def store_cert(self, domain, transport_cert): """Store a new cert or override existing cert :param domain: IPA domain :param transport_cert: cryptography.x509.Certificate :return: True if cert was stored successfully """ filename = self._get_filename(domain) pem = transport_cert.public_bytes(serialization.Encoding.PEM) try: try: os.makedirs(self._dirname) except EnvironmentError as e: if e.errno != errno.EEXIST: raise with tempfile.NamedTemporaryFile(dir=self._dirname, delete=False, mode='wb') as f: try: f.write(pem) ipautil.flush_sync(f) f.close() os.rename(f.name, filename) except Exception: os.unlink(f.name) raise except Exception: logger.warning("Failed to save %s", filename, exc_info=True) return False else: return True
def store(self, domain, response): """Store config in cache :param domain: IPA domain :param config: ipa vaultconfig-show response :return: True if config was stored successfully """ config = response['result'].copy() # store certificate as PEM-encoded ASCII config['transport_cert'] = ssl.DER_cert_to_PEM_cert( config['transport_cert']) filename = self._get_filename(domain) try: try: os.makedirs(self._dirname) except EnvironmentError as e: if e.errno != errno.EEXIST: raise with tempfile.NamedTemporaryFile(dir=self._dirname, delete=False, mode='w') as f: try: json.dump(config, f) ipautil.flush_sync(f) f.close() os.rename(f.name, filename) except Exception: os.unlink(f.name) raise except Exception: logger.warning("Failed to save %s", filename, exc_info=True) return False else: return True
def __config_file(self): template_file = os.path.basename(self.config_file) + '.template' template = os.path.join(paths.USR_SHARE_IPA_DIR, template_file) sub_dict = dict(IPA_CUSTODIA_CONF_DIR=paths.IPA_CUSTODIA_CONF_DIR, IPA_CUSTODIA_KEYS=paths.IPA_CUSTODIA_KEYS, IPA_CUSTODIA_SOCKET=paths.IPA_CUSTODIA_SOCKET, IPA_CUSTODIA_AUDIT_LOG=paths.IPA_CUSTODIA_AUDIT_LOG, LDAP_URI=ipaldap.realm_to_ldapi_uri(self.realm), UID=constants.HTTPD_USER.uid, GID=constants.HTTPD_USER.pgid) conf = ipautil.template_file(template, sub_dict) with open(self.config_file, "w") as f: f.write(conf) ipautil.flush_sync(f)
def __config_file(self): template_file = os.path.basename(self.config_file) + '.template' template = os.path.join(paths.USR_SHARE_IPA_DIR, template_file) httpd_info = pwd.getpwnam(constants.HTTPD_USER) sub_dict = dict( IPA_CUSTODIA_CONF_DIR=paths.IPA_CUSTODIA_CONF_DIR, IPA_CUSTODIA_KEYS=paths.IPA_CUSTODIA_KEYS, IPA_CUSTODIA_SOCKET=paths.IPA_CUSTODIA_SOCKET, IPA_CUSTODIA_AUDIT_LOG=paths.IPA_CUSTODIA_AUDIT_LOG, LDAP_URI=installutils.realm_to_ldapi_uri(self.realm), UID=httpd_info.pw_uid, GID=httpd_info.pw_gid ) conf = ipautil.template_file(template, sub_dict) with open(self.config_file, "w") as f: f.write(conf) ipautil.flush_sync(f)
def _write_schema(self, fingerprint): try: os.makedirs(self._DIR) except EnvironmentError as e: if e.errno != errno.EEXIST: raise with tempfile.NamedTemporaryFile('wb', prefix=fingerprint, dir=self._DIR, delete=False) as f: try: self._write_schema_data(f) ipautil.flush_sync(f) f.close() except Exception: os.unlink(f.name) raise else: os.rename(f.name, os.path.join(self._DIR, fingerprint))
def test_flush_sync(): with tempfile.NamedTemporaryFile('wb+') as f: f.write(b'data') ipautil.flush_sync(f)