Import patches-unapplied version 2.2.6-0ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: d064ab0bffd429382ea4fafeb144784d403848bd

New changelog entries:
  * New upstream release (LP: #1661750).
  * debian/control:
    - Change the maintainer to Ubuntu Developers (LP: #1657528).
    - Add the dependency of isc-dhcp-client as our maintainer scripts assume
      it's installed.
    - Add trailing commas to dependencies, add whitespaces.
  * Rename ephemeral-disk-warning.sh to ephemeral-disk-warning (lintian error).
  * debian/docs:
    - Remove LICENSE.txt as it's redundant.
  * debian/postinst:
    - Stop checking for update-initramfs existence using the absolute path, use
      the 'command' command instead to make lintian happy.
  * Remove debian/patches/disable-auto-update.patch:
    - We now ship with auto-updates enabled (LP: #1650522).
  * debian/maintscript:
    - Add a maintscript to rename the old logrotate file on upgrade from an
      ancient version of walinuxagent (LP: #1673152).

4 files changed, 57 insertions, 35 deletions

diff --git a/azurelinuxagent/common/utils/fileutil.py b/azurelinuxagent/common/utils/fileutil.py
index b0b6fb7..8713d0c 100644
--- a/azurelinuxagent/common/utils/fileutil.py
+++ b/azurelinuxagent/common/utils/fileutil.py
@@ -140,9 +140,9 @@ def update_conf_file(path, line_start, val, chk_err=False):
     if not os.path.isfile(path) and chk_err:
         raise IOError("Can't find config file:{0}".format(path))
     conf = read_file(path).split('\n')
-    conf = [x for x in conf if not x.startswith(line_start)]
+    conf = [x for x in conf if x is not None and len(x) > 0 and not x.startswith(line_start)]
     conf.append(val)
-    write_file(path, '\n'.join(conf))
+    write_file(path, '\n'.join(conf) + '\n')
 
 def search_file(target_dir_name, target_file_name):
     for root, dirs, files in os.walk(target_dir_name):
diff --git a/azurelinuxagent/common/utils/restutil.py b/azurelinuxagent/common/utils/restutil.py
index 7c9ee17..7197370 100644
--- a/azurelinuxagent/common/utils/restutil.py
+++ b/azurelinuxagent/common/utils/restutil.py
@@ -29,6 +29,7 @@ REST api util functions
 """
 
 RETRY_WAITING_INTERVAL = 10
+secure_warning = True
 
 
 def _parse_url(url):
@@ -85,7 +86,7 @@ def _http_request(method, host, rel_uri, port=None, data=None, secure=False,
                                              timeout=10)
             url = rel_uri
 
-    logger.verbose("HTTPConnection [{0}] [{1}] [{2}] [{3}]",
+    logger.verbose("HTTP connection [{0}] [{1}] [{2}] [{3}]",
                    method,
                    url,
                    data,
@@ -104,6 +105,7 @@ def http_request(method, url, data, headers=None, max_retry=3,
     On error, sleep 10 and retry max_retry times.
     """
     host, port, secure, rel_uri = _parse_url(url)
+    global secure_warning
 
     # Check proxy
     proxy_host, proxy_port = (None, None)
@@ -112,24 +114,22 @@ def http_request(method, url, data, headers=None, max_retry=3,
 
     # If httplib module is not built with ssl support. Fallback to http
     if secure and not hasattr(httpclient, "HTTPSConnection"):
-        logger.warn("httplib is not built with ssl support")
         secure = False
+        if secure_warning:
+            logger.warn("httplib is not built with ssl support")
+            secure_warning = False
 
     # If httplib module doesn't support https tunnelling. Fallback to http
     if secure and proxy_host is not None and proxy_port is not None \
             and not hasattr(httpclient.HTTPSConnection, "set_tunnel"):
-        logger.warn("httplib does not support https tunnelling "
-                    "(new in python 2.7)")
         secure = False
+        if secure_warning:
+            logger.warn("httplib does not support https tunnelling "
+                        "(new in python 2.7)")
+            secure_warning = False
 
-    logger.verbose("HTTP method: [{0}]", method)
-    logger.verbose("HTTP host: [{0}]", host)
-    logger.verbose("HTTP uri: [{0}]", rel_uri)
-    logger.verbose("HTTP port: [{0}]", port)
-    logger.verbose("HTTP data: [{0}]", data)
-    logger.verbose("HTTP secure: [{0}]", secure)
-    logger.verbose("HTTP headers: [{0}]", headers)
-    logger.verbose("HTTP proxy: [{0}:{1}]", proxy_host, proxy_port)
+    if proxy_host or proxy_port:
+        logger.verbose("HTTP proxy: [{0}:{1}]", proxy_host, proxy_port)
 
     retry_msg = ''
     log_msg = "HTTP {0}".format(method)
@@ -152,8 +152,14 @@ def http_request(method, url, data, headers=None, max_retry=3,
             retry_interval = 5
         except IOError as e:
             retry_msg = 'IO error: {0} {1}'.format(log_msg, e)
-            retry_interval = 0
-            max_retry = 0
+            # error 101: network unreachable; when the adapter resets we may
+            # see this transient error for a short time, retry once.
+            if e.errno == 101:
+                retry_interval = RETRY_WAITING_INTERVAL
+                max_retry = 1
+            else:
+                retry_interval = 0
+                max_retry = 0
 
         if retry < max_retry:
             logger.info("Retry [{0}/{1} - {3}]",
diff --git a/azurelinuxagent/common/utils/shellutil.py b/azurelinuxagent/common/utils/shellutil.py
index d273c92..4efcbc4 100644
--- a/azurelinuxagent/common/utils/shellutil.py
+++ b/azurelinuxagent/common/utils/shellutil.py
@@ -17,13 +17,11 @@
 # Requires Python 2.4+ and Openssl 1.0+
 #
 
-import platform
-import os
 import subprocess
-from azurelinuxagent.common.future import ustr
 import azurelinuxagent.common.logger as logger
+from azurelinuxagent.common.future import ustr
 
-if not hasattr(subprocess,'check_output'):
+if not hasattr(subprocess, 'check_output'):
     def check_output(*popenargs, **kwargs):
         r"""Backport from subprocess module from python 2.7"""
         if 'stdout' in kwargs:
@@ -39,51 +37,58 @@ if not hasattr(subprocess,'check_output'):
             raise subprocess.CalledProcessError(retcode, cmd, output=output)
         return output
 
+
     # Exception classes used by this module.
     class CalledProcessError(Exception):
         def __init__(self, returncode, cmd, output=None):
             self.returncode = returncode
             self.cmd = cmd
             self.output = output
+
         def __str__(self):
             return ("Command '{0}' returned non-zero exit status {1}"
                     "").format(self.cmd, self.returncode)
 
-    subprocess.check_output=check_output
-    subprocess.CalledProcessError=CalledProcessError
 
+    subprocess.check_output = check_output
+    subprocess.CalledProcessError = CalledProcessError
 
 """
 Shell command util functions
 """
+
+
 def run(cmd, chk_err=True):
     """
     Calls run_get_output on 'cmd', returning only the return code.
     If chk_err=True then errors will be reported in the log.
     If chk_err=False then errors will be suppressed from the log.
     """
-    retcode,out=run_get_output(cmd,chk_err)
+    retcode, out = run_get_output(cmd, chk_err)
     return retcode
 
+
 def run_get_output(cmd, chk_err=True, log_cmd=True):
     """
     Wrapper for subprocess.check_output.
-    Execute 'cmd'.  Returns return code and STDOUT, trapping expected exceptions.
+    Execute 'cmd'.  Returns return code and STDOUT, trapping expected
+    exceptions.
     Reports exceptions to Error if chk_err parameter is True
     """
     if log_cmd:
         logger.verbose(u"run cmd '{0}'", cmd)
     try:
-        output=subprocess.check_output(cmd,stderr=subprocess.STDOUT,shell=True)
+        output = subprocess.check_output(cmd, stderr=subprocess.STDOUT,
+                                         shell=True)
         output = ustr(output, encoding='utf-8', errors="backslashreplace")
-    except subprocess.CalledProcessError as e :
+    except subprocess.CalledProcessError as e:
         output = ustr(e.output, encoding='utf-8', errors="backslashreplace")
         if chk_err:
             if log_cmd:
                 logger.error(u"run cmd '{0}' failed", e.cmd)
             logger.error(u"Error Code:{0}", e.returncode)
             logger.error(u"Result:{0}", output)
-        return e.returncode, output 
+        return e.returncode, output
     return 0, output
 
 
@@ -103,5 +108,4 @@ def quote(word_list):
 
     return " ".join(list("'{0}'".format(s.replace("'", "'\\''")) for s in word_list))
 
-
 # End shell command util functions
diff --git a/azurelinuxagent/common/utils/textutil.py b/azurelinuxagent/common/utils/textutil.py
index 59b8fe7..2d99f6f 100644
--- a/azurelinuxagent/common/utils/textutil.py
+++ b/azurelinuxagent/common/utils/textutil.py
@@ -221,15 +221,24 @@ def hexstr_to_bytearray(a):
 
 
 def set_ssh_config(config, name, val):
-    notfound = True
+    found = False
+    no_match = -1
+
+    match_start = no_match
     for i in range(0, len(config)):
-        if config[i].startswith(name):
+        if config[i].startswith(name) and match_start == no_match:
             config[i] = "{0} {1}".format(name, val)
-            notfound = False
-        elif config[i].startswith("Match"):
-            # Match block must be put in the end of sshd config
-            break
-    if notfound:
+            found = True
+        elif config[i].lower().startswith("match"):
+            if config[i].lower().startswith("match all"):
+                # outside match block
+                match_start = no_match
+            elif match_start == no_match:
+                # inside match block
+                match_start = i
+    if not found:
+        if match_start != no_match:
+            i = match_start
         config.insert(i, "{0} {1}".format(name, val))
     return config
 
@@ -267,6 +276,9 @@ def gen_password_hash(password, crypt_id, salt_len):
     collection = string.ascii_letters + string.digits
     salt = ''.join(random.choice(collection) for _ in range(salt_len))
     salt = "${0}${1}".format(crypt_id, salt)
+    if sys.version_info[0] == 2:
+        # if python 2.*, encode to type 'str' to prevent Unicode Encode Error from crypt.crypt
+        password = password.encode('utf-8')
     return crypt.crypt(password, salt)