From c43b94c187e1ba748050f76927f4990f63986b5e Mon Sep 17 00:00:00 2001
From: Valentin Samir <valentin.samir@crans.org>
Date: Sat, 1 Mar 2014 00:11:38 +0100
Subject: [PATCH] =?UTF-8?q?[populate=5FsshFingerprint]=20=C3=89criture=20s?=
 =?UTF-8?q?ur=20la=20base=20ldap=20dans=20un=20context,=20style=20plus=20l?=
 =?UTF-8?q?=C3=A9ger?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 gestion/gen_confs/populate_sshFingerprint.py | 30 +++++++++++---------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/gestion/gen_confs/populate_sshFingerprint.py b/gestion/gen_confs/populate_sshFingerprint.py
index 3b32d4b4..b3fb7042 100755
--- a/gestion/gen_confs/populate_sshFingerprint.py
+++ b/gestion/gen_confs/populate_sshFingerprint.py
@@ -57,10 +57,11 @@ def ssh_keygen(algo,size):
 	print("Nouvelle clef %s générée" % key_path)
     
 def get_machines():
-    machines=[]
+    filter=""
     for ip in  set(ip4_addresses()):
-        machines.extend(conn.search(u'ipHostNumber=%s' % ip, mode='rw'))
-    return machines
+        filter+=u'(ipHostNumber=%s)' % ip
+    filter = u"(|%s)" % filter
+    return conn.search(filter, mode='rw')
     
 def check_keys_age(key_path,algo):
     age=time.time()-os.path.getmtime(key_path)
@@ -74,22 +75,25 @@ def get_local_keys():
         key_path='/etc/ssh/ssh_host_%s_key.pub' % algo
         if os.path.isfile(key_path):
             check_keys_age(key_path,algo)
-            keys[algo]=open(key_path).read()
+            keys[algo]=unicode(open(key_path).read().strip())
     return keys
     
 def check_keys(keys):
     return dict([ (algo,key.split()[1] == ssh_keyscan('localhost',algo)) for algo,key in keys.items() ])
-    
-def publish_keys():
+
+def valid_keys():
     keys=get_local_keys()
     validation=check_keys(keys)
-    machines=get_machines()
-    for machine in machines:
-        sshkeys_old=[str(key) for key in machine.get('sshFingerprint',[])]
-        sshkeys_new=[key.decode('UTF-8') for algo,key in keys.items() if validation[algo]]
-        if not set(sshkeys_old)==set(sshkeys_new):
-            machine['sshFingerprint']=sshkeys_new
-            machine.save()
+    return [key for algo,key in keys.items() if validation[algo]]
+
+def publish_keys():
+    keys=valid_keys()
+    for machine in get_machines():
+        with machine:
+            if machine['sshFingerprint'] != keys:
+                print "Key list changed"
+                machine['sshFingerprint'] = keys
+                machine.save()
     
 
 if __name__ == '__main__' :