certmaster/certmaster.py certmaster/certs.py certmaster/codes.py certmaster/CommonErrors.py certmaster/config.py certmaster/logger.py certmaster/requester.py certmaster/SSLCommon.py certmaster/SSLConnection.py certmaster/utils.py

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



 certmaster/CommonErrors.py  |    1 
 certmaster/SSLCommon.py     |    1 
 certmaster/SSLConnection.py |    2 -
 certmaster/certmaster.py    |   68 ++++++++++++++++++++++----------------------
 certmaster/certs.py         |   26 ++++++++--------
 certmaster/codes.py         |    1 
 certmaster/config.py        |   36 +++++++++++------------
 certmaster/logger.py        |    4 +-
 certmaster/requester.py     |    8 ++---
 certmaster/utils.py         |   15 ++++-----
 10 files changed, 79 insertions(+), 83 deletions(-)

New commits:
commit d7a437a33c7767917fdc963953a39286a01db696
Author: S.Ã?aÄ?lar Onur <caglar@xxxxxxxxxxxxxxxx>
Date:   Fri Oct 15 15:01:23 2010 -0400

    Whitespace cleanup which includes;
    
    * Change files to use 4-space indents and no hard tab characters.
    * Trim excess spaces and tabs from ends of lines.
    * Remove empty lines at the end of files and ensure the last line ends with a newline.
    
    Generated by http://svn.python.org/projects/python/trunk/Tools/scripts/reindent.py

diff --git a/certmaster/CommonErrors.py b/certmaster/CommonErrors.py
index 437606a..2dfb814 100644
--- a/certmaster/CommonErrors.py
+++ b/certmaster/CommonErrors.py
@@ -67,4 +67,3 @@ class CertMaster_Client_Exception(Exception):
         self.value = value
     def __str__(self):
         return "%s" %(self.value,)
-
diff --git a/certmaster/SSLCommon.py b/certmaster/SSLCommon.py
index e93ff63..5672a7f 100644
--- a/certmaster/SSLCommon.py
+++ b/certmaster/SSLCommon.py
@@ -121,4 +121,3 @@ class HTTPS(httplib.HTTP):
 
     def __init__(self, host='', port=None, ssl_context=None, strict=None, timeout=None):
         self._setup(self._connection_class(host, port, ssl_context, strict, timeout))
-
diff --git a/certmaster/SSLConnection.py b/certmaster/SSLConnection.py
index 93fabb6..4d4c162 100644
--- a/certmaster/SSLConnection.py
+++ b/certmaster/SSLConnection.py
@@ -99,7 +99,7 @@ class SSLConnection:
 
         if hasattr(data, 'tobytes'):
             data = data.tobytes()
-            
+
         starttime = time.time()
         origlen = len(data)
         sent = -1
diff --git a/certmaster/certmaster.py b/certmaster/certmaster.py
index 981efd8..7b133df 100644
--- a/certmaster/certmaster.py
+++ b/certmaster/certmaster.py
@@ -77,11 +77,11 @@ class CertMaster(object):
             print 'Cannot make certmaster certificate authority keys/certs, aborting: %s' % e
             sys.exit(1)
 
-            
+
         # open up the cakey and cacert so we have them available
         self.cakey = certs.retrieve_key_from_file(self.ca_key_file)
         self.cacert = certs.retrieve_cert_from_file(self.ca_cert_file)
-        
+
         for dirpath in [self.cfg.cadir, self.cfg.certroot, self.cfg.csrroot]:
             if not os.path.exists(dirpath):
                 os.makedirs(dirpath)
@@ -91,7 +91,7 @@ class CertMaster(object):
                  'wait_for_cert': self.wait_for_cert,
                  }
 
-        
+
     def _dispatch(self, method, params):
         if method == 'trait_names' or method == '_getAttributeNames':
             return self.handlers.keys()
@@ -102,40 +102,40 @@ class CertMaster(object):
         else:
             self.logger.info("Unhandled method call for method: %s " % method)
             raise codes.InvalidMethodException
-    
+
     def _sanitize_cn(self, commonname):
         commonname = commonname.replace('/', '')
-        commonname = commonname.replace('\\', '')       
+        commonname = commonname.replace('\\', '')
         return commonname
-    
+
     def wait_for_cert(self, csrbuf, with_triggers=True):
         """
            takes csr as a string
            returns True, caller_cert, ca_cert
            returns False, '', ''
         """
-       
+
         try:
             csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, csrbuf)
         except crypto.Error, e:
             #XXX need to raise a fault here and document it - but false is just as good
             return False, '', ''
-            
+
         requesting_host = self._sanitize_cn(csrreq.get_subject().CN)
 
         if with_triggers:
-            self._run_triggers(requesting_host, '/var/lib/certmaster/triggers/request/pre/*') 
+            self._run_triggers(requesting_host, '/var/lib/certmaster/triggers/request/pre/*')
 
         self.logger.info("%s requested signing of cert %s" % (requesting_host,csrreq.get_subject().CN))
         # get rid of dodgy characters in the filename we're about to make
-        
+
         certfile = '%s/%s.cert' % (self.cfg.certroot, requesting_host)
         csrfile = '%s/%s.csr' % (self.cfg.csrroot, requesting_host)
 
         # check for old csr on disk
         # if we have it - compare the two - if they are not the same - raise a fault
         self.logger.debug("csrfile: %s  certfile: %s" % (csrfile, certfile))
-   
+
         if os.path.exists(csrfile):
             oldfo = open(csrfile)
             oldcsrbuf = oldfo.read()
@@ -149,7 +149,7 @@ class CertMaster(object):
                 self.logger.info("A cert for %s already exists and does not match the requesting cert" % (requesting_host))
                 # XXX raise a proper fault
             return False, '', ''
-        
+
 
         # look for a cert:
         # if we have it, then return True, etc, etc
@@ -160,21 +160,21 @@ class CertMaster(object):
             if with_triggers:
                 self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/request/post/*')
             return True, cert_buf, cacert_buf
-        
+
         # if we don't have a cert then:
         # if we're autosign then sign it, write out the cert and return True, etc, etc
         # else write out the csr
-        
+
         if self.cfg.autosign:
             cert_fn = self.sign_this_csr(csrreq)
-            cert = certs.retrieve_cert_from_file(cert_fn)            
+            cert = certs.retrieve_cert_from_file(cert_fn)
             cert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
             cacert_buf = crypto.dump_certificate(crypto.FILETYPE_PEM, self.cacert)
             self.logger.info("cert for %s was autosigned" % (requesting_host))
             if with_triggers:
                 self._run_triggers(None,'/var/lib/certmaster/triggers/request/post/*')
             return True, cert_buf, cacert_buf
-        
+
         else:
             # write the csr out to a file to be dealt with by the admin
             destfo = open(csrfile, 'w')
@@ -189,7 +189,7 @@ class CertMaster(object):
         return False, '', ''
 
     def get_csrs_waiting(self):
-        hosts = [] 
+        hosts = []
         csrglob = '%s/*.csr' % self.cfg.csrroot
         csr_list = glob.glob(csrglob)
         for f in csr_list:
@@ -197,7 +197,7 @@ class CertMaster(object):
             hn = hn[:-4]
             hosts.append(hn)
         return hosts
-   
+
     def remove_this_cert(self, hn, with_triggers=True):
         """ removes cert for hostname using unlink """
         cm = self
@@ -217,32 +217,32 @@ class CertMaster(object):
             os.unlink(fn)
         if with_triggers:
             self._run_triggers(hn,'/var/lib/certmaster/triggers/remove/post/*')
-            
+
     def sign_this_csr(self, csr, with_triggers=True):
         """returns the path to the signed cert file"""
         csr_unlink_file = None
 
-        if type(csr) is type(''): 
+        if type(csr) is type(''):
             if csr.startswith('/') and os.path.exists(csr):  # we have a full path to the file
                 csrfo = open(csr)
                 csr_buf = csrfo.read()
                 csr_unlink_file = csr
-                
+
             elif os.path.exists('%s/%s' % (self.cfg.csrroot, csr)): # we have a partial path?
                 csrfo = open('%s/%s' % (self.cfg.csrroot, csr))
                 csr_buf = csrfo.read()
                 csr_unlink_file = '%s/%s' % (self.cfg.csrroot, csr)
-                
+
             # we have a string of some kind
             else:
                 csr_buf = csr
 
             try:
-                csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, csr_buf)                
+                csrreq = crypto.load_certificate_request(crypto.FILETYPE_PEM, csr_buf)
             except crypto.Error, e:
                 self.logger.info("Unable to sign %s: Bad CSR" % (csr))
                 raise exceptions.Exception("Bad CSR: %s" % csr)
-                
+
         else: # assume we got a bare csr req
             csrreq = csr
 
@@ -266,10 +266,10 @@ class CertMaster(object):
         if with_triggers:
             self._run_triggers(requesting_host,'/var/lib/certmaster/triggers/sign/post/*')
 
-        
+
         if csr_unlink_file and os.path.exists(csr_unlink_file):
             os.unlink(csr_unlink_file)
-            
+
         return certfile
 
     # return a list of already signed certs
@@ -311,12 +311,12 @@ class CertMaster(object):
         for hostglob in globs:
             certglob = "%s/%s.cert" % (self.cfg.certroot, hostglob)
             certfiles = certfiles + glob.glob(certglob)
-        
+
         cert_hashes = []
         for certfile in certfiles:
             cert = certs.retrieve_cert_from_file(certfile)
             cert_hashes.append("%s-%s" % (cert.get_subject().CN, cert.subject_name_hash()))
-            
+
         return cert_hashes
 
     def _run_triggers(self, ref, globber):
@@ -327,7 +327,7 @@ class CertmasterXMLRPCServer(SimpleXMLRPCServer.SimpleXMLRPCServer):
     def __init__(self, addr):
         self.allow_reuse_address = True
         SimpleXMLRPCServer.SimpleXMLRPCServer.__init__(self, addr)
-        
+
 
 def serve(xmlrpcinstance):
 
@@ -340,7 +340,7 @@ def serve(xmlrpcinstance):
     listen_addr = config.listen_addr
     listen_port = config.listen_port
     if listen_port == '':
-        listen_port = CERTMASTER_LISTEN_PORT 
+        listen_port = CERTMASTER_LISTEN_PORT
     server = CertmasterXMLRPCServer((listen_addr,listen_port))
     server.logRequests = 0 # don't print stuff to console
     server.register_instance(xmlrpcinstance)
@@ -357,15 +357,15 @@ def excepthook(exctype, value, tracebackobj):
     print excvalue_blurb
     print exctb_blurb
 
-    log = logger.Logger().logger 
+    log = logger.Logger().logger
     log.info(exctype_blurb)
     log.info(excvalue_blurb)
     log.info(exctb_blurb)
 
 
 def main(argv):
-   
-    sys.excepthook = excepthook  
+
+    sys.excepthook = excepthook
     cm = CertMaster('/etc/certmaster/certmaster.conf')
 
     if "--version" in sys.argv or "-v" in sys.argv:
@@ -380,7 +380,7 @@ def main(argv):
     # just let exceptions bubble up for now
     serve(cm)
 
- 
+
 if __name__ == "__main__":
     #textdomain(I18N_DOMAIN)
     main(sys.argv)
diff --git a/certmaster/certs.py b/certmaster/certs.py
index b59a972..d6f8b14 100644
--- a/certmaster/certs.py
+++ b/certmaster/certs.py
@@ -11,7 +11,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-# Copyright (c) 2007 Red Hat, inc 
+# Copyright (c) 2007 Red Hat, inc
 #- Written by Seth Vidal skvidal @ fedoraproject.org
 
 from OpenSSL import crypto
@@ -33,7 +33,7 @@ def make_keypair(dest=None):
         destfd = os.open(dest, os.O_RDWR|os.O_CREAT, 0600)
         os.write(destfd, (crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)))
         os.close(destfd)
-    
+
     return pkey
 
 
@@ -56,8 +56,8 @@ def make_csr(pkey, dest=None, cn=None, hostname=None, emailaddr=None):
     if emailaddr:
         subj.emailAddress = emailaddr
     else:
-        subj.emailAddress = 'root@%s' % subj.CN       
-        
+        subj.emailAddress = 'root@%s' % subj.CN
+
     req.set_pubkey(pkey)
     req.sign(pkey, 'md5')
     if dest:
@@ -74,7 +74,7 @@ def retrieve_key_from_file(keyfile):
     keypair = crypto.load_privatekey(crypto.FILETYPE_PEM, buf)
     return keypair
 
-    
+
 def retrieve_csr_from_file(csrfile):
     fo = open(csrfile, 'r')
     buf = fo.read()
@@ -108,8 +108,8 @@ def create_ca(CN="Certmaster Certificate Authority", ca_key_file=None, ca_cert_f
         destfo = open(ca_cert_file, 'w')
         destfo.write(crypto.dump_certificate(crypto.FILETYPE_PEM, cacert))
         destfo.close()
- 
-                                           
+
+
 def _get_serial_number(cadir):
     serial = '%s/serial.txt' % cadir
     i = 1
@@ -118,11 +118,11 @@ def _get_serial_number(cadir):
         f = f.replace('\n','')
         try:
             i = int(f)
-            i+=1      
+            i+=1
         except ValueError, e:
             i = 1
-            
-    _set_serial_number(cadir, i)        
+
+    _set_serial_number(cadir, i)
     return i
 
 
@@ -131,8 +131,8 @@ def _set_serial_number(cadir, last):
     f = open(serial, 'w')
     f.write(str(last) + '\n')
     f.close()
-            
-        
+
+
 def create_slave_certificate(csr, cakey, cacert, cadir, slave_cert_file=None):
     cert = crypto.X509()
     cert.set_serial_number(_get_serial_number(cadir))
@@ -143,7 +143,7 @@ def create_slave_certificate(csr, cakey, cacert, cadir, slave_cert_file=None):
     cert.set_pubkey(csr.get_pubkey())
     cert.set_version(2)
     xt = crypto.X509Extension('basicConstraints', False ,'CA:FALSE')
-    # FIXME - add subjectkeyidentifier and authoritykeyidentifier extensions, too)    
+    # FIXME - add subjectkeyidentifier and authoritykeyidentifier extensions, too)
     cert.add_extensions((xt,))
     cert.sign(cakey, 'sha1')
     if slave_cert_file:
diff --git a/certmaster/codes.py b/certmaster/codes.py
index ace800c..e8e1c71 100644
--- a/certmaster/codes.py
+++ b/certmaster/codes.py
@@ -25,4 +25,3 @@ class InvalidMethodException(CertMasterException):
     pass
 
 # FIXME: more sub-exceptions maybe
-
diff --git a/certmaster/config.py b/certmaster/config.py
index e859f4a..4cf2a7f 100644
--- a/certmaster/config.py
+++ b/certmaster/config.py
@@ -11,7 +11,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program; if not, write to the Free Software
 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-# Copyright 2002 Duke University 
+# Copyright 2002 Duke University
 # filched from yum  - menno smits wrote this - he rocks
 
 
@@ -32,13 +32,13 @@ class ConfigError(exceptions.Exception):
         self.value = value
     def __str__(self):
         return "%s" %(self.value,)
- 
-   
+
+
 class Option(object):
     '''
     This class handles a single Yum configuration file option. Create
     subclasses for each type of supported configuration option.
-    
+
     Python descriptor foo (__get__ and __set__) is used to make option
     definition easy and consise.
     '''
@@ -55,7 +55,7 @@ class Option(object):
         self._attrname = '__opt%d' % id(self)
 
     def __get__(self, obj, objtype):
-        '''Called when the option is read (via the descriptor protocol). 
+        '''Called when the option is read (via the descriptor protocol).
 
         @param obj: The configuration instance to modify.
         @param objtype: The type of the config instance (not used).
@@ -68,7 +68,7 @@ class Option(object):
         return getattr(obj, self._attrname, None)
 
     def __set__(self, obj, value):
-        '''Called when the option is set (via the descriptor protocol). 
+        '''Called when the option is set (via the descriptor protocol).
 
         @param obj: The configuration instance to modify.
         @param value: The value to set the option to.
@@ -85,8 +85,8 @@ class Option(object):
         setattr(obj, self._attrname, value)
 
     def setup(self, obj, name):
-        '''Initialise the option for a config instance. 
-        This must be called before the option can be set or retrieved. 
+        '''Initialise the option for a config instance.
+        This must be called before the option can be set or retrieved.
 
         @param obj: BaseConfig (or subclass) instance.
         @param name: Name of the option.
@@ -105,7 +105,7 @@ class Option(object):
 
         @param s: Raw string value to parse.
         @return: Validated native value.
-    
+
         Will raise ValueError if there was a problem parsing the string.
         Subclasses should override this.
         '''
@@ -164,7 +164,7 @@ class UrlOption(Option):
     This option handles lists of URLs with validation of the URL scheme.
     '''
 
-    def __init__(self, default=None, schemes=('http', 'ftp', 'file', 'https'), 
+    def __init__(self, default=None, schemes=('http', 'ftp', 'file', 'https'),
             allow_none=False):
         super(UrlOption, self).__init__(default)
         self.schemes = schemes
@@ -208,7 +208,7 @@ class UrlListOption(ListOption):
 
         # Hold a UrlOption instance to assist with parsing
         self._urloption = UrlOption(schemes=schemes)
-        
+
     def parse(self, s):
         out = []
         for url in super(UrlListOption, self).parse(s):
@@ -255,7 +255,7 @@ class SelectionOption(Option):
     def __init__(self, default=None, allowed=()):
         super(SelectionOption, self).__init__(default)
         self._allowed = allowed
-        
+
     def parse(self, s):
         if s not in self._allowed:
             raise ValueError('"%s" is not an allowed value' % s)
@@ -276,7 +276,7 @@ class BytesOption(Option):
         The input should be a string containing a (possibly floating point)
         number followed by an optional single character unit. Valid units are
         'k', 'M', 'G'. Case is ignored.
-       
+
         Valid inputs: 100, 123M, 45.6k, 12.4G, 100K, 786.3, 0
         Invalid inputs: -10, -0.1, 45.6L, 123Mb
 
@@ -298,7 +298,7 @@ class BytesOption(Option):
         else:
             n = s
             mult = 1
-             
+
         try:
             n = float(n)
         except ValueError:
@@ -313,7 +313,7 @@ class BytesOption(Option):
 class ThrottleOption(BytesOption):
 
     def parse(self, s):
-        """Get a throttle option. 
+        """Get a throttle option.
 
         Input may either be a percentage or a "friendly bandwidth value" as
         accepted by the BytesOption.
@@ -382,7 +382,7 @@ class BaseConfig(object):
                 # No matching option in this section, try inheriting
                 if parent and option.inherit:
                     value = getattr(parent, name)
-               
+
             if value is not None:
                 setattr(self, name, value)
 
@@ -397,7 +397,7 @@ class BaseConfig(object):
     optionobj = classmethod(optionobj)
 
     def isoption(cls, name):
-        '''Return True if the given name refers to a defined option 
+        '''Return True if the given name refers to a defined option
         '''
         try:
             cls.optionobj(name)
@@ -438,7 +438,7 @@ class BaseConfig(object):
                 raise ValueError("not populated, don't know section")
             section = self._section
 
-        # Updated the ConfigParser with the changed values    
+        # Updated the ConfigParser with the changed values
         cfgOptions = self.cfg.options(section)
         for name,value in self.iteritems():
             option = self.optionobj(name)
diff --git a/certmaster/logger.py b/certmaster/logger.py
index 3ff9d42..f5d79c6 100644
--- a/certmaster/logger.py
+++ b/certmaster/logger.py
@@ -33,12 +33,12 @@ class Logger(Singleton):
 
     def __init__(self, logfilepath ="/var/log/certmaster/certmaster.log"):
         config_file = '/etc/certmaster/minion.conf'
-        self.config = read_config(config_file, CMConfig)    
+        self.config = read_config(config_file, CMConfig)
         self.loglevel = logging._levelNames[self.config.log_level]
         self._setup_logging()
         if self._no_handlers:
             self._setup_handlers(logfilepath=logfilepath)
-        
+
     def _setup_logging(self):
         self.logger = logging.getLogger("certmaster")
 
diff --git a/certmaster/requester.py b/certmaster/requester.py
index 04f1f8a..1fd6826 100644
--- a/certmaster/requester.py
+++ b/certmaster/requester.py
@@ -16,7 +16,7 @@ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 import utils
 
 def request_cert(hostname=None):
-   # this should be enough, but do we want to allow parameters
-   # for overriding the server and port from the config file?
-   # maybe not. -- mpd
-   utils.create_minion_keys(hostname)
+    # this should be enough, but do we want to allow parameters
+    # for overriding the server and port from the config file?
+    # maybe not. -- mpd
+    utils.create_minion_keys(hostname)
diff --git a/certmaster/utils.py b/certmaster/utils.py
index 02c28e0..b135e7d 100644
--- a/certmaster/utils.py
+++ b/certmaster/utils.py
@@ -65,10 +65,10 @@ def daemonize(pidfile=None):
     os.close(2)
 
     # based on http://code.activestate.com/recipes/278731/
-    os.open(REDIRECT_TO, os.O_RDWR)	# standard input (0)
+    os.open(REDIRECT_TO, os.O_RDWR)     # standard input (0)
 
-    os.dup2(0, 1)			# standard output (1)
-    os.dup2(0, 2)			# standard error (2)
+    os.dup2(0, 1)                       # standard output (1)
+    os.dup2(0, 2)                       # standard error (2)
 
 
 
@@ -87,7 +87,7 @@ def nice_exception(etype, evalue, etb):
     except:
         nicetype = etype
     nicestack = string.join(traceback.format_list(traceback.extract_tb(etb)))
-    return [ REMOTE_ERROR, nicetype, str(evalue), nicestack ] 
+    return [ REMOTE_ERROR, nicetype, str(evalue), nicestack ]
 
 def is_error(result):
     # FIXME: I believe we can remove this function
@@ -104,10 +104,10 @@ def get_hostname(talk_to_certmaster=True):
     "localhost" is a lame hostname to use for a key, so try to get
     a more meaningful hostname. We do this by connecting to the certmaster
     and seeing what interface/ip it uses to make that connection, and looking
-    up the hostname for that. 
+    up the hostname for that.
     """
     # FIXME: this code ignores http proxies (which granted, we don't
-    #      support elsewhere either. 
+    #      support elsewhere either.
     hostname = None
     hostname = socket.gethostname()
     # print "DEBUG: HOSTNAME TRY1: %s" % hostname
@@ -166,7 +166,7 @@ def create_minion_keys(hostname=None):
         raise codes.CMException, "Could not create local keypair or csr for session"
 
     result = False
-   
+
     while not result:
         try:
             # print "DEBUG: submitting CSR to certmaster: %s" % master_uri
@@ -244,4 +244,3 @@ def submit_csr_to_master(csr_file, master_uri):
 
     # print "DEBUG: waiting for cert"
     return s.wait_for_cert(csr)
-              


_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list

[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux