There are too many possible special cases for Ansible to be able to
precheck known_hosts files without introducing all kinds of false
failures.
* Alternative known_hosts paths
* Alternative host name aliases
* ssh host certificates
* SSHFP + DNSSEC
Fixes#24860
ssh-keyscan isn't very verbose about errors. Give the user whatever
information we have available even if it isn't much. At least they will
know how we were running ssh-keyscan and why there's an error now.
Fixes#19440
* Add tests for `get_fqdn_and_port` method.
Currently tests verify original behavior - returning default `ssh-keyscan` port
Add test around `add_host_key` to verify underlying command arguments
Add some new expectations for `get_fqdn_and_port`
Test that non-standard port is passed to `ssh-keyscan` command
* Ensure ssh hostkey checks respect server port
ssh-keyscan will default to getting the host key for port 22.
If the ssh service is running on a different port, ssh-keyscan
will need to know this.
Tidy up minor flake8 issues
* Update known_hosts tests for port being None
Ensure that git urls don't try and set port when a path
is specified
Update known_hosts tests to meet flake8
* Fix stdin swap context for test_known_hosts
Move test_known_hosts from under basic, as it is its own library.
Remove module_utils.known_hosts from pep8 legacy files list
These were mostly saving exceptions but not using them. Getting rid of
those will help with eventually running modules via either python2.4 or
python3.x.
Rewrite function `get_fqdn`. It returns fqdn for all kinds of urls now.
`add_git_host_key` determines whether a url is ssh and whether its host
key should be added.
Previously, the get_fqdn() function in known_hosts.py only worked
with urls that started with git@, and ignored any urls that started
with a normal schema type (ie. http:// or ssh://). This patch corrects
that by using urlparse to parse the hostname portion out of urls that
have a proper schema.
Fixes#7474
* Adds another module utility file which generalizes the
access of urls via the urllib* libraries.
* Adds a new spec generator for common arguments.
* Makes the user-agent string configurable.
Fixes#6211
1. if accept_hostkey is false, no matter if the host key is known or not, it will fail.
2. We don't check for the host key in /etc/ssh/ssh_known_hosts
This fixes both of those issues.
Andreas Olsson
Dag Wieers
Toshio Kuratomi
Will Thames
Matt Clay
Alexey Shabalin
Yannig Perré
Michael Scherer
James Cammarata
Toshio Kuratomi
Desmond O. Chang
Matt Coddington
Casey Fitzpatrick
Matt Bray
Michal Mach
Cristian Ciupitu
Francisco José Marques Vieira
patrickheeney
Michael DeHaan
James Tanner
Rob Smith