diff -Nru ssh-import-id-5.7/ChangeLog ssh-import-id-5.7-24-g4001a38e/ChangeLog --- ssh-import-id-5.7/ChangeLog 2017-07-11 20:51:08.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ChangeLog 1970-01-01 00:00:00.000000000 +0000 @@ -1,541 +0,0 @@ -ssh-import-id (5.7) released; urgency=medium - - [ Scott Moser ] - * ssh_import_id/__init__.py: LP: #1570997 - - read_keyfile: use getpass and expanduser if HOME not set. - If the HOME environment variable was not set, then use getpass and - expanduser to try to find the right path. - Recreate was as simple as: - env -u HOME ssh-import-id bob - - [ Dustin Kirkland ] - * ssh_import_id/__init__.py: - - fix typo, missing colon - - -- Dustin Kirkland Fri, 16 Sep 2016 10:13:35 -0500 - -ssh-import-id (5.6-0ubuntu1) yakkety; urgency=medium - - [ Mitsuya Shibata ] - * ssh_import_id/__init__.py: LP: #1565275 - - fix bug, where only the last key from github was getting added - - -- Dustin Kirkland Fri, 16 Sep 2016 10:13:31 -0500 - -ssh-import-id (5.5-0ubuntu1) xenial; urgency=medium - - * debian/control, debian/rules, setup.py, ssh_import_id/__init__.py: - - patches adapted from Barry Warsaw - - drop pkg_resources as a dependency - - hardcode/update module version in __init__.py - - should fix python 3.5 unit test failures - - -- Dustin Kirkland Thu, 18 Feb 2016 12:38:56 -0800 - -ssh-import-id (5.4-0ubuntu1) xenial; urgency=medium - - * debian/rules: - - disable python 3.5 tests; fix ftbfs as unit tests try to import - ssh_import_id, which is the module we're trying to build here - - -- Dustin Kirkland Tue, 16 Feb 2016 16:54:14 -0800 - -ssh-import-id (5.3-0ubuntu1) xenial; urgency=medium - - * setup.py: - - try fixing ftbfs by removing py_modules - - -- Dustin Kirkland Tue, 16 Feb 2016 12:16:57 -0800 - -ssh-import-id (5.2-0ubuntu1) xenial; urgency=medium - - * debian/control: - - try to fix ftbfs, seems we need python3-requests in the build stage - - -- Dustin Kirkland Tue, 16 Feb 2016 11:24:48 -0800 - -ssh-import-id (5.1-0ubuntu1) xenial; urgency=medium - - * debian/control: - - add shlibs to depends, hopefully fix ftbfs - - -- Dustin Kirkland Thu, 11 Feb 2016 22:13:39 -0600 - -ssh-import-id (5.0-0ubuntu1) xenial; urgency=medium - - * === added directory etc, === added directory etc/ssh, === added - directory ssh_import_id, === added directory usr, === added - directory usr/bin, === added directory usr/share, === added - directory usr/share/man, === added directory usr/share/man/man1, - bin/ssh-import-id-gh => usr/bin/ssh-import-id-gh, bin/ssh-import-id- - lp => usr/bin/ssh-import-id-lp, bin/ssh-import-id => - ssh_import_id/__init__.py (properties changed: +x to -x), - debian/control, debian/install, debian/manpages, debian/rules, === - removed directory bin, setup.py, ssh-import-id.1 => - usr/share/man/man1/ssh-import-id.1, ssh_import_id => - etc/ssh/ssh_import_id, usr/bin/ssh-import-id: - - build depend on dh-python - - simplify package install, etc/ and usr/ - - syntax check both locations - - build an ssh_import_id python package/module - - put all common functionality into an ssh_import_id module - - add a browser useragent string, for protocol version support on the server - - move ssh-import-id-lp and ssh-import-id-gh functionality into a base - python function, and wrap those with shell - - remove a couple of subcommand shell outs by using native python calls - * setup.py, ssh_import_id/__init__.py: - - bump major version to 5.0, major changes here - * debian/rules, setup.py: - - add scripts back to setup.py - * ssh_import_id/__init__.py: - - add extra blank line back, for readability - * debian/control, ssh_import_id/__init__.py: - - use pkg_resources to get __version__, depend on package - - -- Dustin Kirkland Sat, 30 Jan 2016 09:46:50 -0600 - -ssh-import-id (4.5-0ubuntu1) wily; urgency=medium - - [ Andres Riancho and Dustin Kirkland ] - * bin/ssh-import-id-gh: LP: #1397332 - - handle two github error conditions (rate limiting and user - not found) - - -- Dustin Kirkland Mon, 05 Oct 2015 18:32:53 -0500 - -ssh-import-id (4.4-0ubuntu1) wily; urgency=medium - - * bin/ssh-import-id-gh, bin/ssh-import-id-lp, setup_helpers.py, - setup.py: LP: #1428840 - - make ssh-import-id work with both python2.7 and python3 - - revert previous changes with classifiers and testing for - python3 - - -- Dustin Kirkland Mon, 05 Oct 2015 18:15:51 -0500 - -ssh-import-id (4.3-0ubuntu1) wily; urgency=medium - - * === added symlink README, setup.py, === target is uREADME.md: - - fix setup.py classifiers - * setup.py: - - require 3.2 final - * setup.py (properties changed: -x to +x): - - make executable - - -- Dustin Kirkland Mon, 05 Oct 2015 17:52:27 -0500 - -ssh-import-id (4.2-0ubuntu1) wily; urgency=medium - - [ Barry Warsaw and Dustin Kirkland ] - * setup_helpers.py, setup.py: - - ensure that pypi/pip installs require python3, - https://github.com/cmars/ssh-import-id/issues/6 - - -- Dustin Kirkland Mon, 05 Oct 2015 17:44:17 -0500 - -ssh-import-id (4.1-0ubuntu1) vivid; urgency=medium - - * setup.py: - - clean up some whitespace and indenting issues - - -- Dustin Kirkland Tue, 06 Jan 2015 14:39:26 -0600 - -ssh-import-id (4.0-0ubuntu1) utopic; urgency=low - - [ Andrew Starr-Bochicchio ] - * Port to python3 (LP: #1252474). - - [ Dustin Kirkland ] - * setup.py: - - bump to 4.0, to note the significant change to python3 - - -- Dustin Kirkland Mon, 28 Apr 2014 15:12:44 -0700 - -ssh-import-id (3.21-0ubuntu1) trusty; urgency=low - - * bin/ssh-import-id: LP: #1285295 - - re-authorizing existing keys should exit 0 - - update logging - - -- Dustin Kirkland Thu, 27 Feb 2014 09:39:22 -0600 - -ssh-import-id (3.20-0ubuntu1) trusty; urgency=low - - * bin/ssh-import-id: LP: #1274426 - - ensure that we exit zero if any of the id's that we try to import - affect 0 keys (ie, if we fail to do something we were asked to do) - - however, we should continue to try to succeed, as much as possible, - even if one of the earlier accounts failed - - -- Dustin Kirkland Thu, 30 Jan 2014 09:22:45 +0000 - -ssh-import-id (3.19-0ubuntu1) saucy; urgency=low - - * debian/control: - - drop the breaks/replaces ssh-import; this package hasn't existed for - eons; we should never realistically encounter it any more - - add vcs-browser - - -- Dustin Kirkland Fri, 16 Aug 2013 15:33:24 -0500 - -ssh-import-id (3.18-0ubuntu1) saucy; urgency=low - - * attic/ssh-import-id, attic/ssh-import-id.py, === removed directory - attic: - - fully deprecate the old versions of these scripts; no longer necessary - * debian/control: - - bump standards - - merge some minor changes from Andrew Starr-Bochicchio - - add Andrew Starr-Bochicchio as an uploader - - adjust formatting and indentation to match Andrew's - * debian/copyright: - - update debian copyright file format - * debian/postinst: - - add inline comments for Debian - * debian/watch: - - add a debian watch file - - -- Dustin Kirkland Fri, 16 Aug 2013 15:17:16 -0500 - -ssh-import-id (3.17-0ubuntu1) saucy; urgency=low - - * Another no-change release for Ubuntu - - -- Dustin Kirkland Mon, 29 Apr 2013 09:49:51 -0500 - -ssh-import-id (3.16-0ubuntu1) saucy; urgency=low - - * Empty release for upload to Ubuntu saucy - - ssh-import-id 3.15 was released after raring closed, but before - saucy opened - - -- Dustin Kirkland Mon, 29 Apr 2013 09:40:34 -0500 - -ssh-import-id (3.15-0ubuntu1) sexy; urgency=low - - * bin/ssh-import-id: LP: #1172434 - - create the keyfile destination directory, if necessary - - -- Dustin Kirkland Wed, 24 Apr 2013 21:41:01 -0500 - -ssh-import-id (3.14-0ubuntu1) raring; urgency=low - - * bin/ssh-import-id-gh, bin/ssh-import-id-lp: LP: #1155252 - - python requests module must be >= 1.1.0, for ssl certificate - verification and proper quoting; fall back to wget if module - is available, but older - - -- Dustin Kirkland Fri, 15 Mar 2013 10:12:40 -0500 - -ssh-import-id (3.13-0ubuntu1) raring; urgency=low - - * debian/rules: - - fix FTBFS, no need to syntax check setup.py - - -- Dustin Kirkland Fri, 15 Feb 2013 16:58:04 -0600 - -ssh-import-id (3.12-0ubuntu1) raring; urgency=low - - * debian/control: - - note github.com in the package description - * bin/ssh-import-id, ssh-import-id.1: - - rename the --revoke option to --remove - - we're not really "revoking" keys, but rather just removing them - from the authorized_keys file - - -- Dustin Kirkland Fri, 15 Feb 2013 15:03:53 -0600 - -ssh-import-id (3.11-0ubuntu1) raring; urgency=low - - * bin/ssh-import-id: - - cleanup tempfiles left around in case we die() early - - -- Dustin Kirkland Fri, 08 Feb 2013 12:35:13 -0600 - -ssh-import-id (3.10-0ubuntu1) raring; urgency=low - - * bin/ssh-import-id: - - show key type in info messages - - -- Dustin Kirkland Thu, 07 Feb 2013 17:45:18 -0600 - -ssh-import-id (3.9-0ubuntu1) raring; urgency=low - - * bin/ssh-import-id-lp: - - ensure that URL is not None before using it - - fixes exception when URL is not defined in config file and not in - the environment - - -- Dustin Kirkland Thu, 07 Feb 2013 11:33:29 -0600 - -ssh-import-id (3.8-0ubuntu1) raring; urgency=low - - * No change release; our Python and Debian/Ubuntu version numbers got - out of sync due to a bug in my release script - - -- Dustin Kirkland Thu, 07 Feb 2013 11:20:40 -0600 - -ssh-import-id (3.7-0ubuntu1) raring; urgency=low - - * bin/ssh-import-id-lp: - - another fix for Mac OS X - - -- Dustin Kirkland Thu, 07 Feb 2013 10:16:59 -0600 - -ssh-import-id (3.6-0ubuntu1) raring; urgency=low - - * setup.py: - - fix pip install on Mac - - -- Dustin Kirkland Thu, 07 Feb 2013 09:52:36 -0600 - -ssh-import-id (3.5-0ubuntu1) raring; urgency=low - - * bin/ssh-import-id, ssh-import-id.1: - - support key revocation through a -r|--revoke option - - only revokes keys that we label as adding (starting with this release) - * debian/control, debian/rules, setup.py: - - fix lintian warnings - - clean up pypi pkginfo - - -- Dustin Kirkland Wed, 06 Feb 2013 16:39:54 -0600 - -ssh-import-id (3.4-0ubuntu1) raring; urgency=low - - * setup.py: - - bump version - * debian/control, debian/rules: - - run pep8 at build for python syntax checking - - still trying to fix 10.04 build - * bin/ssh-import-id-lp: - - fix pep8 warning - - -- Dustin Kirkland Tue, 05 Feb 2013 17:37:53 -0600 - -ssh-import-id (3.3-0ubuntu1) raring; urgency=low - - * debian/control, debian/rules: - - get this building on 10.04/lucid, borrowed build logic from swift - - -- Dustin Kirkland Tue, 05 Feb 2013 12:42:21 -0600 - -ssh-import-id (3.2-0ubuntu1) raring; urgency=low - - * debian/control: - - need setuptools for compilation - - -- Dustin Kirkland Tue, 05 Feb 2013 11:53:45 -0600 - -ssh-import-id (3.1-0ubuntu1) raring; urgency=low - - * debian/control: - - ensure we have python packaging build dependencies - * debian/control, debian/rules: - - clean up python build dependencies, fix problem where - dh_pysupport pulls in python-support as a dependency - - -- Dustin Kirkland Tue, 05 Feb 2013 10:05:21 -0600 - -ssh-import-id (3.0-0ubuntu1) raring; urgency=low - - [ Dustin Kirkland ] - * setup.py: - - bump major version to 3.x since this is a complete rewrite in Python - - add support for gh:username (github) as well as lp:username (launchpad) - * bin/ssh-auth-id => bin/ssh-import-id, bin/ssh-auth-id-gh => bin/ssh- - import-id-gh, bin/ssh-auth-id-lp => bin/ssh-import-id-lp, README.md, - setup.py: - - rename Casey's ssh-auth-id command to ssh-import-id with this merge - * bin/ssh-import-id, bin/ssh-import-id-gh, bin/ssh-import-id-lp, - setup.py: - - get these pep8 clean with - pep8 --verbose --repeat --ignore W191,E501 - * bin/ssh-import-id, bin/ssh-import-id-gh, bin/ssh-import-id-lp: - - drop the "starts with ssh-" check - - bad assumption, since my ecdsa key starts with "ecdsa-sha2-nistp256" - - if it's a bad key, then ssh-keygen -l -f will shake that out - - support wget as a fallback, when python requests module is not available - - loop over each id in argv - - import subprocess - * === added directory attic, debian/control, ssh-import-id => - attic/ssh-import-id, ssh-import-id.py => attic/ssh-import-id.py: - - relocate the old shell utility and the monolithic python utility to - the attic for now; these should be removed entirely from the source - tree in due time - * debian/install: - - remove binaries from the install, let setup.py handle these for us - * bin/ssh-import-id: - - support -o|--output - for stdout - - return all parts of the fingerprint on validation (size, hash, name, type) - - index into the fingerprint for the hash - - print all parts of the fingerprint in info messages - + this is essential to the security of ssh-import-id, for key fingerprint - collision avoidance - - use a helper function to print to stdout just as easily a filename - - identify keys by their tuple, [length, hash, type] - * debian/links, README.md, ssh-import-id.1: - - update documentation - * bin/ssh-import-id-lp, debian/postinst, ssh_import_id: - - support URL environment variable and system-wide URL definition in conf - file - - port conf file from shell to JSON syntax - - add a postinst script to smooth migration from ssh-import-id < 3.0 - - ignore errors in postinst script (nothing more we can do, really) - * bin/ssh-import-id-gh, bin/ssh-import-id-lp, debian/postinst, - ssh_import_id: - - use wget --no-verbose rather than --quiet, so that error messages from - wget (such as SSL cert errors) get propagated - - use json syntax for configuration file - * bin/ssh-import-id: - - stdout file descriptor cannot be opened multiple times cleanly - - [ Casey Marshall and Dustin Kirkland ] - * === added directory bin, bin/ssh-auth-id, bin/ssh-auth-id-gh, - bin/ssh-auth-id-lp, LICENSE, README.md, setup.py: - - import Casey's subcommands implementation from his ssh-auth-id fork - on github - - -- Dustin Kirkland Tue, 05 Feb 2013 01:38:31 -0600 - -ssh-import-id (2.13-0ubuntu1) raring; urgency=low - - * ssh-import-id: - - completely rewrite the validate_keys function - - fix our broken, crappy regular expressions, and instead, rely on - SSH's ssh-keygen -l to validate keys by calculating fingerprints - - display fingerprints on stderr, such that users can verify those - or discard it - * debian/control: - - depend on openssh-client, which provides the ssh-keygen command - - bump standards - - -- Dustin Kirkland Tue, 23 Oct 2012 17:31:55 -0500 - -ssh-import-id (2.12-0ubuntu1) quantal; urgency=low - - [ Jani Uusitalo ] - * ssh_import_id: LP: #997143 - - fix typo in comment - - -- Dustin Kirkland Sat, 12 May 2012 19:58:12 -0700 - -ssh-import-id (2.11-0ubuntu1) quantal; urgency=low - - [ Dražen Lučanin ] - * ssh-import-id: LP: #990501 - - ensure there are newlines at the end of keys - - add 2 blank lines between each key for readability - - -- Dustin Kirkland Sun, 06 May 2012 10:46:33 -0500 - -ssh-import-id (2.10-0ubuntu1) precise; urgency=low - - * === added directory img, img/ssh-import-id_14.png, img/ssh-import- - id_192.png, img/ssh-import-id_64.png, img/ssh-import-id.png: - - add logos to revision control - * ssh-import-id, ssh-import-id.1: LP: #944367 - - add -e parameter, which says "don't clean my environment" - - helps if someone needs to set $https_proxy - - -- Dustin Kirkland Sat, 03 Mar 2012 08:32:25 -0600 - -ssh-import-id (2.9-0ubuntu1) precise; urgency=low - - * debian/control: - - we don't technically break openssh-server; this could cause - openssh-server to be removed; that's bad - - -- Dustin Kirkland Tue, 31 Jan 2012 16:01:56 -0600 - -ssh-import-id (2.8-0ubuntu1) precise; urgency=low - - [ Soren Hansen ] - * ssh-import-id: LP: #918131 - - Sequences of a's were getting filtered from public keys - - -- Dustin Kirkland Wed, 18 Jan 2012 09:48:23 -0600 - -ssh-import-id (2.7-0ubuntu1) precise; urgency=low - - * ssh-import-id: LP: #885205, LP: #702932 - - fix bug where lines are merged if they don't include a "= " - - instead, check for lines that begin with "^ssh-" - * ssh-import-id: - - line up sed whitespace - - -- Dustin Kirkland Mon, 16 Jan 2012 17:42:51 -0600 - -ssh-import-id (2.6-0ubuntu1) precise; urgency=low - - * Revert the last commit, removing the ssh-import-lp-id link, as this - breaks tab completion. Instead, let's fix the ssh-import-lp-id - caller and SRU it; LP: #870112 - - -- Dustin Kirkland Wed, 14 Dec 2011 09:07:00 -0600 - -ssh-import-id (2.5-0ubuntu2) oneiric; urgency=low - - * provide a symlink so ssh-import-id can be invoked as - ssh-import-lp-id (LP: #870112) - - -- Scott Moser Fri, 07 Oct 2011 13:08:44 -0400 - -ssh-import-id (2.5-0ubuntu1) natty; urgency=low - - * ssh-import-id: enable users to override URL with a per-use - environment variable - - -- Dustin Kirkland Wed, 20 Apr 2011 15:38:50 -0400 - -ssh-import-id (2.4-0ubuntu1) natty; urgency=low - - [ Scott Moser ] - * ssh-import-id: - - fix import of users whose keys have blank lines and dos EOL - - do not require /etc/ssh/ssh_import_id to be present - - -- Dustin Kirkland Fri, 15 Apr 2011 09:48:30 -0500 - -ssh-import-id (2.3-0ubuntu1) natty; urgency=low - - * ssh-import-id: ensure that ~/.ssh is created, fix regression - introduced by smoser ;-) - - -- Dustin Kirkland Tue, 11 Jan 2011 11:12:40 -0600 - -ssh-import-id (2.2-0ubuntu1) natty; urgency=low - - [ Scott Moser ] - * use getopt, send 'info' to stderr, add '--output', LP: #688574 - - support '--help' - - add '--output' or '-o' option to write downloaded and - verified data to a named file (supporting '-' for stdout) rather - that writing to users .ssh/authorized_keys - - send 'info' output to standard error rather than standard out - This is required to deal with '--output -' - * remove carriage returns from key strings (LP: #651698) - - [ Dustin Kirkland ] - * ssh-import-id.1: updated to reflect smoser's changes - * debian/install, ssh_import_id, ssh-import-id: allow for URL to be - admin-configurable, to point to other SSH public key stores besides - Launchpad.net - * ssh-import-id.1: document /etc/ssh/ssh_import_id - - -- Dustin Kirkland Mon, 10 Jan 2011 12:56:32 -0600 - -ssh-import-id (2.1-0ubuntu1) natty; urgency=low - - * debian/control: change the Conflicts to a Breaks, as pointed out - by cjwatson, per Debian policy section 7.6 - - -- Dustin Kirkland Wed, 05 Jan 2011 08:59:24 -0600 - -ssh-import-id (2.0-0ubuntu1) natty; urgency=low - - * Split the ssh-import-id utility out of the openssh package; - cjwatson doesn't want to see bugs about the tool, nor be bothered - with the maintenance thereof, hence a new package - * Relicensing the code and documentation from BSD -> GPLv3 - - -- Dustin Kirkland Tue, 04 Jan 2011 16:16:30 -0600 diff -Nru ssh-import-id-5.7/debian/changelog ssh-import-id-5.7-24-g4001a38e/debian/changelog --- ssh-import-id-5.7/debian/changelog 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/debian/changelog 2018-05-11 18:56:46.000000000 +0000 @@ -1,18 +1,31 @@ -ssh-import-id (5.7-0ubuntu1) artful; urgency=medium +ssh-import-id (5.7-24-g4001a38e-0ubuntu1) cosmic; urgency=medium + + * New upstream snapshot. + - debian/postinst: Correctly check old version. + - debian/: Adjust packaging to include debian's changes and fix + lintian warnings. + - Migrate upstream to git. + - Add running of pycodestyle and pylint via tox and fix warnings. + - Convert tabs to spaces for indentation globally. + - Get path to user's authorized_keys even if HOME is not set. + (LP: #1570997) + - Exit with sys.exit() rather than os._exit. + [Michael Hudson-Doyle] (LP: #1770302) + - Launchpad: check status code of response when fetching ssh keys. + [Michael Hudson-Doyle] (LP: #1770305) + - Fix NameError on unknown service/proto. [Michael Hudson-Doyle] + - debian/rules: no longer run pep8 in debian build. + - Use setup.py's console_scripts to write ssh-import-id to /usr/bin. - [ Scott Moser ] - * ssh_import_id/__init__.py: LP: #1570997 - - read_keyfile: use getpass and expanduser if HOME not set. - If the HOME environment variable was not set, then use getpass and - expanduser to try to find the right path. - Recreate was as simple as: - env -u HOME ssh-import-id bob + -- Scott Moser Fri, 11 May 2018 14:56:46 -0400 + +ssh-import-id (5.7-0ubuntu1) artful; urgency=medium [ Dustin Kirkland ] * ssh_import_id/__init__.py: - fix typo, missing colon - -- Dustin Kirkland Fri, 16 Sep 2016 10:13:35 -0500 + -- Dustin Kirkland Tue, 11 Jul 2017 15:51:42 -0500 ssh-import-id (5.6-0ubuntu1) yakkety; urgency=medium diff -Nru ssh-import-id-5.7/debian/changelog.trunk ssh-import-id-5.7-24-g4001a38e/debian/changelog.trunk --- ssh-import-id-5.7/debian/changelog.trunk 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/debian/changelog.trunk 2018-05-11 18:56:46.000000000 +0000 @@ -0,0 +1,5 @@ +ssh-import-id (UPSTREAM_VER-0~upstream0) UNRELEASED; urgency=medium + + * UNRELEASED + + -- Dustin Kirkland Tue, 11 Jul 2017 15:51:44 -0500 diff -Nru ssh-import-id-5.7/debian/compat ssh-import-id-5.7-24-g4001a38e/debian/compat --- ssh-import-id-5.7/debian/compat 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/debian/compat 2018-05-11 18:56:46.000000000 +0000 @@ -1 +1 @@ -7 +10 diff -Nru ssh-import-id-5.7/debian/control ssh-import-id-5.7-24-g4001a38e/debian/control --- ssh-import-id-5.7/debian/control 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/debian/control 2018-05-11 18:56:46.000000000 +0000 @@ -1,16 +1,14 @@ Source: ssh-import-id Section: misc -Priority: extra +Priority: optional Maintainer: Dustin Kirkland Uploaders: Andrew Starr-Bochicchio -Build-Depends: debhelper (>= 8), +Build-Depends: debhelper (>= 10), dh-python, python3-all, - python3-pep8, python3-requests (>= 1.1.0), python3-setuptools -Standards-Version: 3.9.6 -X-Python3-Version: >= 3.2 +Standards-Version: 4.1.3 Homepage: http://launchpad.net/ssh-import-id Vcs-Browser: http://bazaar.launchpad.net/~ssh-import-id/ssh-import-id/trunk/files Vcs-Bzr: https://code.launchpad.net/~ssh-import-id/ssh-import-id/trunk @@ -22,7 +20,6 @@ python3-requests (>= 1.1.0), wget, ${misc:Depends}, - ${shlibs:Depends}, ${python3:Depends} Recommends: openssh-server Description: securely retrieve an SSH public key and install it locally diff -Nru ssh-import-id-5.7/debian/postinst ssh-import-id-5.7-24-g4001a38e/debian/postinst --- ssh-import-id-5.7/debian/postinst 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/debian/postinst 2018-05-11 18:56:46.000000000 +0000 @@ -2,10 +2,17 @@ set -e -# Migrate from shell syntax configuration file to JSON to -# smooth migration from ssh-import-id < 3.0. Though this was -# never in Debian, let's still provide this incase some had -# installed the package from Ubuntu. -sed -i -e "/^#/d" -e "s/^URL=\"\(.*\)\"/{\"URL\": \"\1\"}/" /etc/ssh/ssh_import_id || true +if [ "$1" = "configure" ]; then + # Migrate from shell syntax configuration file to JSON to + # smooth migration from ssh-import-id < 3.0. Though this was + # never in Debian, let's still provide this incase some had + # installed the package from Ubuntu. + _sii_file="/etc/ssh/ssh_import_id" + if [ -f "$_sii_file" ] && dpkg --compare-versions "$2" le 3.0; then + echo "Attempting to convert $_sii_file" 1>&2 + sed -i -e "/^#/d" -e "s/^URL=\"\(.*\)\"/{\"URL\": \"\1\"}/" \ + "$_sii_file" || : + fi +fi #DEBHELPER# diff -Nru ssh-import-id-5.7/debian/rules ssh-import-id-5.7-24-g4001a38e/debian/rules --- ssh-import-id-5.7/debian/rules 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/debian/rules 2018-05-11 18:56:46.000000000 +0000 @@ -1,9 +1,15 @@ #!/usr/bin/make -f -override_dh_auto_build: - # Check syntax - python3 /usr/lib/python3/dist-packages/pep8.py --verbose --repeat --ignore W191,E501,E121 ssh_import_id/* usr/bin/ssh-import-id - dh_auto_build +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +DEB_VERSION := $(shell dpkg-parsechangelog --show-field=Version) %: dh $@ --with python3 --buildsystem=pybuild + +override_dh_auto_install: + dh_auto_install + # upstream provides a way to patch in the distro + # version by replacing @@PACKAGED_VERSION@@ in version.py + for f in $$(find $(CURDIR)/debian/ -type f -name version.py); do [ -f "$$f" ] || continue; sed -i 's,@@PACKAGED_VERSION@@,$(DEB_VERSION),' "$$f"; done diff -Nru ssh-import-id-5.7/debian/source/format ssh-import-id-5.7-24-g4001a38e/debian/source/format --- ssh-import-id-5.7/debian/source/format 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/debian/source/format 2018-05-11 18:56:46.000000000 +0000 @@ -0,0 +1 @@ +3.0 (quilt) diff -Nru ssh-import-id-5.7/etc/ssh/ssh_import_id ssh-import-id-5.7-24-g4001a38e/etc/ssh/ssh_import_id --- ssh-import-id-5.7/etc/ssh/ssh_import_id 2013-02-05 06:54:27.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/etc/ssh/ssh_import_id 2018-05-11 18:53:40.000000000 +0000 @@ -1,4 +1,4 @@ { - "_comment_": "This file is JSON syntax and will be loaded by ssh-import-id to obtain the URL string, which defaults to launchpad.net. The following URL *must* be an https address with a valid, signed certificate!!! %s is the variable that will be filled by the ssh-import-id utility.", - "URL": "https://launchpad.net/~%s/+sshkeys" + "_comment_": "This file is JSON syntax and will be loaded by ssh-import-id to obtain the URL string, which defaults to launchpad.net. The following URL *must* be an https address with a valid, signed certificate!!! %s is the variable that will be filled by the ssh-import-id utility.", + "URL": "https://launchpad.net/~%s/+sshkeys" } diff -Nru ssh-import-id-5.7/.pylintrc ssh-import-id-5.7-24-g4001a38e/.pylintrc --- ssh-import-id-5.7/.pylintrc 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/.pylintrc 2018-05-11 18:53:40.000000000 +0000 @@ -0,0 +1,8 @@ +[MESSAGES CONTROL] +disable= + inconsistent-return-statements, + invalid-name, + missing-docstring, + +[REPORTS] +output-format=parseable diff -Nru ssh-import-id-5.7/README ssh-import-id-5.7-24-g4001a38e/README --- ssh-import-id-5.7/README 2013-02-05 05:34:58.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/README 2018-05-11 18:53:40.000000000 +0000 @@ -15,33 +15,33 @@ ssh-import-id uses short prefix to indicate the location of the online identity. For now, these are: - 'gh:' for Github - 'lp:' for Launchpad + 'gh:' for Github + 'lp:' for Launchpad Command line help: - usage: ssh-import-id [-h] [-o FILE] USERID [USERID ...] + usage: ssh-import-id [-h] [-o FILE] USERID [USERID ...] - Authorize SSH public keys from trusted online identities. + Authorize SSH public keys from trusted online identities. - positional arguments: - USERID User IDs to import + positional arguments: + USERID User IDs to import - optional arguments: - -h, --help show this help message and exit - -o FILE, --output FILE - Write output to file (default ~/.ssh/authorized_keys) + optional arguments: + -h, --help show this help message and exit + -o FILE, --output FILE + Write output to file (default ~/.ssh/authorized_keys) Example ------- If you wanted me to be able to ssh into your server, as the desired user on that machine you would use: - $ ssh-import-id gh:cmars + $ ssh-import-id gh:cmars You can also import multiple users on the same line, even from different key services, like so: - $ ssh-import-id gh:cmars lp:kirkland + $ ssh-import-id gh:cmars lp:kirkland Used with care, it's a great collaboration tool! @@ -50,7 +50,7 @@ ssh-import-id can be installed on Python >= 2.6 with a recent version of pip: - $ pip install ssh-import-id + $ pip install ssh-import-id ssh-import-id requires a recent version of Requests (>=1.1.0) for verified SSL/TLS connections. diff -Nru ssh-import-id-5.7/README.md ssh-import-id-5.7-24-g4001a38e/README.md --- ssh-import-id-5.7/README.md 2013-02-05 05:34:58.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/README.md 2018-05-11 18:53:40.000000000 +0000 @@ -15,33 +15,33 @@ ssh-import-id uses short prefix to indicate the location of the online identity. For now, these are: - 'gh:' for Github - 'lp:' for Launchpad + 'gh:' for Github + 'lp:' for Launchpad Command line help: - usage: ssh-import-id [-h] [-o FILE] USERID [USERID ...] + usage: ssh-import-id [-h] [-o FILE] USERID [USERID ...] - Authorize SSH public keys from trusted online identities. + Authorize SSH public keys from trusted online identities. - positional arguments: - USERID User IDs to import + positional arguments: + USERID User IDs to import - optional arguments: - -h, --help show this help message and exit - -o FILE, --output FILE - Write output to file (default ~/.ssh/authorized_keys) + optional arguments: + -h, --help show this help message and exit + -o FILE, --output FILE + Write output to file (default ~/.ssh/authorized_keys) Example ------- If you wanted me to be able to ssh into your server, as the desired user on that machine you would use: - $ ssh-import-id gh:cmars + $ ssh-import-id gh:cmars You can also import multiple users on the same line, even from different key services, like so: - $ ssh-import-id gh:cmars lp:kirkland + $ ssh-import-id gh:cmars lp:kirkland Used with care, it's a great collaboration tool! @@ -50,7 +50,7 @@ ssh-import-id can be installed on Python >= 2.6 with a recent version of pip: - $ pip install ssh-import-id + $ pip install ssh-import-id ssh-import-id requires a recent version of Requests (>=1.1.0) for verified SSL/TLS connections. diff -Nru ssh-import-id-5.7/setup.py ssh-import-id-5.7-24-g4001a38e/setup.py --- ssh-import-id-5.7/setup.py 2016-09-16 15:13:35.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/setup.py 2018-05-11 18:53:40.000000000 +0000 @@ -17,24 +17,46 @@ import os from setuptools import setup -from ssh_import_id import __version__ +import sys + + +def read_version(): + # shove 'version' into the path so we can import it without going through + # ssh_import_id which has deps that wont be available at setup.py time. + # specifically, from 'ssh_import_id import version' + # will fail due to requests not available. + verdir = os.path.abspath( + os.path.join(os.path.dirname(__file__), "ssh_import_id")) + sys.path.insert(0, verdir) + import version + return version.VERSION + try: - readme = open(os.path.join(os.path.dirname(__file__), "README.md")).read() -except: - readme = "See: http://pypi.python.org/pypi?name=ssh-import-id&:action=display_pkginfo" + readme = open(os.path.join(os.path.dirname(__file__), "README.md")).read() +except OSError: + readme = ("See: http://pypi.python.org/pypi?name=ssh-import-id&:" + "action=display_pkginfo") + setup( - name='ssh-import-id', - description='Authorize SSH public keys from trusted online identities', - long_description=readme, - version=__version__, - author='Dustin Kirkland, Casey Marshall', - author_email='dustin.kirkland@gmail.com, casey.marshall@gmail.com', - license="GPLv3", - keywords="ssh public key", - url='https://launchpad.net/ssh-import-id', - platforms=['any'], - packages=['ssh_import_id'], - scripts=['usr/bin/ssh-import-id', 'usr/bin/ssh-import-id-gh', 'usr/bin/ssh-import-id-lp'], - install_requires=["Requests>=1.1.0"], + name='ssh-import-id', + description='Authorize SSH public keys from trusted online identities', + long_description=readme, + version=read_version(), + author='Dustin Kirkland, Casey Marshall', + author_email='dustin.kirkland@gmail.com, casey.marshall@gmail.com', + license="GPLv3", + keywords="ssh public key", + url='https://launchpad.net/ssh-import-id', + platforms=['any'], + packages=['ssh_import_id'], + scripts=['usr/bin/ssh-import-id-gh', 'usr/bin/ssh-import-id-lp'], + install_requires=["requests>=1.1.0"], + entry_points={ + 'console_scripts': [ + 'ssh-import-id = ssh_import_id:main' + ], + } ) + +# vi: ts=4 expandtab syntax=python diff -Nru ssh-import-id-5.7/ssh_import_id/__init__.py ssh-import-id-5.7-24-g4001a38e/ssh_import_id/__init__.py --- ssh-import-id-5.7/ssh_import_id/__init__.py 2017-07-11 20:49:03.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id/__init__.py 2018-05-11 18:53:40.000000000 +0000 @@ -20,296 +20,374 @@ import argparse import getpass import json +try: + from json.decoder import JSONDecodeError +except ImportError: + JSONDecodeError = ValueError import logging import os import platform -import requests import stat import subprocess import sys import tempfile + +import requests + try: - from urllib.parse import quote_plus -except: - from urllib import quote_plus + from urllib.parse import quote_plus +except ImportError: + from urllib import quote_plus + + +from .version import VERSION -__version__ = '5.7' DEFAULT_PROTO = "lp" -logging.basicConfig(format='%(asctime)s %(levelname)s %(message)s', level=logging.INFO) -parser = argparse.ArgumentParser(description='Authorize SSH public keys from trusted online identities.') -parser.add_argument('-o', '--output', metavar='FILE', help='Write output to file (default ~/.ssh/authorized_keys)') -parser.add_argument('-r', '--remove', help='Remove a key from authorized keys file', action="store_true", default=False) -parser.add_argument('-u', '--useragent', metavar='USERAGENT', help='Append to the http user agent string', default="") -parser.add_argument('userids', nargs='+', metavar="USERID", help='User IDs to import') +logging.basicConfig(format='%(asctime)s %(levelname)s %(message)s', + level=logging.INFO) +parser = argparse.ArgumentParser( + description='Authorize SSH public keys from trusted online identities.', + prog="ssh-import-id") +parser.add_argument( + '-o', '--output', metavar='FILE', + help='Write output to file (default ~/.ssh/authorized_keys)') +parser.add_argument( + '-r', '--remove', action="store_true", default=False, + help='Remove a key from authorized keys file') +parser.add_argument( + '-u', '--useragent', metavar='USERAGENT', default="", + help='Append to the http user agent string') +parser.add_argument( + 'userids', nargs='+', metavar="USERID", + help='User IDs to import') parser.options = None TEMPFILES = [] def cleanup(): - """ - Cleanup tempfiles - """ - for f in TEMPFILES: - if os.path.exists(f): - os.unlink(f) + """ + Cleanup tempfiles + """ + for f in TEMPFILES: + if os.path.exists(f): + os.unlink(f) def die(msg): - """ - The only thing in Perl worth keeping - """ - logging.error(msg) - cleanup() - os._exit(1) + """ + The only thing in Perl worth keeping + """ + logging.error(msg) + cleanup() + sys.exit(1) def key_fingerprint(fields): - """ - Get the fingerprint for an SSH public key - Returns None if not valid key material - """ - if not fields: - return None - if len(fields) < 3: - return None - tempfd, tempname = tempfile.mkstemp(prefix='ssh-auth-key-check', suffix='.pub') - TEMPFILES.append(tempname) - with os.fdopen(tempfd, "w") as tempf: - tempf.write(" ".join(fields)) - tempf.write("\n") - keygen_proc = subprocess.Popen(['ssh-keygen', '-l', '-f', tempname], stdout=subprocess.PIPE) - keygen_out, _ = keygen_proc.communicate(None) - if keygen_proc.returncode: - # Non-zero RC: probably not a public key - return None - os.unlink(tempname) - keygen_fields = keygen_out.split() - if not keygen_fields or len(keygen_fields) < 2: - # Empty output? - return None - out = [] - for k in keygen_out.split(): - out.append(str(k.decode('utf-8').strip())) - return out + """ + Get the fingerprint for an SSH public key + Returns None if not valid key material + """ + if not fields: + return None + if len(fields) < 3: + return None + tempfd, tempname = tempfile.mkstemp( + prefix='ssh-auth-key-check', suffix='.pub') + TEMPFILES.append(tempname) + with os.fdopen(tempfd, "w") as tempf: + tempf.write(" ".join(fields)) + tempf.write("\n") + keygen_proc = subprocess.Popen( + ['ssh-keygen', '-l', '-f', tempname], stdout=subprocess.PIPE) + keygen_out, _ = keygen_proc.communicate(None) + if keygen_proc.returncode: + # Non-zero RC: probably not a public key + return None + os.unlink(tempname) + keygen_fields = keygen_out.split() + if not keygen_fields or len(keygen_fields) < 2: + # Empty output? + return None + out = [] + for k in keygen_out.split(): + out.append(str(k.decode('utf-8').strip())) + return out def open_output(name, mode='a+'): - """ - Open output for writing, supporting either stdout or a filename - """ - if name == '-': - return False - else: - return open(name, mode) + """ + Open output for writing, supporting either stdout or a filename + """ + if name == '-': + return False + return open(name, mode) def assert_parent_dir(keyfile): - """ - Ensure that the keyfile parent directory exists - """ - # Standard out: nothing to do - if keyfile == "-": - return True - # Get output file parent directory - if os.path.dirname(keyfile): - parent_dir = os.path.dirname(keyfile) - else: - parent_dir = "." - # Ensure parent directory exists - if not os.path.exists(parent_dir): - umask = os.umask(0o077) - os.makedirs(parent_dir, 0o700) - os.umask(umask) - if os.path.isdir(parent_dir): - return True - else: - die("Parent directory not found for output [%s]" % (keyfile)) - return False + """ + Ensure that the keyfile parent directory exists + """ + # Standard out: nothing to do + if keyfile == "-": + return True + # Get output file parent directory + if os.path.dirname(keyfile): + parent_dir = os.path.dirname(keyfile) + else: + parent_dir = "." + # Ensure parent directory exists + if not os.path.exists(parent_dir): + umask = os.umask(0o077) + os.makedirs(parent_dir, 0o700) + os.umask(umask) + if os.path.isdir(parent_dir): + return True + else: + die("Parent directory not found for output [%s]" % (keyfile)) + return False def read_keyfile(): - """ - Locate key file, read the current state, return lines in a list - """ - lines = [] - if parser.options.output: - output_file = parser.options.output - else: - if os.environ.get("HOME"): - home = os.environ["HOME"] - else: - home = os.path.expanduser("~" + getpass.getuser()) - output_file = os.path.join(home, ".ssh", "authorized_keys") - - if os.path.exists(output_file): - try: - with open(output_file, "r") as f: - lines = f.readlines() - except: - die("Could not read authorized key file [%s]" % (output_file)) - return lines + """ + Locate key file, read the current state, return lines in a list + """ + keyfile = get_keyfile(parser.options.output) + if keyfile == "-" or not os.path.exists(keyfile): + lines = [] + else: + try: + with open(keyfile, "r") as fp: + lines = fp.readlines() + except OSError: + die("Could not read authorized key file [%s]" % (keyfile)) + + return lines def write_keyfile(keyfile_lines, mode): - """ - Locate key file, write lines to it - """ - output_file = parser.options.output or os.path.join(os.getenv("HOME"), ".ssh", "authorized_keys") - if output_file == "-": - for line in keyfile_lines: - if line: - sys.stdout.write(line) - sys.stdout.write("\n\n") - sys.stdout.flush() - elif assert_parent_dir(output_file): - with open(output_file, mode) as f: - for line in keyfile_lines: - if line.strip(): - f.write(line) - f.write("\n\n") + """ + Locate key file, write lines to it + """ + output_file = get_keyfile(parser.options.output) + if output_file == "-": + for line in keyfile_lines: + if line: + sys.stdout.write(line) + sys.stdout.write("\n\n") + sys.stdout.flush() + elif assert_parent_dir(output_file): + with open(output_file, mode) as f: + for line in keyfile_lines: + if line.strip(): + f.write(line) + f.write("\n\n") + + +def get_keyfile(path=None): + """Return 'path' if true, else a path to current user's authorized_keys.""" + if not path: + if os.environ.get("HOME"): + home = os.environ["HOME"] + else: + home = os.path.expanduser("~" + getpass.getuser()) + + path = os.path.join(home, ".ssh", "authorized_keys") + return path def fp_tuple(fp): - """ - Build a string that uniquely identifies a key - """ - # An SSH public key is uniquely identified by the tuple [length, hash, type]] - # fp should be a list of results of the `ssh-keygen -l -f` command - return ' '.join([fp[0], fp[1], fp[-1]]) + """ + Build a string that uniquely identifies a key + """ + # An SSH public key is uniquely identified by the tuple + # [length, hash, type]. fp should be a list of results of + # the `ssh-keygen -l -f` command + return ' '.join([fp[0], fp[1], fp[-1]]) def key_list(keyfile_lines): - """ - Return a list of uniquely identified keys - """ - # Map out which keys we already have - keys = [] - for line in keyfile_lines: - ssh_fp = key_fingerprint(line.split()) - if ssh_fp: - keys.append(fp_tuple(ssh_fp)) - logging.debug("Already have SSH public keys: [%s]" % (' '.join(keys))) - return keys + """ + Return a list of uniquely identified keys + """ + # Map out which keys we already have + keys = [] + for line in keyfile_lines: + ssh_fp = key_fingerprint(line.split()) + if ssh_fp: + keys.append(fp_tuple(ssh_fp)) + logging.debug("Already have SSH public keys: [%s]", ' '.join(keys)) + return keys def fetch_keys(proto, username, useragent): - """ - Call out to a subcommand to handle the specified protocol and username - """ - if proto == "lp": - return fetch_keys_lp(username, useragent) - elif proto == "gh": - return fetch_keys_gh(username, useragent) - else: - die("ssh-import-id protocol handler %s: not found or cannot execute" % (proto_cmd_path)) + """ + Call out to a subcommand to handle the specified protocol and username + """ + if proto == "lp": + return fetch_keys_lp(username, useragent) + elif proto == "gh": + return fetch_keys_gh(username, useragent) + + die("ssh-import-id protocol handler %s: not found or cannot execute" % + (proto)) def import_keys(proto, username, useragent): - """ - Import keys from service at 'proto' for 'username', appending to output file - """ - # Map out which keys we already have, so we don't keep appending the same ones - local_keys = key_list(read_keyfile()) - # Protocol handler should output SSH keys, one per line - result = [] - keyfile_lines = [] - comment_string = "# ssh-import-id %s:%s" % (proto, username) - for line in fetch_keys(proto, username, useragent).split('\n'): - # Validate/clean-up key text - try: - line = line.decode('utf-8').strip() - except: - line = line.strip() - fields = line.split() - fields.append(comment_string) - ssh_fp = key_fingerprint(fields) - if ssh_fp: - if fp_tuple(ssh_fp) in local_keys: - logging.info("Already authorized %s" % (ssh_fp[:3] + ssh_fp[-1:])) - result.append(fields) - else: - keyfile_lines.append(" ".join(fields)) - result.append(fields) - logging.info("Authorized key %s" % (ssh_fp[:3] + ssh_fp[-1:])) - write_keyfile(keyfile_lines, "a+") - return result + """ + Import keys from service at 'proto' for 'username', appending to output + file + """ + # Map out which keys we already have, so we don't append duplicates. + local_keys = key_list(read_keyfile()) + # Protocol handler should output SSH keys, one per line + result = [] + keyfile_lines = [] + comment_string = "# ssh-import-id %s:%s" % (proto, username) + for line in fetch_keys(proto, username, useragent).split('\n'): + # Validate/clean-up key text + line = line.strip() + fields = line.split() + fields.append(comment_string) + ssh_fp = key_fingerprint(fields) + if ssh_fp: + if fp_tuple(ssh_fp) in local_keys: + logging.info( + "Already authorized %s", ssh_fp[:3] + ssh_fp[-1:]) + result.append(fields) + else: + keyfile_lines.append(" ".join(fields)) + result.append(fields) + logging.info("Authorized key %s", ssh_fp[:3] + ssh_fp[-1:]) + write_keyfile(keyfile_lines, "a+") + return result def remove_keys(proto, username): - """ - Remove keys from the output file, if they were inserted by this tool - """ - # Only remove keys labeled with our comment string - comment_string = "# ssh-import-id %s:%s\n" % (proto, username) - update_lines = [] - removed = [] - for line in read_keyfile(): - if line.endswith(comment_string): - ssh_fp = key_fingerprint(line.split()) - logging.info("Removed labeled key %s" % (ssh_fp[:3] + ssh_fp[-1:])) - removed.append(line) - else: - update_lines.append(line) - write_keyfile(update_lines, "w") - return removed + """ + Remove keys from the output file, if they were inserted by this tool + """ + # Only remove keys labeled with our comment string + comment_string = "# ssh-import-id %s:%s\n" % (proto, username) + update_lines = [] + removed = [] + for line in read_keyfile(): + if line.endswith(comment_string): + ssh_fp = key_fingerprint(line.split()) + logging.info("Removed labeled key %s", ssh_fp[:3] + ssh_fp[-1:]) + removed.append(line) + else: + update_lines.append(line) + write_keyfile(update_lines, "w") + return removed def user_agent(extra=""): - """" - Construct a useful user agent string - """ - ssh_import_id = "ssh-import-id/%s" % __version__ - python = "python/%d.%d.%d" % (sys.version_info.major, sys.version_info.minor, sys.version_info.micro) - distro = "/".join(platform.dist()) - uname = "%s/%s/%s" % (os.uname()[0], os.uname()[2], os.uname()[4]) - return "%s %s %s %s %s" % (ssh_import_id, python, distro, uname, extra) + """" + Construct a useful user agent string + """ + ssh_import_id = "ssh-import-id/%s" % VERSION + python = "python/%d.%d.%d" % ( + sys.version_info.major, sys.version_info.minor, sys.version_info.micro) + # pylint: disable=deprecated-method + distro = "/".join(platform.dist()) + uname = "%s/%s/%s" % (os.uname()[0], os.uname()[2], os.uname()[4]) + return "%s %s %s %s %s" % (ssh_import_id, python, distro, uname, extra) def fetch_keys_lp(lpid, useragent): - try: - url = os.getenv("URL", None) - if url is None and os.path.exists("/etc/ssh/ssh_import_id"): - try: - conf = json.loads(open("/etc/ssh/ssh_import_id").read()) - url = conf.get("URL", None) % (quote_plus(lpid)) - except: - raise Exception("Ensure that URL is defined in [/etc/ssh/ssh_import_id] is in JSON syntax") - elif url is not None: - url = url % (quote_plus(lpid)) - # Finally, fall back to Launchpad - if url is None: - url = "https://launchpad.net/~%s/+sshkeys" % (quote_plus(lpid)) - headers = {'User-Agent': user_agent(useragent)} - text = requests.get(url, verify=True, headers=headers).text - keys = str(text) - except (Exception,): - e = sys.exc_info()[1] - sys.stderr.write("ERROR: %s\n" % (str(e))) - os._exit(1) - return keys + conf_file = "/etc/ssh/ssh_import_id" + try: + url = os.getenv("URL", None) + if url is None and os.path.exists(conf_file): + try: + contents = open(conf_file).read() + except OSError: + raise Exception("Failed to read %s" % conf_file) + + try: + conf = json.loads(contents) + except JSONDecodeError: + raise Exception( + "File %s did not have valid JSON." % conf_file) + url = conf.get("URL", None) % (quote_plus(lpid)) + elif url is not None: + url = url % (quote_plus(lpid)) + # Finally, fall back to Launchpad + if url is None: + url = "https://launchpad.net/~%s/+sshkeys" % (quote_plus(lpid)) + headers = {'User-Agent': user_agent(useragent)} + + response = requests.get(url, verify=True, headers=headers) + if response.status_code != 200: + msg = 'Requesting Launchpad keys failed.' + if response.status_code == 404: + msg = 'Launchpad user not found.' + die(msg + " status_code=%d user=%s" % (response.status_code, lpid)) + + keys = str(response.text) + # pylint: disable=broad-except + except Exception as e: + die(str(e)) + return keys def fetch_keys_gh(ghid, useragent): - x_ratelimit_remaining = 'x-ratelimit-remaining' - help_url = 'https://developer.github.com/v3/#rate-limiting' - keys = "" - try: - url = "https://api.github.com/users/%s/keys" % (quote_plus(ghid)) - headers = {'User-Agent': user_agent()} - resp = requests.get(url, headers=headers, verify=True) - text = resp.text - data = json.loads(text) - if resp.status_code == 404: - print('Username "%s" not found at GitHub API' % ghid) - os._exit(1) - if x_ratelimit_remaining in resp.headers and int(resp.headers[x_ratelimit_remaining]) == 0: - print('GitHub REST API rate-limited this IP address. See %s' % help_url) - os._exit(1) - for keyobj in data: - keys += "%s %s@github/%s\n" % (keyobj['key'], ghid, keyobj['id']) - except (Exception,): - e = sys.exc_info()[1] - sys.stderr.write("ERROR: %s\n" % (str(e))) - os._exit(1) - return keys + x_ratelimit_remaining = 'x-ratelimit-remaining' + help_url = 'https://developer.github.com/v3/#rate-limiting' + keys = "" + try: + url = "https://api.github.com/users/%s/keys" % (quote_plus(ghid)) + headers = {'User-Agent': user_agent(useragent)} + resp = requests.get(url, headers=headers, verify=True) + text = resp.text + data = json.loads(text) + if resp.status_code != 200: + msg = 'Requesting GitHub keys failed.' + if resp.status_code == 404: + msg = 'Username "%s" not found at GitHub API.' % ghid + elif resp.headers.get(x_ratelimit_remaining) == "0": + msg = ('GitHub REST API rate-limited this IP address. See %s .' + % help_url) + die(msg + " status_code=%d user=%s" % (resp.status_code, ghid)) + for keyobj in data: + keys += "%s %s@github/%s\n" % (keyobj['key'], ghid, keyobj['id']) + # pylint: disable=broad-except + except Exception as e: + die(str(e)) + return keys + + +def main(): + errors = [] + try: + os.umask(0o177) + parser.options = parser.parse_args() + keys = [] + for userid in parser.options.userids: + user_pieces = userid.split(':') + if len(user_pieces) == 2: + proto, username = user_pieces + elif len(user_pieces) == 1: + proto, username = DEFAULT_PROTO, userid + else: + die("Invalid user ID: [%s]" % (userid)) + if parser.options.remove: + changes = remove_keys(proto, username) + keys.extend(changes) + action = "Removed" + else: + changes = import_keys( + proto, username, parser.options.useragent) + keys.extend(changes) + action = "Authorized" + if not changes: + errors.append(userid) + logging.info("[%d] SSH keys [%s]", len(keys), action) + # pylint: disable=broad-except + except Exception as e: + die(str(e)) + cleanup() + if errors: + die("No matching keys found for [%s]" % ','.join(errors)) + sys.exit(0) diff -Nru ssh-import-id-5.7/ssh_import_id/__main__.py ssh-import-id-5.7-24-g4001a38e/ssh_import_id/__main__.py --- ssh-import-id-5.7/ssh_import_id/__main__.py 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id/__main__.py 2018-05-11 18:53:40.000000000 +0000 @@ -0,0 +1,21 @@ +# ssh-import-id - Authorize SSH public keys from trusted online identities +# +# Copyright (c) 2013 Casey Marshall +# Copyright (c) 2013-16 Dustin Kirkland +# +# ssh-import-id is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, version 3. +# +# ssh-import-id is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with ssh-import-id. If not, see . + +from ssh_import_id import main + +if __name__ == '__main__': + main() Binary files /tmp/tmpUWVduY/bapwB3kVtY/ssh-import-id-5.7/ssh_import_id/__pycache__/__init__.cpython-35.pyc and /tmp/tmpUWVduY/puc5RXfdie/ssh-import-id-5.7-24-g4001a38e/ssh_import_id/__pycache__/__init__.cpython-35.pyc differ diff -Nru ssh-import-id-5.7/ssh_import_id/version.py ssh-import-id-5.7-24-g4001a38e/ssh_import_id/version.py --- ssh-import-id-5.7/ssh_import_id/version.py 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id/version.py 2018-05-11 18:53:40.000000000 +0000 @@ -0,0 +1,11 @@ +# This file is part of ssh-import-id. See LICENSE file for more info. + +_LAST_RELEASE = "5.7" +_PACKAGED_VERSION = '@@PACKAGED_VERSION@@' + +VERSION = _LAST_RELEASE + +if not _PACKAGED_VERSION.startswith("@@"): + VERSION = _PACKAGED_VERSION + +# vi: ts=4 expandtab syntax=python diff -Nru ssh-import-id-5.7/ssh_import_id.egg-info/dependency_links.txt ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/dependency_links.txt --- ssh-import-id-5.7/ssh_import_id.egg-info/dependency_links.txt 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/dependency_links.txt 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ - diff -Nru ssh-import-id-5.7/ssh_import_id.egg-info/PKG-INFO ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/PKG-INFO --- ssh-import-id-5.7/ssh_import_id.egg-info/PKG-INFO 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/PKG-INFO 1970-01-01 00:00:00.000000000 +0000 @@ -1,81 +0,0 @@ -Metadata-Version: 1.0 -Name: ssh-import-id -Version: 5.7 -Summary: Authorize SSH public keys from trusted online identities -Home-page: https://launchpad.net/ssh-import-id -Author: Dustin Kirkland, Casey Marshall -Author-email: dustin.kirkland@gmail.com, casey.marshall@gmail.com -License: GPLv3 -Description: - ssh-import-id - =========== - - You're logged onto a cloud instance working on a problem with your fellow devs, and you want to invite them to log in and take a look at these crazy log messages. What do? - - Oh. You have to ask them to cat their public SSH key, paste it into IRC (wait, no, it's id\_rsa.pub, not id\_rsa silly!) then you copy it and cat it to the end of authorized\_hosts. - - That's where ssh-import-id comes in. With ssh-import-id, you can add the public SSH keys from a known, trusted online identity to grant SSH access. - - Currently supported identities include Github and Launchpad. - - Usage - ----- - - ssh-import-id uses short prefix to indicate the location of the online identity. For now, these are: - - 'gh:' for Github - 'lp:' for Launchpad - - Command line help: - - usage: ssh-import-id [-h] [-o FILE] USERID [USERID ...] - - Authorize SSH public keys from trusted online identities. - - positional arguments: - USERID User IDs to import - - optional arguments: - -h, --help show this help message and exit - -o FILE, --output FILE - Write output to file (default ~/.ssh/authorized_keys) - - Example - ------- - - If you wanted me to be able to ssh into your server, as the desired user on that machine you would use: - - $ ssh-import-id gh:cmars - - You can also import multiple users on the same line, even from different key services, like so: - - $ ssh-import-id gh:cmars lp:kirkland - - Used with care, it's a great collaboration tool! - - Installing - ---------- - - ssh-import-id can be installed on Python >= 2.6 with a recent version of pip: - - $ pip install ssh-import-id - - ssh-import-id requires a recent version of Requests (>=1.1.0) for verified SSL/TLS connections. - - Extending - --------- - - You can add support for your own SSH public key providers by creating a script named ssh-import-id-*prefix*. Make the script executable and place it in the same bin directory as ssh-import-id. - - The script should accept the identity username for the service it connects to, and output lines in the same format as an ~/.ssh/authorized\_keys file. - - If you do develop such a handler, I recommend that you connect to the service with SSL/TLS, and require a valid certificate and matching hostname. Use Requests.get(url, verify=True), for example. - - Credits - ------- - - This project is authored and maintained by Dustin Kirkland, Scott Moser, and Casey Marshall. - - -Keywords: ssh public key -Platform: any diff -Nru ssh-import-id-5.7/ssh_import_id.egg-info/requires.txt ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/requires.txt --- ssh-import-id-5.7/ssh_import_id.egg-info/requires.txt 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/requires.txt 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -Requests>=1.1.0 diff -Nru ssh-import-id-5.7/ssh_import_id.egg-info/SOURCES.txt ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/SOURCES.txt --- ssh-import-id-5.7/ssh_import_id.egg-info/SOURCES.txt 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/SOURCES.txt 1970-01-01 00:00:00.000000000 +0000 @@ -1,11 +0,0 @@ -README -setup.py -ssh_import_id/__init__.py -ssh_import_id.egg-info/PKG-INFO -ssh_import_id.egg-info/SOURCES.txt -ssh_import_id.egg-info/dependency_links.txt -ssh_import_id.egg-info/requires.txt -ssh_import_id.egg-info/top_level.txt -usr/bin/ssh-import-id -usr/bin/ssh-import-id-gh -usr/bin/ssh-import-id-lp \ No newline at end of file diff -Nru ssh-import-id-5.7/ssh_import_id.egg-info/top_level.txt ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/top_level.txt --- ssh-import-id-5.7/ssh_import_id.egg-info/top_level.txt 2018-05-11 19:15:15.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/ssh_import_id.egg-info/top_level.txt 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -ssh_import_id diff -Nru ssh-import-id-5.7/tools/build-deb ssh-import-id-5.7-24-g4001a38e/tools/build-deb --- ssh-import-id-5.7/tools/build-deb 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/tools/build-deb 2018-05-11 18:53:40.000000000 +0000 @@ -0,0 +1,120 @@ +#!/bin/sh +# This file is part of ssh-import-id. See LICENSE file for more info. + +set -e + +TEMP_D="" +UNCOMMITTED=${UNCOMMITTED:-0} +RELEASE=${RELEASE:-UNRELEASED} + +fail() { echo "$@" 1>&2; exit 1; } +cleanup() { + [ -z "$TEMP_D" ] || rm -Rf "$TEMP_D" +} + +if [ "$1" = "-h" -o "$1" = "--help" ]; then + cat <&2 +fi + +TEMP_D=$(mktemp -d "${TMPDIR:-/tmp}/${bname}.XXXXXX") + +trap cleanup EXIT + +echo "building version ${uver}, debian_ver=${clogver_debian}" + +dir="${sourcename}-$uver" +tarball="${sourcename}_$uver.orig.tar.gz" + +myd=$(dirname "$0") +"$myd/make-tarball" --output="$TEMP_D/$tarball" --long "$ref" +echo "created ${tarball}" + +cd "${TEMP_D}" +tar xzf "$tarball" || fail "failed extract tarball" + +if [ ! -d "$dir" ]; then + # make-tarball will create the directory name based on the + # contents of debian/changelog.trunk in the version provided. + # if that differs from what is here, then user has changes. + for d in ${sourcename}*; do + [ -d "$d" ] && break + done + if [ -d "$d" ]; then + { + echo "WARNING: git at '${uver}' had different version" + echo " in debian/changelog.trunk than your tree. version there" + echo " is '$d' working directory had $uver" + } 1>&2 + dir=$d + else + echo "did not find a directory created by make-tarball. sorry." 1>&2 + exit + fi +fi +cd "$dir" || fail "failed cd $dir" + +# move files ending in .trunk to name without .trunk +# ie, this copies debian/changelog.trunk to debian/changelog +for f in debian/*.trunk; do + mv "$f" "${f%.trunk}" +done + +# first line of debian/changelog looks like +# curtin () UNRELEASED; urgency=low +# fix the version and UNRELEASED +sed -i -e "1s,([^)]*),(${clogver_new})," \ + -e "1s,UNRELEASED,${RELEASE}," debian/changelog || + fail "failed to write debian/changelog" +debuild "$@" || fail "debuild failed" + +cd "$TEMP_D" +for f in *; do + [ -f "$f" ] || continue + cp "$f" "$start_d" || fail "failed copy $f" + echo "wrote $f" +done +exit + +# vi: ts=4 expandtab syntax=sh diff -Nru ssh-import-id-5.7/tools/make-tarball ssh-import-id-5.7-24-g4001a38e/tools/make-tarball --- ssh-import-id-5.7/tools/make-tarball 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/tools/make-tarball 2018-05-11 18:53:40.000000000 +0000 @@ -0,0 +1,65 @@ +#!/bin/sh +set -e + +TEMP_D="" +cleanup() { + [ -z "$TEMP_D" ] || rm -Rf "${TEMP_D}" +} +trap cleanup EXIT + +Usage() { + cat <&2; exit 1; } + +long_opt="" +while [ $# -ne 0 ]; do + cur=$1; next=$2 + case "$cur" in + -o|--output) output=$next; shift;; + --long) long_opt="--long";; + --) shift; break;; + esac + shift; +done + +rev=${1:-HEAD} +version=$(git describe \ + --exclude "*-0ubuntu1" \ + --abbrev=8 "--match=[0-9]*" ${long_opt} $rev) + +archive_base="ssh-import-id-$version" +if [ -z "$output" ]; then + output="$archive_base.tar.gz" +fi + +# when building an archiving from HEAD, ensure that there aren't any +# uncomitted changes in the working directory (because these would not +# end up in the archive). +if [ "$rev" = HEAD ] && ! git diff-index --quiet HEAD --; then + if [ -z "$SKIP_UNCOMITTED_CHANGES_CHECK" ]; then + echo "ERROR: There are uncommitted changes in your working directory." >&2 + exit 1 + else + echo "WARNING: There are uncommitted changes in your working directory." >&2 + echo " This changes will not be included in the archive." >&2 + fi +fi + +TEMP_D=$(mktemp -d) +tar=${output##*/} +tar="$TEMP_D/${tar%.gz}" +git archive --format=tar --prefix="$archive_base/" "$rev" > "$tar" +gzip -9 -c "$tar" > "$output" +echo "$output" diff -Nru ssh-import-id-5.7/tox.ini ssh-import-id-5.7-24-g4001a38e/tox.ini --- ssh-import-id-5.7/tox.ini 1970-01-01 00:00:00.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/tox.ini 2018-05-11 18:53:40.000000000 +0000 @@ -0,0 +1,16 @@ +[tox] +envlist = pycodestyle, pylint +recreate = True + +[testenv:pycodestyle] +basepython = python3 +deps = + pycodestyle==2.4.0 +commands = {envpython} -m pycodestyle {posargs:ssh_import_id/} + +[testenv:pylint] +basepython = python3 +deps = + pylint==1.8.1 +commands = {envpython} -m pylint --output-format=parseable \ + {posargs:ssh_import_id/} diff -Nru ssh-import-id-5.7/usr/bin/ssh-import-id ssh-import-id-5.7-24-g4001a38e/usr/bin/ssh-import-id --- ssh-import-id-5.7/usr/bin/ssh-import-id 2016-09-16 15:13:35.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/usr/bin/ssh-import-id 1970-01-01 00:00:00.000000000 +0000 @@ -1,61 +0,0 @@ -#!/usr/bin/env python3 -# -# ssh-import-id - Authorize SSH public keys from trusted online identities -# -# Copyright (c) 2013 Casey Marshall -# Copyright (c) 2013-16 Dustin Kirkland -# -# ssh-import-id is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, version 3. -# -# ssh-import-id is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with ssh-import-id. If not, see . - - -import argparse -import sys -from ssh_import_id import * - - -def main(): - errors = [] - try: - os.umask(0o177) - parser.options = parser.parse_args() - keys = [] - for userid in parser.options.userids: - user_pieces = userid.split(':') - if len(user_pieces) == 2: - proto, username = user_pieces - elif len(user_pieces) == 1: - proto, username = DEFAULT_PROTO, userid - else: - die("Invalid user ID: [%s]" % (userid)) - if parser.options.remove: - k = remove_keys(proto, username) - keys.extend(k) - action = "Removed" - else: - k = import_keys(proto, username, parser.options.useragent) - keys.extend(k) - action = "Authorized" - if len(k) == 0: - errors.append(userid) - logging.info("[%d] SSH keys [%s]" % (len(keys), action)) - except (Exception,): - e = sys.exc_info()[1] - die("%s" % (str(e))) - cleanup() - if len(errors) > 0: - die("No matching keys found for [%s]" % ','.join(errors)) - os._exit(0) - - -if __name__ == '__main__': - main() diff -Nru ssh-import-id-5.7/usr/bin/ssh-import-id-gh ssh-import-id-5.7-24-g4001a38e/usr/bin/ssh-import-id-gh --- ssh-import-id-5.7/usr/bin/ssh-import-id-gh 2016-01-30 05:11:11.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/usr/bin/ssh-import-id-gh 2018-05-11 18:53:40.000000000 +0000 @@ -19,5 +19,5 @@ set -e for i in $@; do - ssh-import-id gh:$i + ssh-import-id gh:$i done diff -Nru ssh-import-id-5.7/usr/bin/ssh-import-id-lp ssh-import-id-5.7-24-g4001a38e/usr/bin/ssh-import-id-lp --- ssh-import-id-5.7/usr/bin/ssh-import-id-lp 2016-01-30 05:11:25.000000000 +0000 +++ ssh-import-id-5.7-24-g4001a38e/usr/bin/ssh-import-id-lp 2018-05-11 18:53:40.000000000 +0000 @@ -19,5 +19,5 @@ set -e for i in $@; do - ssh-import-id lp:$i + ssh-import-id lp:$i done