From 9aa76cf9ceab6e5f0e19ae4009728870f92260af Mon Sep 17 00:00:00 2001
From: David Wilson <dw@botanicus.net>
Date: Tue, 30 Oct 2018 11:20:32 +0000
Subject: [PATCH 1/3] tests: better Docker test key comment.

---
 tests/data/docker/mitogen__has_sudo_pubkey.key.pub | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/data/docker/mitogen__has_sudo_pubkey.key.pub b/tests/data/docker/mitogen__has_sudo_pubkey.key.pub
index 245ce379e..b132d993c 100644
--- a/tests/data/docker/mitogen__has_sudo_pubkey.key.pub
+++ b/tests/data/docker/mitogen__has_sudo_pubkey.key.pub
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCkMz7vE4piReKXBNarhGhzfMr6g7capaUHllxThmtm4ndlM3kbiEFvxI9P7s17T50CycfesJf5/1bmLxACROtdMGrgBrCAAGwEy2qnCNPhqrLpd2amoLUkBcthmiaTVmU+eMMHm8ubxh0qEauXOaaVqXTGcK1bGMsufLYGr0lv5RE2AErg9jPYkh6qT0CpxGtRmfbYubFAIunP5gxHgiOQrD7Yzs2NFDqPq9rRuvRMGX/XLpDurFm9x16LTx1fDSU1aqmu88QMJtXoMyPlHCqd5x/FdZ1KorR79LB+H/cptB1/ND1geZv5OAD8ydCc3nNGi8hiyPobb6jOX68agXyX dmw@Eldil.local
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCkMz7vE4piReKXBNarhGhzfMr6g7capaUHllxThmtm4ndlM3kbiEFvxI9P7s17T50CycfesJf5/1bmLxACROtdMGrgBrCAAGwEy2qnCNPhqrLpd2amoLUkBcthmiaTVmU+eMMHm8ubxh0qEauXOaaVqXTGcK1bGMsufLYGr0lv5RE2AErg9jPYkh6qT0CpxGtRmfbYubFAIunP5gxHgiOQrD7Yzs2NFDqPq9rRuvRMGX/XLpDurFm9x16LTx1fDSU1aqmu88QMJtXoMyPlHCqd5x/FdZ1KorR79LB+H/cptB1/ND1geZv5OAD8ydCc3nNGi8hiyPobb6jOX68agXyX mitogen__has_sudo_pubkey@testdata

From 96f000c5ea1fa3e2330106dbd21fcbf3d6a64a2b Mon Sep 17 00:00:00 2001
From: David Wilson <dw@botanicus.net>
Date: Tue, 30 Oct 2018 14:58:35 +0000
Subject: [PATCH 2/3] ansible: tilde-expand SSH key before passing to SSH;
 closes #334.

---
 ansible_mitogen/connection.py            |  8 +++++++-
 tests/ansible/integration/ssh/all.yml    |  1 +
 tests/ansible/integration/ssh/config.yml | 19 +++++++++++++++++++
 3 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 tests/ansible/integration/ssh/config.yml

diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py
index f2725e9d4..df10884ae 100644
--- a/ansible_mitogen/connection.py
+++ b/ansible_mitogen/connection.py
@@ -92,6 +92,12 @@ def _connect_ssh(spec):
     else:
         check_host_keys = 'ignore'
 
+    # #334: tilde-expand private_key_file to avoid implementation difference
+    # between Python and OpenSSH.
+    private_key_file = spec['private_key_file']
+    if private_key_file is not None:
+        private_key_file = os.path.expanduser(private_key_file)
+
     return {
         'method': 'ssh',
         'kwargs': {
@@ -101,7 +107,7 @@ def _connect_ssh(spec):
             'password': optional_secret(spec['password']),
             'port': spec['port'],
             'python_path': spec['python_path'],
-            'identity_file': spec['private_key_file'],
+            'identity_file': private_key_file,
             'identities_only': False,
             'ssh_path': spec['ssh_executable'],
             'connect_timeout': spec['ansible_ssh_timeout'],
diff --git a/tests/ansible/integration/ssh/all.yml b/tests/ansible/integration/ssh/all.yml
index 2425943aa..a8335ab7d 100644
--- a/tests/ansible/integration/ssh/all.yml
+++ b/tests/ansible/integration/ssh/all.yml
@@ -1,2 +1,3 @@
+- import_playbook: config.yml
 - import_playbook: timeouts.yml
 - import_playbook: variables.yml
diff --git a/tests/ansible/integration/ssh/config.yml b/tests/ansible/integration/ssh/config.yml
new file mode 100644
index 000000000..07ad1c210
--- /dev/null
+++ b/tests/ansible/integration/ssh/config.yml
@@ -0,0 +1,19 @@
+# issue #334: test expanduser() on key file during config generation.
+
+- name: integration/ssh/config.yml
+  hosts: test-targets
+  connection: ssh
+  vars:
+    ansible_private_key_file: ~/fakekey
+  tasks:
+    - meta: end_play
+      when: not is_mitogen
+
+    - mitogen_get_stack:
+      register: out
+
+    - assert:
+        that: |
+          out.result[0].kwargs.identity_file == (
+            lookup('env', 'HOME') + '/fakekey'
+          )

From 766dce9a5952fb0879903f49ec9e343b38835161 Mon Sep 17 00:00:00 2001
From: David Wilson <dw@botanicus.net>
Date: Tue, 30 Oct 2018 15:02:46 +0000
Subject: [PATCH 3/3] docs: update Changelog

---
 docs/changelog.rst | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/docs/changelog.rst b/docs/changelog.rst
index 0d7d9766e..c1fe401e0 100644
--- a/docs/changelog.rst
+++ b/docs/changelog.rst
@@ -36,6 +36,17 @@ Enhancements
 Fixes
 ^^^^^
 
+* `#334 <https://github.com/dw/mitogen/issues/334>`_: the SSH method
+   tilde-expands private key paths using Ansible's logic. Previously Mitogen
+   passed the path unmodified to SSH, which would expand it using
+   :func:`os.getpwent`.
+
+   This differs from :func:`os.path.expanduser`, which prefers the ``HOME``
+   environment variable if it is set, causing behaviour to diverge when Ansible
+   was invoked using sudo without appropriate flags to cause the ``HOME``
+   environment variable to be reset to match the target account.
+
+
 Core Library
 ~~~~~~~~~~~~
 
@@ -68,6 +79,14 @@ Core Library
   :meth:`mitogen.core.Broker.defer_sync` utility function is provided.
 
 
+Thanks!
+~~~~~~~
+
+Mitogen would not be possible without the support of users. A huge thanks for
+bug reports, features and fixes in this release contributed by
+`Guy Knights <https://github.com/knightsg>`_.
+
+
 v0.2.3 (2018-10-23)
 -------------------