Stop fetch_ca from throwing IOError exceptions
Fixes bug #883300 Fixes problem where fetch_ca could throw an IOError exception rather than a Nova specific exception. Adds FileError exception. Fixes other functions in crypto.py that had very similar problems. Change-Id: Ic2e43c35ad58c67d33156c53d2a41910dfdf8678
This commit is contained in:
parent
511807ed24
commit
0d2523f029
@ -96,7 +96,10 @@ def crl_path(project_id=None):
|
||||
def fetch_ca(project_id=None):
|
||||
if not FLAGS.use_project_ca:
|
||||
project_id = None
|
||||
with open(ca_path(project_id), 'r') as cafile:
|
||||
ca_file_path = ca_path(project_id)
|
||||
if not os.path.exists(ca_file_path):
|
||||
raise exception.CryptoCAFileNotFound(project_id=project_id)
|
||||
with open(ca_file_path, 'r') as cafile:
|
||||
return cafile.read()
|
||||
|
||||
|
||||
@ -140,8 +143,13 @@ def generate_key_pair(bits=1024):
|
||||
utils.execute('ssh-keygen', '-q', '-b', bits, '-N', '',
|
||||
'-t', 'rsa', '-f', keyfile)
|
||||
fingerprint = _generate_fingerprint('%s.pub' % (keyfile))
|
||||
if not os.path.exists(keyfile):
|
||||
raise exception.FileNotFound(keyfile)
|
||||
private_key = open(keyfile).read()
|
||||
public_key = open(keyfile + '.pub').read()
|
||||
public_key_path = keyfile + '.pub'
|
||||
if not os.path.exists(public_key_path):
|
||||
raise exception.FileNotFound(public_key_path)
|
||||
public_key = open(public_key_path).read()
|
||||
|
||||
return (private_key, public_key, fingerprint)
|
||||
|
||||
@ -150,7 +158,10 @@ def fetch_crl(project_id):
|
||||
"""Get crl file for project."""
|
||||
if not FLAGS.use_project_ca:
|
||||
project_id = None
|
||||
with open(crl_path(project_id), 'r') as crlfile:
|
||||
crl_file_path = crl_path(project_id)
|
||||
if not os.path.exists(crl_file_path):
|
||||
raise exception.CryptoCRLFileNotFound(project_id)
|
||||
with open(crl_file_path, 'r') as crlfile:
|
||||
return crlfile.read()
|
||||
|
||||
|
||||
|
@ -1100,6 +1100,14 @@ class UnexpectedTaskStateError(NovaException):
|
||||
"the actual state is %(actual)s")
|
||||
|
||||
|
||||
class CryptoCAFileNotFound(FileNotFound):
|
||||
message = _("The CA file for %(project)s could not be found")
|
||||
|
||||
|
||||
class CryptoCRLFileNotFound(FileNotFound):
|
||||
message = _("The CRL file for %(project)s could not be found")
|
||||
|
||||
|
||||
def get_context_from_function_and_args(function, args, kwargs):
|
||||
"""Find an arg of type RequestContext and return it.
|
||||
|
||||
|
@ -22,6 +22,7 @@ import mox
|
||||
|
||||
from nova import crypto
|
||||
from nova import db
|
||||
from nova import exception
|
||||
from nova import flags
|
||||
from nova import test
|
||||
from nova import utils
|
||||
@ -133,3 +134,21 @@ class RevokeCertsTest(test.TestCase):
|
||||
self.mox.ReplayAll()
|
||||
|
||||
crypto.revoke_certs_by_project(project_id)
|
||||
|
||||
|
||||
class CertExceptionTests(test.TestCase):
|
||||
def test_fetch_ca_file_not_found(self):
|
||||
with utils.tempdir() as tmpdir:
|
||||
self.flags(ca_path=tmpdir)
|
||||
self.flags(use_project_ca=True)
|
||||
|
||||
self.assertRaises(exception.CryptoCAFileNotFound, crypto.fetch_ca,
|
||||
project_id='fake')
|
||||
|
||||
def test_fetch_crl_file_not_found(self):
|
||||
with utils.tempdir() as tmpdir:
|
||||
self.flags(ca_path=tmpdir)
|
||||
self.flags(use_project_ca=True)
|
||||
|
||||
self.assertRaises(exception.CryptoCRLFileNotFound,
|
||||
crypto.fetch_crl, project_id='fake')
|
||||
|
Loading…
Reference in New Issue
Block a user