| Index: utils/ssh/authorisedkeys.go |
| === modified file 'utils/ssh/authorisedkeys.go' |
| --- utils/ssh/authorisedkeys.go 2014-01-30 06:08:57 +0000 |
| +++ utils/ssh/authorisedkeys.go 2014-02-12 18:18:40 +0000 |
| @@ -17,6 +17,7 @@ |
| "code.google.com/p/go.crypto/ssh" |
| "github.com/loggo/loggo" |
| + "launchpad.net/errgo/errors" |
| "launchpad.net/juju-core/utils" |
| ) |
| @@ -45,7 +46,7 @@ |
| func ParseAuthorisedKey(line string) (*AuthorisedKey, error) { |
| key, comment, _, _, ok := ssh.ParseAuthorizedKey([]byte(line)) |
| if !ok { |
| - return nil, fmt.Errorf("invalid authorized_key %q", line) |
| + return nil, errors.Newf("invalid authorized_key %q", line) |
| } |
| keyBytes := ssh.MarshalPublicKey(key) |
| return &AuthorisedKey{ |
| @@ -75,7 +76,7 @@ |
| keyDir := fmt.Sprintf(authKeysDir, username) |
| sshKeyFile, err := utils.NormalizePath(filepath.Join(keyDir, authKeysFile)) |
| if err != nil { |
| - return nil, err |
| + return nil, wrap(err) |
| } |
| logger.Debugf("reading authorised keys file %s", sshKeyFile) |
| keyData, err := ioutil.ReadFile(sshKeyFile) |
| @@ -83,7 +84,7 @@ |
| return []string{}, nil |
| } |
| if err != nil { |
| - return nil, fmt.Errorf("reading ssh authorised keys file: %v", err) |
| + return nil, errors.Wrapf(err, "reading ssh authorised keys file") |
| } |
| var keys []string |
| for _, key := range strings.Split(string(keyData), "\n") { |
| @@ -99,11 +100,11 @@ |
| keyDir := fmt.Sprintf(authKeysDir, username) |
| keyDir, err := utils.NormalizePath(keyDir) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| err = os.MkdirAll(keyDir, os.FileMode(0755)) |
| if err != nil { |
| - return fmt.Errorf("cannot create ssh key directory: %v", err) |
| + return errors.Wrapf(err, "cannot create ssh key directory") |
| } |
| keyData := strings.Join(keys, "\n") + "\n" |
| @@ -117,13 +118,13 @@ |
| // Write the data to a temp file |
| tempDir, err := ioutil.TempDir(keyDir, "") |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| tempFile := filepath.Join(tempDir, "newkeyfile") |
| defer os.RemoveAll(tempDir) |
| err = ioutil.WriteFile(tempFile, []byte(keyData), perms) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| // Rename temp file to the final location and ensure its owner |
| @@ -140,20 +141,21 @@ |
| u, err = user.Lookup(username) |
| } |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| + |
| // chown requires ints but user.User has strings for windows. |
| uid, err := strconv.Atoi(u.Uid) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| gid, err := strconv.Atoi(u.Gid) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| err = os.Chown(tempFile, uid, gid) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| } |
| return os.Rename(tempFile, sshKeyFile) |
| @@ -171,15 +173,15 @@ |
| defer mutex.Unlock() |
| existingKeys, err := readAuthorisedKeys(user) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| for _, newKey := range newKeys { |
| fingerprint, comment, err := KeyFingerprint(newKey) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| if comment == "" { |
| - return fmt.Errorf("cannot add ssh key without comment") |
| + return errors.Newf("cannot add ssh key without comment") |
| } |
| for _, key := range existingKeys { |
| existingFingerprint, existingComment, err := KeyFingerprint(key) |
| @@ -191,10 +193,10 @@ |
| continue |
| } |
| if existingFingerprint == fingerprint { |
| - return fmt.Errorf("cannot add duplicate ssh key: %v", fingerprint) |
| + return errors.Newf("cannot add duplicate ssh key: %v", fingerprint) |
| } |
| if existingComment == comment { |
| - return fmt.Errorf("cannot add ssh key with duplicate comment: %v", comment) |
| + return errors.Newf("cannot add ssh key with duplicate comment: %v", comment) |
| } |
| } |
| } |
| @@ -210,8 +212,9 @@ |
| defer mutex.Unlock() |
| existingKeyData, err := readAuthorisedKeys(user) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| + |
| // Build up a map of keys indexed by fingerprint, and fingerprints indexed by comment |
| // so we can easily get the key represented by each keyId, which may be either a fingerprint |
| // or comment. |
| @@ -239,7 +242,7 @@ |
| fingerprint, ok = keyComments[keyId] |
| } |
| if !ok { |
| - return fmt.Errorf("cannot delete non existent key: %v", keyId) |
| + return errors.Newf("cannot delete non existent key: %v", keyId) |
| } |
| delete(sshKeys, fingerprint) |
| } |
| @@ -247,7 +250,7 @@ |
| keysToWrite = append(keysToWrite, key) |
| } |
| if len(keysToWrite) == 0 { |
| - return fmt.Errorf("cannot delete all keys") |
| + return errors.Newf("cannot delete all keys") |
| } |
| return writeAuthorisedKeys(user, keysToWrite) |
| } |
| @@ -261,7 +264,7 @@ |
| existingKeyData, err := readAuthorisedKeys(user) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| var existingNonKeyLines []string |
| for _, line := range existingKeyData { |
| @@ -273,10 +276,10 @@ |
| for _, newKey := range newKeys { |
| _, comment, err := KeyFingerprint(newKey) |
| if err != nil { |
| - return err |
| + return wrap(err) |
| } |
| if comment == "" { |
| - return fmt.Errorf("cannot add ssh key without comment") |
| + return errors.Newf("cannot add ssh key without comment") |
| } |
| } |
| return writeAuthorisedKeys(user, append(existingNonKeyLines, newKeys...)) |
| @@ -288,7 +291,7 @@ |
| defer mutex.Unlock() |
| keyData, err := readAuthorisedKeys(user) |
| if err != nil { |
| - return nil, err |
| + return nil, wrap(err) |
| } |
| var keys []string |
| for _, key := range keyData { |
