openstack
/
nova
Code Issues Proposed changes

Stop fetch_ca from throwing IOError exceptions 

Fixes bug #883300

Fixes problem where fetch_ca could throw an IOError exception rather
than a Nova specific exception.
Adds FileError exception.
Fixes other functions in crypto.py that had very similar problems.

Change-Id: Ic2e43c35ad58c67d33156c53d2a41910dfdf8678
This commit is contained in:
Chris Yeoh 2012-08-25 15:51:37 +09:30
parent 511807ed24
commit 0d2523f029
3 changed files with 41 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
nova/crypto.py
View File

@ -96,7 +96,10 @@ def crl_path(project_id=None):
def fetch_ca(project_id=None): def fetch_ca(project_id=None):
if not FLAGS.use_project_ca: if not FLAGS.use_project_ca:
project_id = None project_id = None
with open(ca_path(project_id), 'r') as cafile: ca_file_path = ca_path(project_id)
if not os.path.exists(ca_file_path):
raise exception.CryptoCAFileNotFound(project_id=project_id)
with open(ca_file_path, 'r') as cafile:
return cafile.read() return cafile.read()
@ -140,8 +143,13 @@ def generate_key_pair(bits=1024):
utils.execute('ssh-keygen', '-q', '-b', bits, '-N', '', utils.execute('ssh-keygen', '-q', '-b', bits, '-N', '',
'-t', 'rsa', '-f', keyfile) '-t', 'rsa', '-f', keyfile)
fingerprint = _generate_fingerprint('%s.pub' % (keyfile)) fingerprint = _generate_fingerprint('%s.pub' % (keyfile))
if not os.path.exists(keyfile):
raise exception.FileNotFound(keyfile)
private_key = open(keyfile).read() private_key = open(keyfile).read()
public_key = open(keyfile + '.pub').read() public_key_path = keyfile + '.pub'
if not os.path.exists(public_key_path):
raise exception.FileNotFound(public_key_path)
public_key = open(public_key_path).read()
return (private_key, public_key, fingerprint) return (private_key, public_key, fingerprint)
@ -150,7 +158,10 @@ def fetch_crl(project_id):
"""Get crl file for project.""" """Get crl file for project."""
if not FLAGS.use_project_ca: if not FLAGS.use_project_ca:
project_id = None project_id = None
with open(crl_path(project_id), 'r') as crlfile: crl_file_path = crl_path(project_id)
if not os.path.exists(crl_file_path):
raise exception.CryptoCRLFileNotFound(project_id)
with open(crl_file_path, 'r') as crlfile:
return crlfile.read() return crlfile.read()

8
nova/exception.py
View File

@ -1100,6 +1100,14 @@ class UnexpectedTaskStateError(NovaException):
"the actual state is %(actual)s") "the actual state is %(actual)s")
class CryptoCAFileNotFound(FileNotFound):
message = _("The CA file for %(project)s could not be found")
class CryptoCRLFileNotFound(FileNotFound):
message = _("The CRL file for %(project)s could not be found")
def get_context_from_function_and_args(function, args, kwargs): def get_context_from_function_and_args(function, args, kwargs):
"""Find an arg of type RequestContext and return it. """Find an arg of type RequestContext and return it.

19
nova/tests/test_crypto.py
View File

@ -22,6 +22,7 @@ import mox
from nova import crypto from nova import crypto
from nova import db from nova import db
from nova import exception
from nova import flags from nova import flags
from nova import test from nova import test
from nova import utils from nova import utils
@ -133,3 +134,21 @@ class RevokeCertsTest(test.TestCase):
self.mox.ReplayAll() self.mox.ReplayAll()
crypto.revoke_certs_by_project(project_id) crypto.revoke_certs_by_project(project_id)
class CertExceptionTests(test.TestCase):
def test_fetch_ca_file_not_found(self):
with utils.tempdir() as tmpdir:
self.flags(ca_path=tmpdir)
self.flags(use_project_ca=True)
self.assertRaises(exception.CryptoCAFileNotFound, crypto.fetch_ca,
project_id='fake')
def test_fetch_crl_file_not_found(self):
with utils.tempdir() as tmpdir:
self.flags(ca_path=tmpdir)
self.flags(use_project_ca=True)
self.assertRaises(exception.CryptoCRLFileNotFound,
crypto.fetch_crl, project_id='fake')