Catch ProcessExecutionError in revoke_cert
Catch processExecutionError if revoking the certificate fails. This change has been abandoned by Chuck Short, so I am continuing where he left off (mattoliverau). Continues abandoned change: 17741 Change-Id: I9714ea8cece87256ff5f9a936286c1da3d628af9 Closes-Bug: #883320 Co-Authored-By: chuck.short@canonical.com
This commit is contained in:
parent
7bde55ae12
commit
32b0adb591
|
@ -274,13 +274,18 @@ def ssh_encrypt_text(ssh_public_key, text):
|
|||
def revoke_cert(project_id, file_name):
|
||||
"""Revoke a cert by file name."""
|
||||
start = os.getcwd()
|
||||
os.chdir(ca_folder(project_id))
|
||||
# NOTE(vish): potential race condition here
|
||||
utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke',
|
||||
file_name)
|
||||
utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf',
|
||||
'-out', CONF.crl_file)
|
||||
os.chdir(start)
|
||||
if not os.chdir(ca_folder(project_id)):
|
||||
raise exception.ProjectNotFound(project_id=project_id)
|
||||
try:
|
||||
# NOTE(vish): potential race condition here
|
||||
utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke',
|
||||
file_name)
|
||||
utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf',
|
||||
'-out', CONF.crl_file)
|
||||
except processutils.ProcessExecutionError:
|
||||
raise exception.RevokeCertFailure(project_id=project_id)
|
||||
finally:
|
||||
os.chdir(start)
|
||||
|
||||
|
||||
def revoke_certs_by_user(user_id):
|
||||
|
|
|
@ -147,6 +147,10 @@ class DecryptionFailure(NovaException):
|
|||
msg_fmt = _("Failed to decrypt text: %(reason)s")
|
||||
|
||||
|
||||
class RevokeCertFailure(NovaException):
|
||||
msg_fmt = _("Failed to revoke certificate for %(project_id)s")
|
||||
|
||||
|
||||
class VirtualInterfaceCreateException(NovaException):
|
||||
msg_fmt = _("Virtual Interface creation failed")
|
||||
|
||||
|
|
|
@ -18,6 +18,7 @@ Tests for Crypto module.
|
|||
|
||||
import os
|
||||
|
||||
import mock
|
||||
import mox
|
||||
|
||||
from nova import crypto
|
||||
|
@ -133,6 +134,18 @@ class RevokeCertsTest(test.TestCase):
|
|||
|
||||
crypto.revoke_certs_by_project(project_id)
|
||||
|
||||
@mock.patch.object(utils, 'execute',
|
||||
side_effect=processutils.ProcessExecutionError)
|
||||
@mock.patch.object(os, 'chdir', return_value=True)
|
||||
def test_revoke_cert_process_execution_error(self, *args, **kargs):
|
||||
self.assertRaises(exception.RevokeCertFailure, crypto.revoke_cert,
|
||||
2, 'test_file')
|
||||
|
||||
@mock.patch.object(os, 'chdir', return_value=False)
|
||||
def test_revoke_cert_project_not_found_chdir_fails(self, *args, **kargs):
|
||||
self.assertRaises(exception.ProjectNotFound, crypto.revoke_cert,
|
||||
2, 'test_file')
|
||||
|
||||
|
||||
class CertExceptionTests(test.TestCase):
|
||||
def test_fetch_ca_file_not_found(self):
|
||||
|
|
Loading…
Reference in New Issue