openstack/python-keystoneclient
Code Issues Proposed changes

Merge "Default signing_dir to secure temp dir (bug 1181157)"

Browse Source
This commit is contained in:
Jenkins
2013-05-22 23:40:34 +00:00
committed by Gerrit Code Review
parent 34f93f3abc 03012e641d
commit 17db3b2d17
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
keystoneclient/middleware/auth_token.py
View File

@@ -150,6 +150,7 @@ import json
import logging import logging
import os import os
import stat import stat
import tempfile
import time import time
import urllib import urllib
import webob.exc import webob.exc
@@ -211,8 +212,7 @@ opts = [
cfg.StrOpt('cache', default=None), # env key for the swift cache cfg.StrOpt('cache', default=None), # env key for the swift cache
cfg.StrOpt('certfile'), cfg.StrOpt('certfile'),
cfg.StrOpt('keyfile'), cfg.StrOpt('keyfile'),
cfg.StrOpt('signing_dir', cfg.StrOpt('signing_dir'),
default=os.path.expanduser('~/keystone-signing')),
cfg.ListOpt('memcache_servers'), cfg.ListOpt('memcache_servers'),
cfg.IntOpt('token_cache_time', default=300), cfg.IntOpt('token_cache_time', default=300),
cfg.IntOpt('revocation_cache_time', default=1), cfg.IntOpt('revocation_cache_time', default=1),
@@ -294,6 +294,8 @@ class AuthProtocol(object):
# signing # signing
self.signing_dirname = self._conf_get('signing_dir') self.signing_dirname = self._conf_get('signing_dir')
if self.signing_dirname is None:
self.signing_dirname = tempfile.mkdtemp(prefix='keystone-signing-')
self.LOG.info('Using %s as cache directory for signing certificate' % self.LOG.info('Using %s as cache directory for signing certificate' %
self.signing_dirname) self.signing_dirname)
if os.path.exists(self.signing_dirname): if os.path.exists(self.signing_dirname):