def __init__(self, x509=None, path=None, version=None, serial=None, start=None,
end=None, subject=None, pem=None):
# The X509 M2crypto object for this certificate.
# WARNING: May be None in tests
self.x509 = x509
# Full file path to the certificate on disk. May be None if the cert
# hasn't yet been written to disk.
self.path = path
# Version of the certificate sent by Candlepin:
self.version = version
if serial is None:
raise CertificateException("Certificate has no serial")
self.serial = serial
# Certificate start/end datetimes:
self.start = start
self.end = end
self.valid_range = DateRange(self.start, self.end)
self.pem = pem
self.subject = subject
def __init__(self, x509=None, path=None, version=None, serial=None,
start=None, end=None, subject=None):
# The X509 M2crypto object for this certificate.
# WARNING: May be None in tests
self.x509 = x509
# Full file path to the certificate on disk. May be None if the cert
# hasn't yet been written to disk.
self.path = path
# Version of the certificate sent by Candlepin:
self.version = version
if serial is None:
raise CertificateException("Certificate has no serial")
self.serial = serial
# Certificate start/end datetimes:
self.start = start
self.end = end
self.valid_range = DateRange(self.start, self.end)
self.subject = subject
def test_filter_no_overlap_with_future_entitlement(self):
product1 = "Test Product 1"
provided1 = "Provided By Test Product 1"
cert_start = datetime.now() + timedelta(days=365)
cert_end = cert_start + timedelta(days=365)
cert1 = StubProductCertificate(StubProduct(provided1),
start_date=cert_start,
end_date=cert_end)
ent_dir = StubCertificateDirectory([cert1])
pool_filter = PoolFilter(product_dir=StubCertificateDirectory([]),
entitlement_dir=ent_dir)
begin_date = datetime.now() - timedelta(days=100)
end_date = datetime.now() + timedelta(days=100)
pools = [
create_pool(product1,
product1,
provided_products=[provided1],
start_end_range=DateRange(begin_date, end_date)),
]
result = pool_filter.filter_out_overlapping(pools)
self.assertEquals(1, len(result))
result = pool_filter.filter_out_non_overlapping(pools)
self.assertEquals(0, len(result))
def calculate(self, product_hash):
"""
Calculate the valid date range for the specified product based on
today's date.
Partially entitled products are considered when determining the
valid range.
NOTE:
The returned date range will be in GMT, so keep this in mind when
presenting these dates to the user.
"""
# If we're not registered, don't return a valid range:
if not self.identity.is_valid():
return None
if self.prod_status is None:
return None
for prod in self.prod_status:
if product_hash != prod['productId']:
continue
# Found the product ID requested:
if 'startDate' in prod and 'endDate' in prod:
# Unentitled product:
if prod['startDate'] is None or prod['endDate'] is None:
return None
return DateRange(parse_date(prod['startDate']),
parse_date(prod['endDate']))
else:
# If startDate / endDate not supported
log.warn("Server does not support product date ranges.")
return None
# At this point, we haven't found the installed product that was
# asked for, which could indicate the server somehow doesn't know
# about it yet. This is extremely weird and should be unlikely,
# but we will log and handle gracefully:
log.error("Requested status for installed product server does not "
"know about: %s" % product_hash)
return None
def __init__(self,
product,
provided_products=None,
start_date=None,
end_date=None,
order_end_date=None,
content=None,
quantity=1,
stacking_id=None,
sockets=2,
service_level=None):
StubProductCertificate.__init__(self, product, provided_products)
self.start_date = start_date
self.end_date = end_date
if not start_date:
self.start_date = datetime.now()
if not end_date:
self.end_date = self.start_date + timedelta(days=365)
self.order_end_date = order_end_date
if not order_end_date:
self.order_end_date = self.end_date
fmt = "%Y-%m-%dT%H:%M:%SZ"
# to simulate a cert with no product
sku = None
if product:
sku = product.hash
self.order = StubOrder(self.start_date.strftime(fmt),
self.order_end_date.strftime(fmt),
quantity=quantity,
stacking_id=stacking_id,
socket_limit=sockets,
sku=sku,
service_level=service_level)
self.valid_range = DateRange(self.start_date, self.end_date)
self.content = []
if content:
self.content = content
self.path = "/tmp/fake_ent_cert.pem"
def test_filter_no_overlap(self):
product1 = "Test Product 1"
provided1 = "Provided By Test Product 1"
pd = StubCertificateDirectory([])
pool_filter = PoolFilter(product_dir=pd,
entitlement_dir=StubCertificateDirectory([]))
begin_date = datetime.now() - timedelta(days=10)
end_date = datetime.now() + timedelta(days=365)
pools = [
create_pool(product1,
product1,
provided_products=[provided1],
start_end_range=DateRange(begin_date, end_date)),
]
result = pool_filter.filter_out_overlapping(pools)
self.assertEquals(1, len(result))
result = pool_filter.filter_out_non_overlapping(pools)
self.assertEquals(0, len(result))
class Certificate(object):
""" Parent class of all x509 certificate types. """
def __init__(self, x509=None, path=None, version=None, serial=None,
start=None, end=None, subject=None):
# The X509 M2crypto object for this certificate.
# WARNING: May be None in tests
self.x509 = x509
# Full file path to the certificate on disk. May be None if the cert
# hasn't yet been written to disk.
self.path = path
# Version of the certificate sent by Candlepin:
self.version = version
if serial is None:
raise CertificateException("Certificate has no serial")
self.serial = serial
# Certificate start/end datetimes:
self.start = start
self.end = end
self.valid_range = DateRange(self.start, self.end)
self.subject = subject
def is_valid(self, on_date=None):
gmt = datetime.utcnow()
if on_date:
gmt = on_date
gmt = gmt.replace(tzinfo=GMT())
return self.valid_range.has_date(gmt)
def is_expired(self, on_date=None):
gmt = datetime.utcnow()
if on_date:
gmt = on_date
gmt = gmt.replace(tzinfo=GMT())
return self.valid_range.end() < gmt
def __cmp__(self, other):
if self.end < other.end:
return -1
if self.end > other.end:
return 1
return 0
def write(self, path):
"""
Write the certificate to disk.
"""
f = open(path, 'w')
f.write(self.x509.as_pem())
f.close()
self.path = path
def delete(self):
"""
Delete the file associated with this certificate.
"""
if self.path:
os.unlink(self.path)
else:
raise CertificateException('Certificate has no path, cannot delete.')
def validRange(self):
return DateRange(self.start_date, self.order_end_date)
class Certificate(object):
""" Parent class of all x509 certificate types. """
def __init__(self,
x509=None,
path=None,
version=None,
serial=None,
start=None,
end=None,
subject=None,
pem=None,
issuer=None):
# The rhsm._certificate X509 object for this certificate.
# WARNING: May be None in tests
self.x509 = x509
# Full file path to the certificate on disk. May be None if the cert
# hasn't yet been written to disk.
self.path = path
# Version of the certificate sent by Candlepin:
self.version = version
if serial is None:
raise CertificateException("Certificate has no serial")
self.serial = serial
# Certificate start/end datetimes:
self.start = start
self.end = end
self.valid_range = DateRange(self.start, self.end)
self.pem = pem
self.subject = subject
self.issuer = issuer
def is_valid(self, on_date=None):
gmt = datetime.utcnow()
if on_date:
gmt = on_date
gmt = gmt.replace(tzinfo=GMT())
return self.valid_range.has_date(gmt)
def is_expired(self, on_date=None):
gmt = datetime.utcnow()
if on_date:
gmt = on_date
gmt = gmt.replace(tzinfo=GMT())
return self.valid_range.end() < gmt
def __lt__(self, other):
return self.end < other.end
def __le__(self, other):
return self.end < other.end
def __gt__(self, other):
return self.end > other.end
def __ge__(self, other):
return self.end > other.end
def __eq__(self, other):
return self.serial == other.serial
def __ne__(self, other):
return self.serial != other.serial
def __hash__(self):
return self.serial
def write(self, path):
"""
Write the certificate to disk.
"""
f = open(path, 'w')
# if we were given the original pem, preserve it
# ie for certv3 detached format.
if self.pem is not None:
f.write(self.pem)
else:
f.write(self.x509.as_pem())
f.close()
self.path = path
def delete(self):
"""
Delete the file associated with this certificate.
"""
if self.path:
os.unlink(self.path)
else:
raise CertificateException(
'Certificate has no path, cannot delete.')
def calculate(self, product_hash):
"""
Calculate the valid date range for the specified product based on
today's date.
Partially entitled products are considered when determining the
valid range.
NOTE:
The returned date range will be in GMT, so keep this in mind when
presenting these dates to the user.
"""
# Only calculate a range if the status of the product is SUBSCRIBED.
if not cert_sorter.SUBSCRIBED == self.sorter.get_status(product_hash):
return None
all_entitlements = self.sorter.get_entitlements_for_product(
product_hash)
# Determine which entitlements will potentially create a span
# across today's date. Stacking is not considered here.
possible_ents = self._get_entitlements_spanning_now(all_entitlements)
# Since at this point we know that we are valid, we should always
# get possible ents. Check here just to be sure.
if not possible_ents:
return None
# Now that we have all entitlements that could potentially be
# our valid span, figure out the start/end dates considering
# stacking and overlapped entitlements. Entitlements are sorted
# by start date so that we can process each from left to right
# (relative to time). For example, while iterating the entitlements
# we can assume that the start_date is next in line considering the
# last processed.
start_date = None
end_date = None
last_processed_ent = None
for i, ent in enumerate(self._sort_past_to_future(possible_ents)):
is_last = i == len(possible_ents) - 1
ent_range = ent.validRange()
ent_start = ent_range.begin()
ent_end = ent_range.end()
ent_valid_on_start = self._entitlement_valid_on_date(
ent, possible_ents, ent_start)
ent_valid_on_end = self._entitlement_valid_on_date(
ent, possible_ents, ent_end)
# Determine if after the last processed entitlement's end date,
# the product is still valid. If we are not valid after the last,
# and there are other entitlements to process, this can not be
# the start date since there is a gap in validity from the last
# processed entitlement's end date to the start of another entitlement.
valid_after_last = True
if last_processed_ent and not is_last:
last_processed_end = last_processed_ent.validRange().end()
valid_after_last = self._entitlement_valid_on_date(
last_processed_ent, possible_ents,
last_processed_end + timedelta(seconds=1))
if not valid_after_last:
start_date = None
if ent_valid_on_start and valid_after_last:
if not start_date or start_date > ent_start:
start_date = ent_start
if ent_valid_on_end:
if not end_date or end_date < ent_end:
end_date = ent_end
last_processed_ent = ent
# If we couldn't determine a start/end date, report
# that there is no valid range for the product.
if not start_date or not end_date:
return None
return DateRange(start_date, end_date)
class Certificate(object):
""" Parent class of all x509 certificate types. """
def __init__(self, x509=None, path=None, version=None, serial=None, start=None,
end=None, subject=None, pem=None, issuer=None):
# The rhsm._certificate X509 object for this certificate.
# WARNING: May be None in tests
self.x509 = x509
# Full file path to the certificate on disk. May be None if the cert
# hasn't yet been written to disk.
self.path = path
# Version of the certificate sent by Candlepin:
self.version = version
if serial is None:
raise CertificateException("Certificate has no serial")
self.serial = serial
# Certificate start/end datetimes:
self.start = start
self.end = end
self.valid_range = DateRange(self.start, self.end)
self.pem = pem
self.subject = subject
self.issuer = issuer
def is_valid(self, on_date=None):
gmt = datetime.utcnow()
if on_date:
gmt = on_date
gmt = gmt.replace(tzinfo=GMT())
return self.valid_range.has_date(gmt)
def is_expired(self, on_date=None):
gmt = datetime.utcnow()
if on_date:
gmt = on_date
gmt = gmt.replace(tzinfo=GMT())
return self.valid_range.end() < gmt
def __lt__(self, other):
return self.end < other.end
def __le__(self, other):
return self.end < other.end
def __gt__(self, other):
return self.end > other.end
def __ge__(self, other):
return self.end > other.end
def __eq__(self, other):
return self.serial == other.serial
def __ne__(self, other):
return self.serial != other.serial
def __hash__(self):
return self.serial
def write(self, path):
"""
Write the certificate to disk.
"""
f = open(path, 'w')
# if we were given the original pem, preserve it
# ie for certv3 detached format.
if self.pem is not None:
f.write(self.pem)
else:
f.write(self.x509.as_pem())
f.close()
self.path = path
def delete(self):
"""
Delete the file associated with this certificate.
"""
if self.path:
os.unlink(self.path)
else:
raise CertificateException('Certificate has no path, cannot delete.')
