[populate_sshFingerprint] Écriture sur la base ldap dans un context, style plus léger

gestion/gen_confs/populate_sshFingerprint.py

@@ -57,10 +57,11 @@ def ssh_keygen(algo,size):
 	print("Nouvelle clef %s générée" % key_path)
     
 def get_machines():
-    machines=[]
+    filter=""
     for ip in  set(ip4_addresses()):
-        machines.extend(conn.search(u'ipHostNumber=%s' % ip, mode='rw'))
+        filter+=u'(ipHostNumber=%s)' % ip
-    return machines
+    filter = u"(|%s)" % filter
+    return conn.search(filter, mode='rw')
     
 def check_keys_age(key_path,algo):
     age=time.time()-os.path.getmtime(key_path)
@@ -74,21 +75,24 @@ def get_local_keys():
         key_path='/etc/ssh/ssh_host_%s_key.pub' % algo
         if os.path.isfile(key_path):
             check_keys_age(key_path,algo)
-            keys[algo]=open(key_path).read()
+            keys[algo]=unicode(open(key_path).read().strip())
     return keys
     
 def check_keys(keys):
     return dict([ (algo,key.split()[1] == ssh_keyscan('localhost',algo)) for algo,key in keys.items() ])
 
-def publish_keys():
+def valid_keys():
     keys=get_local_keys()
     validation=check_keys(keys)
-    machines=get_machines()
+    return [key for algo,key in keys.items() if validation[algo]]
-    for machine in machines:
+
-        sshkeys_old=[str(key) for key in machine.get('sshFingerprint',[])]
+def publish_keys():
-        sshkeys_new=[key.decode('UTF-8') for algo,key in keys.items() if validation[algo]]
+    keys=valid_keys()
-        if not set(sshkeys_old)==set(sshkeys_new):
+    for machine in get_machines():
-            machine['sshFingerprint']=sshkeys_new
+        with machine:
+            if machine['sshFingerprint'] != keys:
+                print "Key list changed"
+                machine['sshFingerprint'] = keys
                 machine.save()