargs.get('ssh_config') self._sshconf_lkup() # but if user or private key is explicit from call, then use it. - if self.allow_agent is True: + if self.allow_agent is not None and self.allow_agent is True: self._auth_user = kvargs.get('user') self._ssh_private_key_file = kvargs.get('ssh_private_key_file') else: @@ -1256,8 +1255,11 @@ def open(self, *vargs, **kvargs): # in this condition it means we want to query the agent # for available ssh keys - allow_agent = bool((self._auth_password is None) and + if self.allow_agent is None: + _allow_agent = bool((self._auth_password is None) and (self._ssh_private_key_file is None)) + else: + _allow_agent = self.allow_agent # open connection using ncclient transport self._conn = netconf_ssh.connect( @@ -1268,7 +1270,7 @@ def open(self, *vargs, **kvargs): password=self._auth_password, hostkey_verify=False, key_filename=self._ssh_private_key_file, - allow_agent=allow_agent, + allow_agent=_allow_agent, ssh_config=self._sshconf_lkup(), device_params={'name': 'junos', 'local': self.__class__.ON_JUNOS}) From b7cc028130a26010f96604675c7cd9830df6399f Mon Sep 17 00:00:00 2001 From: rsmekala Date: Thu, 28 Mar 2019 11:59:49 +0530 Subject: [PATCH 4/6] Addded appropriate comments and renamed variables --- lib/jnpr/junos/device.py | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py index b41f207d8..a5953a255 100644 --- a/lib/jnpr/junos/device.py +++ b/lib/jnpr/junos/device.py @@ -1130,7 +1130,7 @@ def __init__(self, *vargs, **kvargs): self._normalize = kvargs.get('normalize', False) self._auto_probe = kvargs.get('auto_probe', self.__class__.auto_probe) self._fact_style = kvargs.get('fact_style', 'new') - self.allow_agent = kvargs.get('allow_agent') + self._allow_agent = kvargs.get('allow_agent') if self._fact_style != 'new': warnings.warn('fact-style %s will be removed in a future ' 'release.' % @@ -1162,10 +1162,14 @@ def __init__(self, *vargs, **kvargs): # user can get updated by ssh_config self._ssh_config = kvargs.get('ssh_config') self._sshconf_lkup() - # but if user or private key is explicit from call, then use it. + + # if allow_agent is provided and is True, then PyEZ shouldn't load + # the values from config file if self.allow_agent is not None and self.allow_agent is True: self._auth_user = kvargs.get('user') self._ssh_private_key_file = kvargs.get('ssh_private_key_file') + # if allow_agent is not provided or provided but set to False, and + # if user or private key is explicit from call, then use it. else: self._auth_user = kvargs.get('user') or self._conf_auth_user or \ self._auth_user @@ -1255,11 +1259,11 @@ def open(self, *vargs, **kvargs): # in this condition it means we want to query the agent # for available ssh keys - if self.allow_agent is None: - _allow_agent = bool((self._auth_password is None) and + if self._allow_agent is None: + allow_agent = bool((self._auth_password is None) and (self._ssh_private_key_file is None)) else: - _allow_agent = self.allow_agent + allow_agent = self.allow_agent # open connection using ncclient transport self._conn = netconf_ssh.connect( @@ -1270,7 +1274,7 @@ def open(self, *vargs, **kvargs): password=self._auth_password, hostkey_verify=False, key_filename=self._ssh_private_key_file, - allow_agent=_allow_agent, + allow_agent=allow_agent, ssh_config=self._sshconf_lkup(), device_params={'name': 'junos', 'local': self.__class__.ON_JUNOS}) From aa9296b3d499b44ee79455b2be28851356b7084b Mon Sep 17 00:00:00 2001 From: rsmekala Date: Thu, 28 Mar 2019 12:08:00 +0530 Subject: [PATCH 5/6] Added comments about allow_agent preference criteria --- lib/jnpr/junos/device.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py index a5953a255..3b2119af9 100644 --- a/lib/jnpr/junos/device.py +++ b/lib/jnpr/junos/device.py @@ -1254,10 +1254,12 @@ def open(self, *vargs, **kvargs): try: ts_start = datetime.datetime.now() - # we want to enable the ssh-agent if-and-only-if we are - # not given a password or an ssh key file. - # in this condition it means we want to query the agent - # for available ssh keys + # if allow_agent is provided in the call, then the same + # value is passed to the ncclient. + # if allow_agent isn't provided in the call, then it is + # set to True if we are not able to find password or + # ssh_keyfile. user provided allow_agent value should be + # preferred over the runtime value if self._allow_agent is None: allow_agent = bool((self._auth_password is None) and From c3b4a13fa95c1126a9c57c4e080206cfd1501aff Mon Sep 17 00:00:00 2001 From: rsmekala Date: Thu, 28 Mar 2019 16:26:51 +0530 Subject: [PATCH 6/6] Refactor code to use new variable names --- lib/jnpr/junos/device.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/jnpr/junos/device.py b/lib/jnpr/junos/device.py index 3b2119af9..7bd3d7b09 100644 --- a/lib/jnpr/junos/device.py +++ b/lib/jnpr/junos/device.py @@ -1165,7 +1165,7 @@ def __init__(self, *vargs, **kvargs): # if allow_agent is provided and is True, then PyEZ shouldn't load # the values from config file - if self.allow_agent is not None and self.allow_agent is True: + if self._allow_agent is not None and self._allow_agent is True: self._auth_user = kvargs.get('user') self._ssh_private_key_file = kvargs.get('ssh_private_key_file') # if allow_agent is not provided or provided but set to False, and