cause tes to parse the certs to get the username rather than hardcoding it to chines :-P

aa6b4259 · Chris Hines · 019d1d93 · aa6b4259 · aa6b4259
Commit aa6b4259 authored 6 years ago by Chris Hines
--- a/tes/apiendpoints.py
+++ b/tes/apiendpoints.py
@@ -74,12 +74,23 @@ class AddKey(Resource):
        sshsess.refresh()
        return "OK"

+    def get(self):
+        from .localtunnelstat import SSHSession
+        sshsess = SSHSession.get_sshsession()
+        return sshsess.get_principals_and_hosts()
+
 def get_conn_params():
    """
    Return parameters relating to the backend compute service
    Retrieve them from the session (ideally)
    """
-    return get_m3_params()
+    params =  get_m3_params()
+    # Default assume there is only one certificate with one principal available
+    sshsess = SSHSession.get_sshsession()
+    certs = sshsess.get_cert_contents()
+    params['user'] = certs[0]['Principals'][0]
+    return params
+    

 def get_m3_params():
    """
@@ -89,7 +100,7 @@ def get_m3_params():
    """
    params = {}
    params['host'] = 'm3.massive.org.au'
-    params['user'] = 'chines'
+    #params['user'] = 'chines'
    params['cancelcmd'] = 'scancel {jobid}'
    params['statcmd'] = '/home/chines/jsonstat.py'
    params['submitcmd'] = 'sbatch --partition=m3f'

--- a/tes/localtunnelstat/__init__.py
+++ b/tes/localtunnelstat/__init__.py
@@ -21,12 +21,13 @@ class SSHSession:
        self.pids = []
        self.authtok = None
        self.__dict__.update(kwargs)
-        self.sshagent = ['ssh-agent']
-        self.sshadd = ['ssh-add']
+        self.sshagent = 'ssh-agent'
+        self.sshadd = 'ssh-add'
+        self.sshkeygen = 'ssh-keygen'

    def start_agent(self):
        import subprocess
-        p = subprocess.Popen(self.sshagent,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
+        p = subprocess.Popen([self.sshagent],stdout=subprocess.PIPE,stderr=subprocess.PIPE)
        (stdout,stderr) = p.communicate()
        for l in stdout.decode().split(';'):
            if 'SSH_AUTH_SOCK=' in l:
@@ -51,7 +52,7 @@ class SSHSession:
        certf.close()
        env = os.environ.copy()
        env['SSH_AUTH_SOCK'] = self.socket
-        cmd = self.sshadd
+        cmd = [self.sshadd]
        cmd.append(keyname)
        p = subprocess.Popen(cmd,stdout=subprocess.PIPE,stderr=subprocess.PIPE,env=env)
        (_,_) = p.communicate()
@@ -60,6 +61,39 @@ class SSHSession:
        os.unlink(keyname+'-cert.pub')
        os.unlink(keyname)

+    def get_cert_contents(self):
+        res=[]
+        env = os.environ.copy()
+        env['SSH_AUTH_SOCK'] = self.socket
+        cmd = [self.sshadd,'-L']
+        p = subprocess.Popen(cmd,stdout=subprocess.PIPE,stderr=subprocess.PIPE,env=env)
+        (stdout,stderr) = p.communicate()
+        for l in stdout.decode().splitlines():
+            if 'cert' in l:
+                p = subprocess.Popen([self.sshkeygen,'-L','-f','-'],stdout,subprocess.PIPE,stderr=subprocess.PIPE)
+                keygenout,keygenerr = p.communicate()
+                res.extend(SSHSession.parse_cert_contents(stdout.decode().splitlines()))
+        return res
+
+    @staticmethod
+    def parse_cert_contents(lines):
+        key = None
+        values = []
+        res = {}
+        for l in lines:
+            if ':' in l:
+                if key is not None:
+                    res[key] = values
+                values = []
+                (key,v) = l.split(':')
+                if v is not None:
+                    values = [v]
+            else:
+                values.append(l)
+        return res
+
+
+
    def refresh(self):
        import datetime
        self.last = datetime.datetime.now()