Calcul des hash; simplification et migration pour sshfpr

2024-11-22 03:13:12 +00:00 · 2018-07-29 13:46:52 +02:00 · 2018-07-29 13:46:52 +02:00 · fe50f23ea1
commit fe50f23ea1
parent ce0b67209f
2 changed files with 61 additions and 1 deletions
--- a/machines/migrations/0084_sshfingerprint.py
+++ b/machines/migrations/0084_sshfingerprint.py
@ -0,0 +1,33 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.7 on 2018-07-29 11:39
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+import django.db.models.deletion
+import re2o.mixins
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('machines', '0083_remove_duplicate_rights'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='SshFingerprint',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('pub_key_entry', models.TextField(help_text='SSH public key', max_length=2048)),
+                ('algo', models.CharField(choices=[('ssh-rsa', 'ssh-rsa'), ('ssh-ed25519', 'ssh-ed25519'), ('ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp256'), ('ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp384'), ('ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521'), ('ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521')], max_length=32)),
+                ('comment', models.CharField(blank=True, help_text='Comment', max_length=255, null=True)),
+                ('machine', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine')),
+            ],
+            options={
+                'verbose_name': 'SSH fingerprint',
+                'verbose_name_plural': 'SSH fingerprints',
+                'permissions': (('view_sshfingerprint', 'Can see an SSH fingerprint'),),
+            },
+            bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model),
+        ),
+    ]
--- a/machines/models.py
+++ b/machines/models.py
@ -32,6 +32,8 @@ import re
 from ipaddress import IPv6Address
 from itertools import chain
 from netaddr import mac_bare, EUI, IPSet, IPRange, IPNetwork, IPAddress
+import hashlib
+import base64

 from django.db import models
 from django.db.models.signals import post_save, post_delete
@ -229,6 +231,25 @@ class SshFingerprint(RevMixin, AclMixin, models.Model):
        blank=True
    )

+    @cached_property
+    def algo_id(self):
+        """Return the id of the algorithme for this key"""
+        if "ecdsa" in self.algo:
+            return 3
+        elif "rsa" in self.algo:
+            return 1
+        else:
+            return 2
+
+    @cached_property
+    def hash(self):
+        """Return the hashs for the pub key with correct id
+        cf RFC, 1 is sha1 , 2 sha256"""
+        return {
+            "1" : hashlib.sha1(base64.b64decode(self.pub_key_entry)).hexdigest(),
+            "2" : hashlib.sha256(base64.b64decode(self.pub_key_entry)).hexdigest(),
+        }
+
    class Meta:
        permissions = (
            ("view_sshfingerprint", "Can see an SSH fingerprint"),
@ -246,7 +267,7 @@ class SshFingerprint(RevMixin, AclMixin, models.Model):
        return self.machine.can_delete(user_request, *args, **kwargs)

    def __str__(self):
-        return str(self.algo) + ' ' + str(self.hash_entry) + ' ' + str(self.comment)
+        return str(self.algo) + ' ' + str(self.comment)


 class MachineType(RevMixin, AclMixin, models.Model):
@ -611,6 +632,12 @@ class Extension(RevMixin, AclMixin, models.Model):
            entry += "@               IN  AAAA    " + str(self.origin_v6)
        return entry

+    def get_associated_sshfpr(self):
+        from re2o.utils import all_active_assigned_interfaces
+        return (all_active_assigned_interfaces()
+                .filter(type__ip_type__extension=self)
+                .filter(machine))
+
    def get_associated_a_records(self):
        from re2o.utils import all_active_assigned_interfaces
        return (all_active_assigned_interfaces()